API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 2nd, 2016
58
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 6.54 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /**
  3.  * If the user is logged in and a Lecturer doesn't exists in the database,
  4.  * add the new lecturer to the database.
  5.  *
  6.  *
  7.  *
  8.  */
  9. require_once("../../../objects/MySQL.php");
  10. require_once("../../../objects/JWT.php");
  11. require_once("../../../objects/Lecturer.php");
  12. require_once("../../../utils/Utils.php");
  13.  
  14. try {
  15.  
  16.     $headers = getallheaders();
  17.     if(array_key_exists("Authorization", $headers)) {
  18.  
  19.         $jwt = JWT::decode($headers["Authorization"]);
  20.     } else {
  21.  
  22.         echo(json_encode(array('ok' => false, 'simple_error' => 'Authorization failure.', 'detailed_error' => 'Error at ' . basename(__FILE__) . ":" . __LINE__ . '. Message: Missing Authorization header in request.')));
  23.         Utils::http_response_code(400);
  24.         return;
  25.     } // This checks the auth.
  26. } catch (Exception $e) {
  27.  
  28.     echo(json_encode(array('ok' => false, 'simple_error' => 'Authorization failure.', 'detailed_error' => 'Error at ' . basename(__FILE__) . ":" . __LINE__ . '. Message: ' . $e->getMessage())));
  29.     Utils::http_response_code(500);
  30.     return;
  31. }
  32.  
  33. if($jwt->getRole() == "USER") {
  34.  
  35.     try {
  36.  
  37.         $mySQL = new MySQL();
  38.         $connection = $mySQL->getConnection();
  39.     } catch (Exception $e) {
  40.  
  41.         echo(json_encode(array('ok' => false, 'simple_error' => 'Internal server error, contact a system administrator.', 'detailed_error' => 'Error at ' . basename(__FILE__) . ":" . __LINE__ . '. Message: ' . $e->getMessage())));
  42.         Utils::http_response_code(500);
  43.         return;
  44.     }
  45.  
  46.     if ($json_data = file_get_contents('php://input')) {
  47.  
  48.         $json_object = json_decode($json_data, true);
  49.         if (is_array($json_object)) {
  50.  
  51.             if (array_key_exists('name', $json_object)) {
  52.  
  53.                 if (array_key_exists('department_id', $json_object)) {
  54.  
  55.                     try {
  56.  
  57.                         if ($stmt = $connection->prepare("SELECT `name` FROM `Lecturer` WHERE `name`=?")) {
  58.  
  59.                             $stmt->bind_param('s', $name);
  60.                             if (!$stmt->execute()) {
  61.  
  62.                                 echo(json_encode(array('ok' => false, 'simple_error' => 'Internal server error, contact a system administrator.', 'detailed_error' => 'Error at ' . basename(__FILE__) . ":" . __LINE__ . '. Message: ' . $stmt->error . '.')));
  63.                                 Utils::http_response_code(500);
  64.                                 return;
  65.                             }
  66.                             $stmt->bind_result($real_name);
  67.                             if (is_null($stmt->fetch())) {
  68.  
  69.                                 $real_name = null;
  70.                             }
  71.                             $stmt->close();
  72.  
  73.                             if (is_null($real_name)) {
  74.  
  75.                                 $lecturer = new Lecturer($mySQL, -1, $name, $department_id);
  76.                                 $lecturer->saveToMySQL();
  77.                                 echo(json_encode(array('ok' => true, 'response' => $lecturer->toArray())));
  78.                                 if ($error = json_last_error()) {
  79.  
  80.                                     echo(json_encode(array('ok' => false, 'simple_error' => 'Internal server error, contact a system administrator.', 'detailed_error' => 'Error at ' . basename(__FILE__) . ":" . __LINE__ . '. Message: json_encode failed with code(' . $error . ').')));
  81.                                     Utils::http_response_code(500);
  82.                                     return;
  83.                                 }
  84.                                 return;
  85.                             } else {
  86.                                 echo $real_name;
  87.                                 echo(json_encode(array('ok' => false, 'simple_error' => 'A lecturer with that name already exists in the database.', 'detailed_error' => 'Error at ' . basename(__FILE__) . ":" . __LINE__ . '. Message: ' . 'Failed to add new lecturer with name ' . $name . '.')));
  88.                                 Utils::http_response_code(400);
  89.                                 return;
  90.                             }
  91.                         } else {
  92.  
  93.                             echo(json_encode(array('ok' => false, 'simple_error' => 'Internal server error, contact a system administrator.', 'detailed_error' => 'Error at ' . basename(__FILE__) . ":" . __LINE__ . '. Message: ' . 'Failed to prepare statement for checking if lecturer name already in database.')));
  94.                             Utils::http_response_code(500);
  95.                             return;
  96.                         }
  97.                     } catch (Exception $e) {
  98.  
  99.                         echo(json_encode(array('ok' => false, 'simple_error' => 'Internal server error, contact a system administrator.', 'detailed_error' => 'Error at ' . basename(__FILE__) . ":" . __LINE__ . '. Message: ' . 'Failed to add new lecturer with name ' . $name . '.')));
  100.                         Utils::http_response_code(500);
  101.                         return;
  102.                     }
  103.                 } else {
  104.  
  105.                     echo(json_encode(array('ok' => false, 'simple_error' => 'User panel request error.', 'detailed_error' => 'Error at ' . basename(__FILE__) . ":" . __LINE__ . '. Message: ' . 'Parameter department_id is unset.')));
  106.                     Utils::http_response_code(400);
  107.                     return;
  108.                 }
  109.             } else {
  110.  
  111.                 echo(json_encode(array('ok' => false, 'simple_error' => 'User panel request error.', 'detailed_error' => 'Error at ' . basename(__FILE__) . ":" . __LINE__ . '. Message: ' . 'Parameter name is unset.')));
  112.                 Utils::http_response_code(400);
  113.                 return;
  114.             }
  115.         }else {
  116.  
  117.             echo(json_encode(array('ok' => false, 'simple_error' => 'User panel request error.', 'detailed_error' => 'Error at ' . basename(__FILE__) . ":" . __LINE__ . '. Message: ' . 'Failed to decode JSON. Data:' . $json_data)));
  118.             Utils::http_response_code(400);
  119.             return;
  120.         }
  121.     } else {
  122.  
  123.         echo(json_encode(array('ok' => false, 'simple_error' => 'User panel request error.', 'detailed_error' => 'Error at ' . basename(__FILE__) . ":" . __LINE__ . '. Message: ' . 'No JSON object was provided.')));
  124.         Utils::http_response_code(400);
  125.     }
  126. }else {
  127.  
  128.     echo(json_encode(array('ok' => false, 'simple_error' => 'You do no have permission to perform this function.', 'detailed_error' => 'Error at ' . basename(__FILE__) . ":" . __LINE__ . '. Message: User had role ' . $jwt->getRole() . ' and tried to access user methods.')));
  129.     Utils::http_response_code(403);
  130.     return;
  131. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!