|
12 | 12 | if (empty($id)) { |
13 | 13 | $jsonArray['error'] = true; |
14 | 14 | $jsonArray['errorMessage'] = "Invalid or null value!"; |
15 | | - $_code = 403; |
| 15 | + $_code = 406; |
16 | 16 | } else if (!is_numeric($id)) { |
17 | 17 | $jsonArray['error'] = true; |
18 | 18 | $jsonArray['errorMessage'] = "The request must be 'numeric'"; |
19 | | - $_code = 403; |
| 19 | + $_code = 406; |
20 | 20 | } else { |
21 | 21 | $control = $db->prepare("SELECT * FROM users WHERE id = :id"); |
22 | 22 | $control->bindParam(":id", $id, PDO::PARAM_INT); |
|
31 | 31 | } else { |
32 | 32 | $jsonArray['error'] = true; |
33 | 33 | $jsonArray['errorMessage'] = "No value found for your request!"; |
34 | | - $_code = 403; |
| 34 | + $_code = 404; |
35 | 35 | } |
36 | 36 |
|
37 | 37 |
|
|
45 | 45 | $_code = 200; |
46 | 46 | } |
47 | 47 | } else if ($request_method === "POST") { //POST Method |
| 48 | + $userName = Security($_POST['username']); |
48 | 49 | $firstName = Security($_POST['first_name']); |
49 | 50 | $lastName = Security($_POST['last_name']); |
50 | | - $age = Security($_POST['age']); |
51 | | - $city = Security($_POST['city']); |
52 | | - $ip = Security($_POST['ip']); |
53 | | - if (empty($firstName) || empty($lastName) || empty($age) || empty($city) || empty($ip)) { |
| 51 | + $email = Security($_POST['email']); |
| 52 | + if (empty($userName) || empty($firstName) || empty($lastName) || empty($email)) { |
54 | 53 | $jsonArray['error'] = true; |
55 | 54 | $jsonArray['errorMessage'] = "Invalid or null value!"; |
56 | | - $_code = 403; |
| 55 | + $_code = 406; |
57 | 56 | } else if (is_numeric($firstName) || is_numeric($lastName)) { |
58 | 57 | $jsonArray['error'] = true; |
59 | 58 | $jsonArray['errorMessage'] = "first or last name cannot contain numeric values."; |
60 | | - $_code = 403; |
| 59 | + $_code = 406; |
| 60 | + } else if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { |
| 61 | + $jsonArray['error'] = true; |
| 62 | + $jsonArray['errorMessage'] = "invalid email address"; |
| 63 | + $_code = 406; |
61 | 64 | } else { |
62 | | - $add = $db->prepare("INSERT INTO users (first_name, last_name, age, city, ip) VALUES (:fname, :lname, :age, :city, :ip)"); |
| 65 | + $add = $db->prepare("INSERT INTO users (username, first_name, last_name, email) VALUES (:uname, :fname, :lname, :email)"); |
| 66 | + $add->bindParam(":uname", $userName, PDO::PARAM_STR); |
63 | 67 | $add->bindParam(":fname", $firstName, PDO::PARAM_STR); |
64 | 68 | $add->bindParam(":lname", $lastName, PDO::PARAM_STR); |
65 | | - $add->bindParam(":age", $age, PDO::PARAM_INT); |
66 | | - $add->bindParam(":city", $city, PDO::PARAM_STR); |
67 | | - $add->bindParam(":ip", $ip, PDO::PARAM_STR); |
| 69 | + $add->bindParam(":email", $email, PDO::PARAM_STR); |
68 | 70 | $add->execute(); |
69 | 71 | if ($db->lastInsertId()) { |
70 | 72 | $jsonArray["send_data"] = "Data sending is successful"; |
| 73 | + $jsonArray['username'] = $userName; |
71 | 74 | $jsonArray['first_name'] = $firstName; |
72 | 75 | $jsonArray['last_name'] = $lastName; |
73 | | - $jsonArray['age'] = $age; |
74 | | - $jsonArray['city'] = $city; |
75 | | - $jsonArray['ip'] = $ip; |
| 76 | + $jsonArray['email'] = $email; |
76 | 77 | } else { |
77 | 78 | $jsonArray['error'] = true; |
78 | | - $_code = 404; |
| 79 | + $_code = 403; |
79 | 80 | $jsonArray['errorMessage'] = "Data sending failed!"; |
80 | 81 | } |
81 | 82 | } |
|
84 | 85 | if (empty($id)) { |
85 | 86 | $jsonArray['error'] = true; |
86 | 87 | $jsonArray['errorMessage'] = "Invalid or null value!"; |
87 | | - $_code = 403; |
| 88 | + $_code = 406; |
88 | 89 | } else if (!is_numeric($id)) { |
89 | 90 | $jsonArray['error'] = true; |
90 | 91 | $jsonArray['errorMessage'] = "The request must contain a numeric value!"; |
91 | | - $_code = 403; |
| 92 | + $_code = 406; |
92 | 93 | } else { |
93 | 94 | $control = $db->prepare("SELECT * FROM users WHERE id = :id"); |
94 | 95 | $control->bindParam(":id", $id, PDO::PARAM_INT); |
|
104 | 105 | } else { |
105 | 106 | $jsonArray['error'] = true; |
106 | 107 | $jsonArray['deleteid'] = $id; |
107 | | - $_code = 404; |
| 108 | + $_code = 403; |
108 | 109 | $jsonArray['errorMessage'] = "Deletion failed."; |
109 | 110 | } |
110 | 111 | } else { |
111 | 112 | $jsonArray['error'] = true; |
112 | 113 | $jsonArray['errorMessage'] = "No value found for your request!"; |
113 | | - $_code = 403; |
| 114 | + $_code = 404; |
114 | 115 | } |
115 | 116 | } |
116 | 117 | } else if ($request_method === "PUT") { |
117 | 118 | $put_req = json_decode(file_get_contents("php://input")); |
118 | 119 | $id = $put_req->id; |
| 120 | + $userName = $put_req->username; |
119 | 121 | $firstName = $put_req->first_name; |
120 | 122 | $lastName = $put_req->last_name; |
121 | | - $age = $put_req->age; |
122 | | - $city = $put_req->city; |
123 | | - $ip = $put_req->ip; |
124 | | - if (empty($id) || empty($firstName) || empty($lastName) || empty($age) || empty($city) || empty($ip)) { |
| 123 | + $email = $put_req->email; |
| 124 | + if (empty($id) || empty($userName) || empty($firstName) || empty($lastName) || empty($email)) { |
125 | 125 | $jsonArray['error'] = true; |
126 | 126 | $jsonArray['errorMessage'] = "Invalid or null value!"; |
127 | | - $_code = 403; |
| 127 | + $_code = 406; |
128 | 128 | } else if (is_numeric($firstName) || is_numeric($lastName)) { |
129 | 129 | $jsonArray['error'] = true; |
130 | 130 | $jsonArray['errorMessage'] = "first or last name cannot contain numeric values."; |
131 | | - $_code = 403; |
| 131 | + $_code = 406; |
| 132 | + } else if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { |
| 133 | + $jsonArray['error'] = true; |
| 134 | + $jsonArray['errorMessage'] = "invalid email address"; |
| 135 | + $_code = 406; |
132 | 136 | } else { |
133 | 137 | $control = $db->prepare("SELECT * FROM users WHERE id = :id"); |
134 | 138 | $control->bindParam(":id", $id, PDO::PARAM_INT); |
135 | 139 | $control->execute(); |
136 | 140 | $controlCount = $control->rowCount(); |
137 | 141 | if ($controlCount > 0) { |
138 | | - $update = $db->prepare("UPDATE users SET first_name = :fname, last_name = :lname, age = :age, city = :city, ip = :ip WHERE id = :id"); |
| 142 | + $update = $db->prepare("UPDATE users SET username = :uname, first_name = :fname, last_name = :lname, email = :email WHERE id = :id"); |
| 143 | + $update->bindParam(":uname", $userName, PDO::PARAM_STR); |
139 | 144 | $update->bindParam(":fname", $firstName, PDO::PARAM_STR); |
140 | 145 | $update->bindParam(":lname", $lastName, PDO::PARAM_STR); |
141 | | - $update->bindParam(":age", $age, PDO::PARAM_INT); |
142 | | - $update->bindParam(":city", $city, PDO::PARAM_STR); |
143 | | - $update->bindParam(":ip", $ip, PDO::PARAM_STR); |
| 146 | + $update->bindParam(":email", $email, PDO::PARAM_STR); |
144 | 147 | $update->bindParam("id", $id, PDO::PARAM_INT); |
145 | 148 | $update->execute(); |
146 | 149 | if ($update) { |
147 | 150 | $jsonArray['message'] = "Update successfull."; |
148 | 151 | $jsonArray['affectedId'] = $id; |
149 | 152 | } else { |
150 | 153 | $jsonArray['error'] = true; |
151 | | - $_code = 404; |
| 154 | + $_code = 403; |
152 | 155 | $jsonArray['errorMessage'] = "Data sending failed!"; |
153 | 156 | } |
154 | 157 | } |
155 | 158 | } |
156 | 159 | } else { |
157 | 160 | $jsonArray['error'] = true; |
158 | | - $_code = 404; |
159 | | - $jsonArray['errorMessage'] = "Invalid request or undefined method"; |
| 161 | + $_code = 405; |
| 162 | + $jsonArray['errorMessage'] = "Method Not Allowed"; |
160 | 163 | } |
161 | 164 |
|
162 | 165 |
|
|
0 commit comments