lul

1. <?php
2.  
3. require_once 'konek.php';
4.  
5. $response = array();
6.  
7. if(isset($_GET['apicall'])){
8.  
9. switch($_GET['apicall']){
10. case 'signup':
11. if(isTheseParametersAvailable(array('email','password','status','level'))){
12. $email = $_POST['email'];
13. $password = md5($_POST['password']);
14. $status = $_POST['status'];
15. $level = $_POST['level'];
16.  
17. $stmt = $conn->prepare("SELECT email,password,status,level FROM user WHERE email = ?");
18. $stmt->bind_param("s",$email);
19. $stmt->execute();
20. $stmt->store_result();
21.  
22. if($stmt->num_rows > 0){
23. $response['error'] = true;
24. $response['message'] = 'User already registered';
25. $stmt->close();
26. }else{
27. $stmt = $conn->prepare("INSERT INTO user (email, password, status,level) VALUES (?, ?, ?, ?)");
28. $stmt->bind_param("ssss", $email, $password, $status,$level);
29.  
30. if($stmt->execute()){
31. $stmt = $conn->prepare("SELECT id, email, password, status, level FROM user WHERE email = ?");
32. $stmt->bind_param("s",$email);
33. $stmt->execute();
34. $stmt->bind_result($id,$email,$password,$status,$level);
35. $stmt->fetch();
36.  
37. $user = array(
38. 'id'=>$id,
39. 'email'=>$email,
40. 'password'=>$password,
41. 'status'=>$status,
42. 'level'=>$level
43. );
44. $stmt->close();
45.  
46. $response['error'] = false;
47. $response['message'] = 'User registered successfully';
48. $response['user'] = $user;
49. }
50. }
51. }else{
52. $response['error'] = true;
53. $response['message'] = 'required parameters are not available';
54. }
55. break;
56. case 'edit':
57. if(isTheseParametersAvailable(array('email','password','status','level'))){
58. $email = $_POST['email'];
59. $password = md5($_POST['password']);
60. $status = $_POST['status'];
61. $level = $_POST['level'];
62.  
63. $stmt = $conn->prepare("SELECT email,password,status,level FROM user WHERE email=?");
64. $stmt->bind_param("s",$email);
65. $stmt->execute();
66. $stmt->store_result();
67.  
68. if($stmt->num_rows > 0){
69. $stmt = $conn->prepare("UPDATE user SET password=?, status=?, level=? WHERE email=?");
70. $stmt->bind_param("ssss", $password, $status, $level, $email);
71.  
72. if($stmt->execute()){
73. $stmt = $conn->prepare("SELECT id, email, password, status, level FROM user WHERE email=?");
74. $stmt->bind_param("s",$email);
75. $stmt->execute();
76. $stmt->bind_result($id,$email,$password,$status,$level);
77. $stmt->fetch();
78.  
79. $user = array(
80. 'id'=>$id,
81. 'email'=>$email,
82. 'password'=>$password,
83. 'status'=>$status,
84. 'level'=>$level
85. );
86. $stmt->close();
87.  
88. $response['error'] = false;
89. $response['message'] = 'User edited successfully';
90. $response['user'] = $user;
91. }
92. }else{
93. $response['error'] = true;
94. $response['message'] = 'User not found';
95. $stmt->close();
96. }
97. }else{
98. $response['error'] = true;
99. $response['message'] = 'required parameters are not available';
100. }
101. break;
102. case 'login':
103. if(isTheseParametersAvailable(array('email', 'password','status','level'))){
104. $email = $_POST['email'];
105. $password = md5($_POST['password']);
106. $status = $_POST['status'];
107. $level = $_POST['level'];
108.  
109. $stmt = $conn->prepare("SELECT id, email,password,status,level FROM user WHERE email = ? AND password = ? AND status = ? AND level = ?");
110. $stmt->bind_param("ssss",$email, $password,$status,$level);
111.  
112. $stmt->execute();
113.  
114. $stmt->store_result();
115.  
116. if($stmt->num_rows > 0){
117. $stmt->bind_result($id, $email,$password, $status,$level);
118. $stmt->fetch();
119.  
120. $user = array(
121. 'id'=>$id,
122. 'email'=>$email,
123. 'password'=>$password,
124. 'status'=>$status,
125. 'level'=>$level
126. );
127.  
128. $response['error'] = false;
129. $response['message'] = 'Login successfull';
130. $response['user'] = $user;
131. }else{
132. $response['error'] = false;
133. $response['message'] = 'Invalid username or password';
134. }
135. }
136. break;
137. case 'edit':
138. if(isTheseParametersAvailable(array('email','password','status','level'))){
139. $email = $_POST['email'];
140. $password = md5($_POST['password']);
141. $status = $_POST['status'];
142. $level = $_POST['level'];
143.  
144. $stmt = $conn->prepare("SELECT email,password,status,level FROM user WHERE email=?");
145. $stmt->bind_param("s",$email);
146. $stmt->execute();
147. $stmt->store_result();
148.  
149. if($stmt->num_rows > 0){
150. $stmt = $conn->prepare("UPDATE user SET password=?, status=?, level=? WHERE email=?");
151. $stmt->bind_param("ssss", $password, $status, $level, $email);
152.  
153. if($stmt->execute()){
154. $stmt = $conn->prepare("SELECT id, email, password, status, level FROM user WHERE email=?");
155. $stmt->bind_param("s",$email);
156. $stmt->execute();
157. $stmt->bind_result($id,$email,$password,$status,$level);
158. $stmt->fetch();
159.  
160. $user = array(
161. 'id'=>$id,
162. 'email'=>$email,
163. 'password'=>$password,
164. 'status'=>$status,
165. 'level'=>$level
166. );
167. $stmt->close();
168.  
169. $response['error'] = false;
170. $response['message'] = 'User edited successfully';
171. $response['user'] = $user;
172. }
173. }else{
174. $response['error'] = true;
175. $response['message'] = 'User not found';
176. $stmt->close();
177. }
178. }else{
179. $response['error'] = true;
180. $response['message'] = 'required parameters are not available';
181. }
182. break;
183. default:
184. $response['error'] = true;
185. $response['message'] = 'Invalid Operation Called';
186. }
187. }else{
188. $response['error'] = true;
189. $response['message'] = 'Invalid API Call';
190. }
191.  
192. echo json_encode($response); //sudah ada ini, sesuai format android di tutorial
193.  
194.  
195. function isTheseParametersAvailable($params){
196. foreach($params as $param){
197. if(!isset($_POST[$param])){
198. return false;
199. }
200. }
201. return true;
202. }