Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- use Slim\Http\Request;
- use Slim\Http\Response;
- header("Access-Control-Allow-Origin: *");
- // Routes
- $app->get('/', function (Request $request, Response $response, array $args) {
- // Sample log message
- $this->logger->info("Slim-Skeleton '/' route");
- // Render index view
- return $this->renderer->render($response, 'index.phtml', $args);
- });
- // $app->get('/recipes', function (Request $request, Response $response, array $args) {
- // $data = file_get_contents(__DIR__ . '/dbstore/food.json');
- // $newResponse = $response->withJson($data);
- // return $newResponse;
- // });
- // Get data from MySQLi
- $app->get('/users', function(){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- $query = "SELECT * FROM users ORDER BY id";
- $result = $mysqli->query($query) or die($mysqli->error);
- while($row = $result->fetch_assoc()) {
- $data[] = $row;
- // echo "number of rows: " . $result->num_rows;
- }
- if (isset($data)) {
- header('Content-Type: application/json');
- // echo '{"users": ' . json_encode($data) . '}';
- echo '{"users": ' . json_encode($data, JSON_UNESCAPED_UNICODE) . '}';
- }
- });
- $app->get('/singleUser', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- $userid = $request->getParam('userid');
- // try it!
- try {
- // Might need to add some security to this..
- // make query string
- $sql = "SELECT * FROM users WHERE id =:userid";
- $stmt = $pdo->prepare($sql); // chaining SQL statements..
- $stmt->bindParam("userid", $userid);
- $stmt->execute();
- $userData = $stmt->fetch(PDO::FETCH_OBJ);
- return $response->withJson(['response' => 'success', 'userData' => $userData], 200);
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- }
- });
- $app->get('/singleInsurance', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- $insuranceid = $request->getParam('insuranceid');
- // try it!
- try {
- // Might need to add some security to this..
- // make query string
- $sql = "SELECT * FROM insurances WHERE id =:insuranceid";
- $stmt = $pdo->prepare($sql); // chaining SQL statements..
- $stmt->bindParam("insuranceid", $insuranceid);
- $stmt->execute();
- $insuranceData = $stmt->fetch(PDO::FETCH_OBJ);
- return $response->withJson(['response' => 'success', 'insuranceData' => $insuranceData], 200);
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- }
- });
- // $data = $request->getParam('paramName');
- //$data = $request->getParams(); // if you want to get all params
- // Get data from MySQL with PDO
- $app->post('/addUser', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- // get username and password
- $username = $request->getParam('username');
- $password = password_hash($request->getParam('password'), PASSWORD_DEFAULT);
- $firstname = $request->getParam('firstname');
- $lastname = $request->getParam('lastname');
- $email = $request->getParam('email');
- $role = $request->getParam('role');
- // try it!
- try {
- // Might need to add some security to this..
- // make query string
- $sql = "INSERT INTO users (username, password, firstname, lastname, email, role) VALUES (?,?,?,?,?,?)";
- $pdo->prepare($sql)->execute([$username, $password, $firstname, $lastname, $email, $role]); // chaining SQL statements..
- return $response->withJson(['response' => 'success', 'message' => 'Added user to database'], 200);
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- //echo '{"error":{"text":'. $e->getMessage() .'}}'; //print a error
- }
- });
- $app->post('/editUser', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- // get username and password
- $username = $request->getParam('username');
- $password = password_hash($request->getParam('password'), PASSWORD_DEFAULT);
- $firstname = $request->getParam('firstname');
- $lastname = $request->getParam('lastname');
- $email = $request->getParam('email');
- $userid = $request->getParam('userid');
- $role = $request->getParam('role');
- // try it!
- try {
- // Might need to add some security to this..
- // make query string
- $sql = "UPDATE users SET username = ?, password = ?, firstname = ?, lastname = ?, email = ?, role = ? WHERE id = ?";
- $pdo->prepare($sql)->execute([$username, $password, $firstname, $lastname, $email, $role, $userid]); // chaining SQL statements..
- return $response->withJson(['response' => 'success', 'message' => 'Updated user data'], 200);
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- //echo '{"error":{"text":'. $e->getMessage() .'}}'; //print a error
- }
- });
- $app->post('/removeUser', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- // get username and password
- $userid = $request->getParam('userid');
- if($userid == 20) {
- return $response->withJson(['response' => 'failed', 'message' => 'User cannot be removed'], 200);
- }
- // try it!
- try {
- // Might need to add some security to this..
- // make query string
- $sql = "DELETE FROM users WHERE id = ?";
- $pdo->prepare($sql)->execute([$userid]); // chaining SQL statements..
- return $response->withJson(['response' => 'success', 'message' => 'User removed'], 200);
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- //echo '{"error":{"text":'. $e->getMessage() .'}}'; //print a error
- }
- });
- // Get data from MySQL with PDO
- $app->post('/login', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- // get username and password
- $username = $request->getParam('username');
- $password = $request->getParam('password');
- // try it!
- try {
- // Might need to add some security to this..
- // make query string
- $sql = "SELECT id, firstname, lastname, email, username, password, role FROM users WHERE (username=:username or email=:username)";
- $stmt = $pdo->prepare($sql);
- $stmt->bindParam("username", $username, PDO::PARAM_STR);
- $stmt->execute();
- $mainCount = $stmt->rowCount();
- if($mainCount == 0) {
- return $response->withJson(['response' => 'failed', 'message' => 'Fel användarnamn eller lösenord'], 200);
- }
- $userData = $stmt->fetch(PDO::FETCH_OBJ);
- if(!empty($userData) && password_verify($password, $userData->password)) {
- return $response->withJson(['response' => 'success', 'userData' => $userData], 200);
- }
- else {
- return $response->withJson(['response' => 'failed', 'message' => 'Fel användarnamn eller lösenord'], 200);
- }
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- //echo '{"error":{"text":'. $e->getMessage() .'}}'; //print a error
- }
- });
- // Get data from MySQLi
- $app->get('/insurances', function(){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- // $query = "SELECT * FROM insurances ORDER BY Koncern";
- $query = "SELECT * FROM insurances INNER JOIN customers ON insurances.Kund_id=customers.Kund_id ORDER BY Koncern";
- $result = $mysqli->query($query) or die($mysqli->error);
- while($row = $result->fetch_assoc()) {
- $data[] = $row;
- // echo "number of rows: " . $result->num_rows;
- }
- if (isset($data)) {
- header('Content-Type: application/json');
- // echo json_encode($data);
- echo '{"insurances": ' . json_encode($data, JSON_UNESCAPED_UNICODE) . '}';
- }
- });
- // Get data from MySQLi
- $app->get('/customers', function(){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- $query = "SELECT * FROM customers ORDER BY Koncern";
- $result = $mysqli->query($query) or die($mysqli->error);
- while($row = $result->fetch_assoc()) {
- $data[] = $row;
- // echo "number of rows: " . $result->num_rows;
- }
- if (isset($data)) {
- header('Content-Type: application/json');
- // echo json_encode($data);
- echo '{"customers": ' . json_encode($data, JSON_UNESCAPED_UNICODE) . '}';
- }
- });
- // Get data from MySQL with PDO
- $app->get('/getcustomersdata', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- try {
- $sql = "SELECT * FROM customers GROUP BY Koncern";
- $stmt = $pdo->prepare($sql);
- $stmt->execute();
- $mainCount = $stmt->rowCount();
- if($mainCount == 0) {
- return $response->withJson(['response' => 'failed', 'message' => 'Ingen data'], 200);
- }
- $customersData = $stmt->fetchAll(PDO::FETCH_OBJ);
- if(!empty($customersData)) {
- return $response->withJson(['response' => 'success', 'customersData' => $customersData], 200);
- }
- else {
- return $response->withJson(['response' => 'failed', 'message' => 'Ingen data'], 200);
- }
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- }
- });
- /*
- $app->get('/getcustomersdata', function(){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- $query = "SELECT * FROM customers";
- // :)
- $result = $mysqli->query($query) or die($mysqli->error);
- while($row = $result->fetch_assoc()) {
- $data[] = $row;
- // echo "number of rows: " . $result->num_rows;
- }
- if (isset($data)) {
- header('Content-Type: application/json');
- echo '{"customersdata": ' . json_encode($data, JSON_UNESCAPED_UNICODE) . '}';
- }
- });
- */
- // Get data from MySQLi
- $app->get('/responsible', function(){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- $query = "SELECT Kundansvarig FROM insurances GROUP BY Kundansvarig";
- $result = $mysqli->query($query) or die($mysqli->error);
- while($row = $result->fetch_assoc()) {
- $data[] = $row;
- // echo "number of rows: " . $result->num_rows;
- }
- if (isset($data)) {
- header('Content-Type: application/json');
- // echo json_encode($data);
- echo '{"responsible": ' . json_encode($data, JSON_UNESCAPED_UNICODE) . '}';
- }
- });
- // Get data from MySQLi
- // $app->get('/customers', function(){
- // require_once(__DIR__ . '/dbstore/dbconnect.php');
- // $query = "SELECT * FROM customers GROUP BY Koncern";
- // $result = $mysqli->query($query) or die($mysqli->error);
- // while($row = $result->fetch_assoc()) {
- // $data[] = $row;
- // // echo "number of rows: " . $result->num_rows;
- // }
- // if (isset($data)) {
- // header('Content-Type: application/json');
- // // echo json_encode($data);
- // echo '{"customers": ' . json_encode($data, JSON_UNESCAPED_UNICODE) . '}';
- // }
- // });
- // Get data from MySQL with PDO
- $app->post('/addInsurance', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- // get username and password
- $orgnr = $request->getParam('Organisationsnummer');
- $koncern = $request->getParam('Koncern');
- $orgdottrb = $request->getParam('Organisationsnummer_Dotterbolag');
- $dottrb = $request->getParam('Dotterbolag');
- $uppdrutg = $request->getParam('Uppdragsavtalets_utgang');
- $ovriginfo = $request->getParam('Ovrig_information');
- $arvode = $request->getParam('Arvode');
- $rorligt = $request->getParam('Rorligt');
- $arvodefakt = $request->getParam('Arvode_fakurerat');
- $kundansv = $request->getParam('Kundansvarig');
- $forsakrform = $request->getParam('Forsakringsform');
- $projektforsakring = $request->getParam('Projektforsakring');
- $forsakrnr = $request->getParam('Forsakringsnr');
- $fornydatum = $request->getParam('Fornyelse');
- $forsakrb = $request->getParam('Forsakringsbolag');
- $premiekr = $request->getParam('Premie_kr');
- $provpr = $request->getParam('Provision_procent');
- $provkr = $request->getParam('Provision_kr');
- $sarskildfaktrutin = $request->getParam('Sarskild_faktura_rutin');
- $aps1 = $request->getParam('ARBETSPROCESS_STEG_1');
- $aps2a = $request->getParam('ARBETSPROCESS_STEG_2_A_FORNYELSE');
- $aps2b = $request->getParam('ARBETSPROCESS_STEG_2_B_UPPHANDLING');
- $aps3 = $request->getParam('ARBETSPROCESS_STEG_3_PLACERING');
- $aps4 = $request->getParam('ARBETSPROCESS_STEG_4_ANDRING');
- $arkiverad = $request->getParam('Arkiverad');
- // try it!
- try {
- // Might need to add some security to this..
- // make query string
- $sql = "INSERT INTO insurances (Organisationsnummer,
- Koncern,
- Organisationsnummer_Dotterbolag,
- Dotterbolag,
- Uppdragsavtalets_utgang,
- Ovrig_information,
- Arvode,
- Rorligt,
- Arvode_fakurerat,
- Kundansvarig,
- Forsakringsform,
- Projektforsakring,
- Forsakringsnr,
- Fornyelse,
- Forsakringsbolag,
- Premie_kr,
- Provision_procent,
- Provision_kr,
- Sarskild_faktura_rutin,
- ARBETSPROCESS_STEG_1,
- ARBETSPROCESS_STEG_2_A_FORNYELSE,
- ARBETSPROCESS_STEG_2_B_UPPHANDLING,
- ARBETSPROCESS_STEG_3_PLACERING,
- ARBETSPROCESS_STEG_4_ANDRING,
- Arkiverad) VALUES (?, ?, ?, ?, ?,
- ?, ?, ?, ?, ?,
- ?, ?, ?, ?, ?,
- ?, ?, ?, ?, ?,
- ?, ?, ?, ?, ?)";
- $pdo->prepare($sql)->execute([$orgnr,
- $koncern,
- $dottrb,
- $orgdottrb,
- $uppdrutg,
- $ovriginfo,
- $arvode,
- $rorligt,
- $arvodefakt,
- $kundansv,
- $forsakrform,
- $projektforsakring,
- $forsakrnr,
- $fornydatum,
- $forsakrb,
- $premiekr,
- $provpr,
- $provkr,
- $sarskildfaktrutin,
- $aps1,
- $aps2a,
- $aps2b,
- $aps3,
- $aps4,
- $arkiverad]); // chaining SQL statements..
- return $response->withJson(['response' => 'success', 'message' => 'Added insurance to database'], 200);
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- //echo '{"error":{"text":'. $e->getMessage() .'}}'; //print a error
- }
- });
- $app->post('/editInsurance', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- // get username and password
- $id = $request->getParam('insuranceid');
- $orgnr = $request->getParam('Organisationsnummer');
- $koncern = $request->getParam('Koncern');
- $dottrb = $request->getParam('Dotterbolag');
- $orgdottrb = $request->getParam('Organisationsnummer_Dotterbolag');
- $uppdrutg = $request->getParam('Uppdragsavtalets_utgang');
- $ovriginfo = $request->getParam('Ovrig_information');
- $arvode = $request->getParam('Arvode');
- $rorligt = $request->getParam('Rorligt');
- $arvodefakt = $request->getParam('Arvode_fakurerat');
- $kundansv = $request->getParam('Kundansvarig');
- $forsakrform = $request->getParam('Forsakringsform');
- $projektforsakring = $request->getParam('Projektforsakring');
- $forsakrnr = $request->getParam('Forsakringsnr');
- $fornydatum = $request->getParam('Fornyelse');
- $forsakrb = $request->getParam('Forsakringsbolag');
- $premiekr = $request->getParam('Premie_kr');
- $provpr = $request->getParam('Provision_procent');
- $provkr = $request->getParam('Provision_kr');
- $sarskildfaktrutin = $request->getParam('Sarskild_faktura_rutin');
- $aps1 = $request->getParam('ARBETSPROCESS_STEG_1');
- $aps2a = $request->getParam('ARBETSPROCESS_STEG_2_A_FORNYELSE');
- $aps2b = $request->getParam('ARBETSPROCESS_STEG_2_B_UPPHANDLING');
- $aps3 = $request->getParam('ARBETSPROCESS_STEG_3_PLACERING');
- $aps4 = $request->getParam('ARBETSPROCESS_STEG_4_ANDRING');
- $arkiverad = $request->getParam('Arkiverad');
- // try it!
- try {
- // Might need to add some security to this..
- // make query string
- $sql = "UPDATE insurances SET Organisationsnummer = ?,
- Koncern = ?,
- Organisationsnummer_Dotterbolag = ?,
- Dotterbolag = ?,
- Uppdragsavtalets_utgang = ?,
- Ovrig_information = ?,
- Arvode = ?,
- Rorligt = ?,
- Arvode_fakurerat = ?,
- Kundansvarig = ?,
- Forsakringsform = ?,
- Projektforsakring = ?,
- Forsakringsnr = ?,
- Fornyelse = ?,
- Forsakringsbolag = ?,
- Premie_kr = ?,
- Provision_procent = ?,
- Provision_kr = ?,
- Sarskild_faktura_rutin = ?,
- ARBETSPROCESS_STEG_1 = ?,
- ARBETSPROCESS_STEG_2_A_FORNYELSE = ?,
- ARBETSPROCESS_STEG_2_B_UPPHANDLING = ?,
- ARBETSPROCESS_STEG_3_PLACERING = ?,
- ARBETSPROCESS_STEG_4_ANDRING = ?,
- Arkiverad = ? WHERE id = ?";
- $pdo->prepare($sql)->execute([$orgnr,
- $koncern,
- $dottrb,
- $orgdottrb,
- $uppdrutg,
- $ovriginfo,
- $arvode,
- $rorligt,
- $arvodefakt,
- $kundansv,
- $forsakrform,
- $projektforsakring,
- $forsakrnr,
- $fornydatum,
- $forsakrb,
- $premiekr,
- $provpr,
- $provkr,
- $sarskildfaktrutin,
- $aps1,
- $aps2a,
- $aps2b,
- $aps3,
- $aps4,
- $arkiverad,
- $id]); // chaining SQL statements..
- return $response->withJson(['response' => 'success', 'message' => 'Updated insurance to database'], 200);
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- //echo '{"error":{"text":'. $e->getMessage() .'}}'; //print a error
- }
- });
- // $app->add(function ($req, $res, $next) {
- // $response = $next($req, $res);
- // return $response
- // ->withHeader('Access-Control-Allow-Origin', 'http://127.0.0.1:8888/database/public')
- // ->withHeader('Access-Control-Allow-Headers', 'X-Requested-With, Content-Type, Accept, Origin, Authorization')
- // ->withHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, PATCH, OPTIONS');
- // });
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement