aaa

1. <?php
2.  
3. require_once "../include/DbHandler.php";
4. require_once "../include/PassHash.php";
5. require ‘vendor/autoload.php’;
6.  
7. \Slim\Slim::registerAutoloader();
8.  
9. $app = new \Slim\Slim();
10.  
11. // User id from db - Global Variable
12. $user_id = NULL;
13.  
14. /**
15.  * Verifying required params posted or not
16. */
17. function verifyRequiredParams($required_fields) {
18.     $error = false;
19.     $error_fields = "";
20.     $request_params = array();
21.     $request_params = $_REQUEST;
22.  
23.     // Handling PUT request params
24.  
25.     if ($_SERVER["REQUEST_METHOD"] == "PUT") {
26.         $app = \Slim\Slim::getInstance();
27.         parse_str($app->request()->getBody(), $request_params);
28.     }
29.     foreach ($required_fields as $field) {
30.         if (!isset($request_params[$field]) || strlen(trim($request_params[$field])) <= 0) {
31.             $error = true;
32.             $error_fields .= $field . ", ";
33.         }
34.     }
35.  
36.     if ($error) {
37.         // Required field(s) are missing or empty
38.         // echo error json and stop the app
39.         $response = array();
40.         $app = \Slim\Slim::getInstance();
41.         $response["error"] = true;
42.         $response["message"] = "Required field(s) " . substr($error_fields, 0, -2) . " is missing or empty";
43.         echoRespnse(400, $response);
44.         $app->stop();
45.     }
46. }
47.  
48. /**
49.  * Validating email address
50.  */
51. function validateEmail($email) {
52.     $app = \Slim\Slim::getInstance();
53.     if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
54.         $response["error"] = true;
55.         $response["message"] = "Email address is not valid";
56.         echoRespnse(400, $response);
57.         $app->stop();
58.     }
59. }
60.  
61. /**
62.  * Echoing json response to client
63.  * @param String $status_code Http response code
64.  * @param Int $response Json response
65.  */
66. function echoRespnse($status_code, $response) {
67.     $app = \Slim\Slim::getInstance();
68.     // Http response code
69.     $app->status($status_code);
70.  
71.     // setting response content type to json
72.     $app->contentType("application/json");
73.  
74.     echo json_encode($response);
75. }
76.  
77. /**
78.  * User Registration
79.  * url - /register
80.  * method - POST
81.  * params - name, email, password
82.  */
83. $app->post("/register", function() use ($app) {
84.             // check for required params
85.             verifyRequiredParams(array("name", "email", "password"));
86.  
87.             $response = array();
88.  
89.             // reading post params
90.             $name = $app->request->post("name");
91.             $email = $app->request->post("email");
92.             $password = $app->request->post("password");
93.  
94.             // validating email address
95.             validateEmail($email);
96.  
97.             $db = new DbHandler();
98.             $res = $db->createUser($name, $email, $password);
99.  
100.             if ($res == USER_CREATED_SUCCESSFULLY) {
101.                 $response["error"] = false;
102.                 $response["message"] = "You are successfully registered";
103.                 echoRespnse(201, $response);
104.             } else if ($res == USER_CREATE_FAILED) {
105.                 $response["error"] = true;
106.                 $response["message"] = "Oops! An error occurred while registereing";
107.                 echoRespnse(200, $response);
108.             } else if ($res == USER_ALREADY_EXISTED) {
109.                 $response["error"] = true;
110.                 $response["message"] = "Sorry, this email already existed";
111.                 echoRespnse(200, $response);
112.             }
113.         });
114. /**
115.  * User Login
116.  * url - /login
117.  * method - POST
118.  * params - email, password
119.  */
120. $app->post("/login", function() use ($app) {
121.             // check for required params
122.             verifyRequiredParams(array("email", "password"));
123.  
124.             // reading post params
125.             $email = $app->request()->post("email");
126.             $password = $app->request()->post("password");
127.             $response = array();
128.  
129.             $db = new DbHandler();
130.             // check for correct email and password
131.             if ($db->checkLogin($email, $password)) {
132.                 // get the user by email
133.                 $user = $db->getUserByEmail($email);
134.  
135.                 if ($user != NULL) {
136.                     $response["error"] = false;
137.                     $response["name"] = $user["name"];
138.                     $response["email"] = $user["email"];
139.                     $response["apiKey"] = $user["api_key"];
140.                     $response["createdAt"] = $user["created_at"];
141.                 } else {
142.                     // unknown error occurred
143.                     $response["error"] = true;
144.                     $response["message"] = "An error occurred. Please try again";
145.                 }
146.             } else {
147.                 // user credentials are wrong
148.                 $response["error"] = true;
149.                 $response["message"] = "Login failed. Incorrect credentials";
150.             }
151.  
152.             echoRespnse(200, $response);
153.         });
154. /**
155.  * Adding Middle Layer to authenticate every request
156.  * Checking if the request has valid api key in the "Authorization" header
157.  */
158. function authenticate(\Slim\Route $route) {
159.     // Getting request headers
160.     $headers = apache_request_headers();
161.     $response = array();
162.     $app = \Slim\Slim::getInstance();
163.  
164.     // Verifying Authorization Header
165.     if (isset($headers["Authorization"])) {
166.         $db = new DbHandler();
167.  
168.         // get the api key
169.         $api_key = $headers["Authorization"];
170.         // validating api key
171.         if (!$db->isValidApiKey($api_key)) {
172.             // api key is not present in users table
173.             $response["error"] = true;
174.             $response["message"] = "Access Denied. Invalid Api key";
175.             echoRespnse(401, $response);
176.             $app->stop();
177.         } else {
178.             global $user_id;
179.             // get user primary key id
180.             $user = $db->getUserId($api_key);
181.             if ($user != NULL)
182.                 $user_id = $user["id"];
183.         }
184.     } else {
185.         // api key is missing in header
186.         $response["error"] = true;
187.         $response["message"] = "Api key is misssing";
188.         echoRespnse(400, $response);
189.         $app->stop();
190.     }
191. }
192.  
193. /**
194.  * Creating new task in db
195.  * method POST
196.  * params - name
197.  * url - /tasks/
198.  */
199. $app->post("/tasks", "authenticate", function() use ($app) {
200.             // check for required params
201.             verifyRequiredParams(array("task"));
202.  
203.             $response = array();
204.             $task = $app->request->post("task");
205.  
206.             global $user_id;
207.             $db = new DbHandler();
208.  
209.             // creating new task
210.             $task_id = $db->createTask($user_id, $task);
211.  
212.             if ($task_id != NULL) {
213.                 $response["error"] = false;
214.                 $response["message"] = "Task created successfully";
215.                 $response["task_id"] = $task_id;
216.             } else {
217.                 $response["error"] = true;
218.                 $response["message"] = "Failed to create task. Please try again";
219.             }
220.             echoRespnse(201, $response);
221.         });
222.  
223. /**
224.  * Listing all tasks of particual user
225.  * method GET
226.  * url /tasks          
227.  */
228. $app->get("/tasks", "authenticate", function() {
229.             global $user_id;
230.             $response = array();
231.             $db = new DbHandler();
232.  
233.             // fetching all user tasks
234.             $result = $db->getAllUserTasks($user_id);
235.  
236.             $response["error"] = false;
237.             $response["tasks"] = array();
238.  
239.             // looping through result and preparing tasks array
240.             while ($task = $result->fetch_assoc()) {
241.                 $tmp = array();
242.                 $tmp["id"] = $task["id"];
243.                 $tmp["task"] = $task["task"];
244.                 $tmp["status"] = $task["status"];
245.                 $tmp["createdAt"] = $task["created_at"];
246.                 array_push($response["tasks"], $tmp);
247.             }
248.  
249.             echoRespnse(200, $response);
250.         });
251.  
252. /**
253.  * Listing single task of particual user
254.  * method GET
255.  * url /tasks/:id
256.  * Will return 404 if the task doesn"t belongs to user
257.  */
258. $app->get("/tasks/:id", "authenticate", function($task_id) {
259.             global $user_id;
260.             $response = array();
261.             $db = new DbHandler();
262.  
263.             // fetch task
264.             $result = $db->getTask($task_id, $user_id);
265.  
266.             if ($result != NULL) {
267.                 $response["error"] = false;
268.                 $response["id"] = $result["id"];
269.                 $response["task"] = $result["task"];
270.                 $response["status"] = $result["status"];
271.                 $response["createdAt"] = $result["created_at"];
272.                 echoRespnse(200, $response);
273.             } else {
274.                 $response["error"] = true;
275.                 $response["message"] = "The requested resource doesn"t exists";
276.                echoRespnse(404, $response);
277.            }
278.        });
279.  
280. /**
281. * Updating existing task
282. * method PUT
283. * params task, status
284. * url - /tasks/:id
285. */
286. $app->put("/tasks/:id", "authenticate", function($task_id) use($app) {
287.            // check for required params
288.            verifyRequiredParams(array("task", "status"));
289.  
290.            global $user_id;            
291.            $task = $app->request->put("task");
292.            $status = $app->request->put("status");
293.  
294.            $db = new DbHandler();
295.            $response = array();
296.  
297.            // updating task
298.            $result = $db->updateTask($user_id, $task_id, $task, $status);
299.            if ($result) {
300.                // task updated successfully
301.                $response["error"] = false;
302.                $response["message"] = "Task updated successfully";
303.            } else {
304.                // task failed to update
305.                $response["error"] = true;
306.                $response["message"] = "Task failed to update. Please try again!";
307.            }
308.            echoRespnse(200, $response);
309.        });
310.  
311. /**
312. * Deleting task. Users can delete only their tasks
313. * method DELETE
314. * url /tasks
315. */
316. $app->delete("/tasks/:id", "authenticate", function($task_id) use($app) {
317.            global $user_id;
318.  
319.            $db = new DbHandler();
320.            $response = array();
321.            $result = $db->deleteTask($user_id, $task_id);
322.            if ($result) {
323.                // task deleted successfully
324.                $response["error"] = false;
325.                $response["message"] = "Task deleted succesfully";
326.            } else {
327.                // task failed to delete
328.                $response["error"] = true;
329.                $response["message"] = "Task failed to delete. Please try again!";
330.            }
331.            echoRespnse(200, $response);
332.        });
333.  
334. $app->run();
335.  
336. ?>