Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- use Slim\Http\Request;
- use Slim\Http\Response;
- header("Access-Control-Allow-Origin: *");
- // Routes
- $app->get('/', function (Request $request, Response $response, array $args) {
- // Sample log message
- $this->logger->info("Slim-Skeleton '/' route");
- // Render index view
- return $this->renderer->render($response, 'index.phtml', $args);
- });
- // Get data from MySQLi
- $app->get('/users', function(){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- $query = "SELECT * FROM users ORDER BY id";
- $result = $mysqli->query($query) or die($mysqli->error);
- while($row = $result->fetch_assoc()) {
- $data[] = $row;
- // echo "number of rows: " . $result->num_rows;
- }
- if (isset($data)) {
- header('Content-Type: application/json');
- // echo '{"users": ' . json_encode($data) . '}';
- echo '{"users": ' . json_encode($data, JSON_UNESCAPED_UNICODE) . '}';
- }
- });
- $app->get('/singleUser', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- $userid = $request->getParam('userid');
- // try it!
- try {
- // Might need to add some security to this..
- // make query string
- $sql = "SELECT * FROM users WHERE id =:userid";
- $stmt = $pdo->prepare($sql); // chaining SQL statements..
- $stmt->bindParam("userid", $userid);
- $stmt->execute();
- $userData = $stmt->fetch(PDO::FETCH_OBJ);
- return $response->withJson(['response' => 'success', 'userData' => $userData], 200);
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- }
- });
- $app->get('/singleCustomer', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- $koncern = $request->getParam('koncern');
- // try it!
- try {
- // Might need to add some security to this..
- // make query string
- $sql = "SELECT Kund_id FROM customers WHERE koncern =:koncern";
- $stmt = $pdo->prepare($sql); // chaining SQL statements..
- $stmt->bindParam("koncern", $koncern);
- $stmt->execute();
- $koncernData = $stmt->fetch(PDO::FETCH_OBJ);
- return $response->withJson(['response' => 'success', 'koncernData' => $koncernData], 200);
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- }
- });
- $app->get('/singleInsurance', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- $insuranceid = $request->getParam('insuranceid');
- // try it!
- try {
- // Might need to add some security to this..
- // make query string
- $sql = "SELECT * FROM insurances WHERE id =:insuranceid";
- $stmt = $pdo->prepare($sql); // chaining SQL statements..
- $stmt->bindParam("insuranceid", $insuranceid);
- $stmt->execute();
- $insuranceData = $stmt->fetch(PDO::FETCH_OBJ);
- return $response->withJson(['response' => 'success', 'insuranceData' => $insuranceData], 200);
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- }
- });
- // $data = $request->getParam('paramName');
- //$data = $request->getParams(); // if you want to get all params
- // Get data from MySQL with PDO
- $app->post('/addUser', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- // get username and password
- $username = $request->getParam('username');
- $password = password_hash($request->getParam('password'), PASSWORD_DEFAULT);
- $firstname = $request->getParam('firstname');
- $lastname = $request->getParam('lastname');
- $email = $request->getParam('email');
- $role = $request->getParam('role');
- // try it!
- try {
- // Might need to add some security to this..
- // make query string
- $sql = "INSERT INTO users (username, password, firstname, lastname, email, role) VALUES (?,?,?,?,?,?)";
- $pdo->prepare($sql)->execute([$username, $password, $firstname, $lastname, $email, $role]); // chaining SQL statements..
- return $response->withJson(['response' => 'success', 'message' => 'Added user to database'], 200);
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- }
- });
- $app->post('/editUser', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- // get username and password
- $username = $request->getParam('username');
- $password = password_hash($request->getParam('password'), PASSWORD_DEFAULT);
- $firstname = $request->getParam('firstname');
- $lastname = $request->getParam('lastname');
- $email = $request->getParam('email');
- $userid = $request->getParam('userid');
- $role = $request->getParam('role');
- // try it!
- try {
- // Might need to add some security to this..
- // make query string
- $sql = "UPDATE users SET username = ?, password = ?, firstname = ?, lastname = ?, email = ?, role = ? WHERE id = ?";
- $pdo->prepare($sql)->execute([$username, $password, $firstname, $lastname, $email, $role, $userid]); // chaining SQL statements..
- return $response->withJson(['response' => 'success', 'message' => 'Updated user data'], 200);
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- }
- });
- $app->post('/removeUser', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- // get username and password
- $userid = $request->getParam('userid');
- if($userid == 20) {
- return $response->withJson(['response' => 'failed', 'message' => 'User cannot be removed'], 200);
- }
- // try it!
- try {
- // make query string
- $sql = "DELETE FROM users WHERE id = ?";
- $pdo->prepare($sql)->execute([$userid]); // chaining SQL statements..
- return $response->withJson(['response' => 'success', 'message' => 'User removed'], 200);
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- }
- });
- // Get data from MySQL with PDO
- $app->post('/login', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- // get username and password
- $username = $request->getParam('username');
- $password = $request->getParam('password');
- // try it!
- try {
- // Might need to add some security to this..
- // make query string
- $sql = "SELECT id, firstname, lastname, email, username, password, role FROM users WHERE (username=:username or email=:username)";
- $stmt = $pdo->prepare($sql);
- $stmt->bindParam("username", $username, PDO::PARAM_STR);
- $stmt->execute();
- $mainCount = $stmt->rowCount();
- if($mainCount == 0) {
- return $response->withJson(['response' => 'failed', 'message' => 'Fel användarnamn eller lösenord'], 200);
- }
- $userData = $stmt->fetch(PDO::FETCH_OBJ);
- if(!empty($userData) && password_verify($password, $userData->password)) {
- return $response->withJson(['response' => 'success', 'userData' => $userData], 200);
- }
- else {
- return $response->withJson(['response' => 'failed', 'message' => 'Fel användarnamn eller lösenord'], 200);
- }
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- }
- });
- // Get data from MySQLi
- $app->get('/insurances', function(){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- $query = "SELECT * FROM insurances INNER JOIN customers ON insurances.Kund_id=customers.Kund_id ORDER BY Koncern";
- $result = $mysqli->query($query) or die($mysqli->error);
- while($row = $result->fetch_assoc()) {
- $data[] = $row;
- }
- if (isset($data)) {
- header('Content-Type: application/json');
- echo '{"insurances": ' . json_encode($data, JSON_UNESCAPED_UNICODE) . '}';
- }
- });
- // Get data from MySQLi
- $app->get('/customers', function(){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- $query = "SELECT * FROM customers ORDER BY Koncern";
- $result = $mysqli->query($query) or die($mysqli->error);
- while($row = $result->fetch_assoc()) {
- $data[] = $row;
- }
- if (isset($data)) {
- header('Content-Type: application/json');
- echo '{"customers": ' . json_encode($data, JSON_UNESCAPED_UNICODE) . '}';
- }
- });
- // Get data from MySQL with PDO
- $app->get('/getcustomersdata', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- try {
- $sql = "SELECT * FROM customers GROUP BY Koncern";
- $stmt = $pdo->prepare($sql);
- $stmt->execute();
- $mainCount = $stmt->rowCount();
- if($mainCount == 0) {
- return $response->withJson(['response' => 'failed', 'message' => 'Ingen datas'], 200);
- }
- $customersData = $stmt->fetchAll(PDO::FETCH_OBJ);
- if(!empty($customersData)) {
- return $response->withJson(['response' => 'success', 'customersData' => $customersData], 200);
- }
- else {
- return $response->withJson(['response' => 'failed', 'message' => 'Ingen data'], 200);
- }
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- }
- });
- // Get data from MySQLi
- $app->get('/responsible', function(){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- $query = "SELECT Kundansvarig FROM insurances GROUP BY Kundansvarig";
- $result = $mysqli->query($query) or die($mysqli->error);
- while($row = $result->fetch_assoc()) {
- $data[] = $row;
- // echo "number of rows: " . $result->num_rows;
- }
- if (isset($data)) {
- header('Content-Type: application/json');
- // echo json_encode($data);
- echo '{"responsible": ' . json_encode($data, JSON_UNESCAPED_UNICODE) . '}';
- }
- });
- // Get data from MySQL with PDO
- $app->post('/addInsurance', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- // get username and password
- $kundid = $request->getParam('Kund_id');
- $uppdrutg = $request->getParam('Uppdragsavtalets_utgang');
- $ovriginfo = $request->getParam('Ovrig_information');
- $arvode = $request->getParam('Arvode');
- $rorligt = $request->getParam('Rorligt');
- $arvodefakt = $request->getParam('Arvode_fakurerat');
- $forsakrform = $request->getParam('Forsakringsform');
- $projektforsakring = $request->getParam('Projektforsakring');
- $forsakrnr = $request->getParam('Forsakringsnr');
- $fornydatum = $request->getParam('Fornyelse');
- $forsakrb = $request->getParam('Forsakringsbolag');
- $premiekr = $request->getParam('Premie_kr');
- $provpr = $request->getParam('Provision_procent');
- $provkr = $request->getParam('Provision_kr');
- $sarskildfaktrutin = $request->getParam('Sarskild_faktura_rutin');
- $aps1 = $request->getParam('ARBETSPROCESS_STEG_1');
- $aps2a = $request->getParam('ARBETSPROCESS_STEG_2_A_FORNYELSE');
- $aps2b = $request->getParam('ARBETSPROCESS_STEG_2_B_UPPHANDLING');
- $aps3 = $request->getParam('ARBETSPROCESS_STEG_3_PLACERING');
- $aps4 = $request->getParam('ARBETSPROCESS_STEG_4_ANDRING');
- $arkiverad = $request->getParam('Arkiverad');
- // try it!
- try {
- // Might need to add some security to this..
- // make query string
- $sql = "INSERT INTO insurances (Kund_id,
- Uppdragsavtalets_utgang,
- Ovrig_information,
- Arvode,
- Rorligt,
- Arvode_fakurerat,
- Forsakringsform,
- Projektforsakring,
- Forsakringsnr,
- Fornyelse,
- Forsakringsbolag,
- Premie_kr,
- Provision_procent,
- Provision_kr,
- Sarskild_faktura_rutin,
- ARBETSPROCESS_STEG_1,
- ARBETSPROCESS_STEG_2_A_FORNYELSE,
- ARBETSPROCESS_STEG_2_B_UPPHANDLING,
- ARBETSPROCESS_STEG_3_PLACERING,
- ARBETSPROCESS_STEG_4_ANDRING,
- Arkiverad) VALUES (?, ?, ?, ?, ?,
- ?, ?, ?, ?, ?,
- ?, ?, ?, ?, ?,
- ?, ?, ?, ?, ?,
- ?)";
- $pdo->prepare($sql)->execute([$kundid,
- $uppdrutg,
- $ovriginfo,
- $arvode,
- $rorligt,
- $arvodefakt,
- $forsakrform,
- $projektforsakring,
- $forsakrnr,
- $fornydatum,
- $forsakrb,
- $premiekr,
- $provpr,
- $provkr,
- $sarskildfaktrutin,
- $aps1,
- $aps2a,
- $aps2b,
- $aps3,
- $aps4,
- $arkiverad]); // chaining SQL statements..
- return $response->withJson(['response' => 'success', 'message' => 'Added insurance to database'], 200);
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- }
- });
- $app->post('/addCustomer', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- $kundid = uniqid();
- $orgnr = $request->getParam('Organisationsnummer');
- $koncern = $request->getParam('Koncern');
- $orgdottrb = $request->getParam('Organisationsnummer_Dotterbolag');
- $dottrb = $request->getParam('Dotterbolag');
- $kundansv = $request->getParam('Kundansvarig');
- // try it!
- try {
- // Might need to add some security to this..
- // make query string
- $sql = "INSERT INTO customers (Organisationsnummer,
- Kund_id,
- Koncern,
- Organisationsnummer_Dotterbolag,
- Dotterbolag,
- Kundansvarig) VALUES (?, ?, ?, ?, ?, ?)";
- $pdo->prepare($sql)->execute([$orgnr,
- $kundid,
- $koncern,
- $orgdottrb,
- $dottrb,
- $kundansv]);
- return $response->withJson(['response' => 'success', 'message' => 'Added insurance to database'], 200);
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- }
- });
- $app->post('/editInsurance', function(Request $request, Response $response){
- require_once(__DIR__ . '/dbstore/dbconnect.php');
- // get username and password
- $id = $request->getParam('insuranceid');
- $orgnr = $request->getParam('Organisationsnummer');
- $koncern = $request->getParam('Koncern');
- $dottrb = $request->getParam('Dotterbolag');
- $orgdottrb = $request->getParam('Organisationsnummer_Dotterbolag');
- $uppdrutg = $request->getParam('Uppdragsavtalets_utgang');
- $ovriginfo = $request->getParam('Ovrig_information');
- $arvode = $request->getParam('Arvode');
- $rorligt = $request->getParam('Rorligt');
- $arvodefakt = $request->getParam('Arvode_fakurerat');
- $kundansv = $request->getParam('Kundansvarig');
- $forsakrform = $request->getParam('Forsakringsform');
- $projektforsakring = $request->getParam('Projektforsakring');
- $forsakrnr = $request->getParam('Forsakringsnr');
- $fornydatum = $request->getParam('Fornyelse');
- $forsakrb = $request->getParam('Forsakringsbolag');
- $premiekr = $request->getParam('Premie_kr');
- $provpr = $request->getParam('Provision_procent');
- $provkr = $request->getParam('Provision_kr');
- $sarskildfaktrutin = $request->getParam('Sarskild_faktura_rutin');
- $aps1 = $request->getParam('ARBETSPROCESS_STEG_1');
- $aps2a = $request->getParam('ARBETSPROCESS_STEG_2_A_FORNYELSE');
- $aps2b = $request->getParam('ARBETSPROCESS_STEG_2_B_UPPHANDLING');
- $aps3 = $request->getParam('ARBETSPROCESS_STEG_3_PLACERING');
- $aps4 = $request->getParam('ARBETSPROCESS_STEG_4_ANDRING');
- $arkiverad = $request->getParam('Arkiverad');
- // try it!
- try {
- // Might need to add some security to this..
- // make query string
- $sql = "UPDATE insurances SET Organisationsnummer = ?,
- Koncern = ?,
- Organisationsnummer_Dotterbolag = ?,
- Dotterbolag = ?,
- Uppdragsavtalets_utgang = ?,
- Ovrig_information = ?,
- Arvode = ?,
- Rorligt = ?,
- Arvode_fakurerat = ?,
- Kundansvarig = ?,
- Forsakringsform = ?,
- Projektforsakring = ?,
- Forsakringsnr = ?,
- Fornyelse = ?,
- Forsakringsbolag = ?,
- Premie_kr = ?,
- Provision_procent = ?,
- Provision_kr = ?,
- Sarskild_faktura_rutin = ?,
- ARBETSPROCESS_STEG_1 = ?,
- ARBETSPROCESS_STEG_2_A_FORNYELSE = ?,
- ARBETSPROCESS_STEG_2_B_UPPHANDLING = ?,
- ARBETSPROCESS_STEG_3_PLACERING = ?,
- ARBETSPROCESS_STEG_4_ANDRING = ?,
- Arkiverad = ? WHERE id = ?";
- $pdo->prepare($sql)->execute([$orgnr,
- $koncern,
- $dottrb,
- $orgdottrb,
- $uppdrutg,
- $ovriginfo,
- $arvode,
- $rorligt,
- $arvodefakt,
- $kundansv,
- $forsakrform,
- $projektforsakring,
- $forsakrnr,
- $fornydatum,
- $forsakrb,
- $premiekr,
- $provpr,
- $provkr,
- $sarskildfaktrutin,
- $aps1,
- $aps2a,
- $aps2b,
- $aps3,
- $aps4,
- $arkiverad,
- $id]); // chaining SQL statements..
- return $response->withJson(['response' => 'success', 'message' => 'Updated insurance to database'], 200);
- }
- // did we get any errors?
- catch (PDOException $e) {
- return $response->withJson(['response' => 'failed', 'message' => $e->getMessage()], 200);
- }
- });
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement