diff --git a/class/Users.php b/class/Users.php index 0a7ede0..9f465cb 100644 --- a/class/Users.php +++ b/class/Users.php @@ -83,18 +83,21 @@ class Users{ $stmt = $this->conn->prepare(" UPDATE ".$this->itemsTable." - SET name= ?, description = ?, price = ?, category_id = ?, created = ? + SET firstname= ?, lastname = ?, email = ?, password = ?, country = ?, birthdate = ?, permission = ? WHERE id = ?"); $this->id = htmlspecialchars(strip_tags($this->id)); - $this->name = htmlspecialchars(strip_tags($this->name)); - $this->description = htmlspecialchars(strip_tags($this->description)); - $this->price = htmlspecialchars(strip_tags($this->price)); - $this->category_id = htmlspecialchars(strip_tags($this->category_id)); - $this->created = htmlspecialchars(strip_tags($this->created)); - - $stmt->bind_param("ssiisi", $this->name, $this->description, $this->price, $this->category_id, $this->created, $this->id); - + $this->firstname = htmlspecialchars(strip_tags($this->firstname)); + $this->lastname = htmlspecialchars(strip_tags($this->lastname)); + $this->email = htmlspecialchars(strip_tags($this->email)); + $this->password = htmlspecialchars(strip_tags($this->password)); + $this->country = htmlspecialchars(strip_tags($this->country)); + $this->birthdate = htmlspecialchars(strip_tags($this->birthdate)); + $this->permission = htmlspecialchars(strip_tags($this->permission)); + + + $stmt->bind_param("ssssssss", $this->firstname, $this->lastname, $this->email, $this->password, $this->country, $this->birthdate, $this->permission, $this->id); + if($stmt->execute()){ return true; } diff --git a/docs/update-example.txt b/docs/update-example.txt new file mode 100644 index 0000000..48a4336 --- /dev/null +++ b/docs/update-example.txt @@ -0,0 +1,10 @@ +{ +"id": "hackergirl", +"firstname": "Emily", +"lastname":"Asgardius", +"email":"hackergirl@asgardius.company", +"password": "test", +"country":"asteroid", +"birthdate": "1994-02-19", +"permission": "admin" +} \ No newline at end of file diff --git a/items/update.php b/items/update.php index c894d55..2145f3c 100644 --- a/items/update.php +++ b/items/update.php @@ -6,25 +6,29 @@ header("Access-Control-Max-Age: 3600"); header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With"); include_once '../config/Database.php'; -include_once '../class/Items.php'; +include_once '../class/Users.php'; $database = new Database(); -$db = $database->getConnection(); +$db = $database->getConnection(); -$items = new Items($db); +$items = new Users($db); $data = json_decode(file_get_contents("php://input")); -if(!empty($data->id) && !empty($data->name) && -!empty($data->description) && !empty($data->price) && -!empty($data->category_id)){ - - $items->id = $data->id; - $items->name = $data->name; - $items->description = $data->description; - $items->price = $data->price; - $items->category_id = $data->category_id; - $items->created = date('Y-m-d H:i:s'); +if(!empty($data->id) && !empty($data->firstname) && +!empty($data->lastname) && !empty($data->email) && +!empty($data->password) && !empty($data->country) && +!empty($data->birthdate) && +!empty($data->permission)){ + + $items->id = $data->id; + $items->firstname = $data->firstname; + $items->lastname = $data->lastname; + $items->email = $data->email; + $items->password = $data->password; + $items->country = $data->country; + $items->birthdate = $data->birthdate; + $items->permission = $data->permission; if($items->update()){