Currency - endpoint

1. <?php
2.  
3. /*
4.  
5. This file is subject to the terms and conditions defined in
6. file 'LICENSE', which is part of this source code package.
7.  
8. © 2022 OtteIT s.r.o.
9. All Rights Reserved.
10.  
11. Author: Vilem Otte <dev@otte.cz>
12.  
13. */
14.  
15. /**
16.  * Read currency record
17.  *
18.  * @param id Reference, references ID in currency table
19.  *
20.  * @return _ JSON, result (HTTP response code), error (in case of any), currency (either blank array or holding resulting record as JSON)
21.  */
22.  
23. header("Access-Control-Allow-Origin: *");
24. header("Content-Type: application/json; charset=UTF-8");
25. header("Access-Control-Allow-Methods: POST");
26. header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
27.  
28. require_once(__DIR__."/../../db.php");
29. require_once(__DIR__."/../../util.php");
30. require_once(__DIR__."/currency.php");
31. require_once(__DIR__."/../../session/session.php");
32. require_once(__DIR__."/../../auth/auth.php");
33. require_once(__DIR__."/../../permission/permission.php");
34.  
35. // Session set up
36. $auth = new Auth();
37. $session = new Session();
38.  
39. // Payload requirements
40. $data = json_decode(file_get_contents("php://input"));
41.  
42. $payloadError = Util::PayloadCheck($data);
43. if ($payloadError != false)
44. {
45.     http_response_code(200);
46.     echo json_encode(array("result" => 500, "error" => $payloadError));
47.  
48.     exit();
49. }
50.  
51. // Connect to database, attach to session
52. $db = new Database();
53. $session->SetDB($db);
54.  
55. // Require user authentication
56. $auth_id = $session->GetUserID($auth);
57. if ($auth_id != null)
58. {
59.     // Check permission - generic record read can only be performed by admins, users can only see their records
60.     $permission = new Permission($db);
61.     $permissionCheck = $permission->Check($auth_id, "rum", Permission::READ | Permission::WRITE | Permission::WRITE_SELF);
62.  
63.     if ($permissionCheck == true)
64.     {
65.         // Permission check success - read record
66.         $currency = new Rum_Currency($db);
67.        
68.         if ($data->id != null)
69.         {
70.             $currency->id = intval($data->id);
71.         }
72.  
73.         $result = $currency->Read();
74.  
75.         if ($result != null)
76.         {
77.             // Successfully read record
78.             http_response_code(200);
79.             echo json_encode(array("result" => 200, "currency" => $result));
80.         }
81.         else
82.         {
83.             if ($db->GetLastError())
84.             {
85.                 // DB Error during record reading
86.                 http_response_code(200);
87.                 echo json_encode(array("result" => 500, "error" => $db->GetLastError()));
88.             }
89.             else
90.             {
91.                 // Successfully read, but no record matching
92.                 http_response_code(200);
93.                 echo json_encode(array("result" => 200, "currency" => []));
94.             }
95.         }
96.     }
97.     else if ($permissionCheck === false)
98.     {
99.         // Permission check failure
100.         http_response_code(200);
101.         echo json_encode(array("result" => 401, "error" => "Unauthorized: Permission level too low."));
102.     }
103.     else
104.     {
105.         // DB Error during permission check
106.         http_response_code(200);
107.         echo json_encode(array("result" => 500, "error" => $db->GetLastError()));
108.     }
109. }
110. else
111. {
112.     // User unauthorized
113.     http_response_code(200);
114.     echo json_encode(array("result" => 401, "error" => "Unauthorized"));
115. }
116.  
117. // Close database connection
118. $db->Disconnect();
119.  
120. ?>