From c0f17f52e60ed3f450dc79bc7ed2522dc8b9f8cc Mon Sep 17 00:00:00 2001
From: kennypanjaitan_ <13521023@std.stei.itb.ac.id>
Date: Thu, 16 Nov 2023 03:37:18 +0700
Subject: [PATCH] fix(subscribe): handle admin can't subscribe

---
 api/subscribe.php           |  1 +
 api/updateProfile.php       |  2 +-
 app/core/cURL.php           | 20 ++++++++++----------
 app/views/profile/index.php | 12 ++++++++----
 4 files changed, 20 insertions(+), 15 deletions(-)

diff --git a/api/subscribe.php b/api/subscribe.php
index 3889a8f..ff29ee9 100644
--- a/api/subscribe.php
+++ b/api/subscribe.php
@@ -53,6 +53,7 @@ function subscribeAction($user, $apiURL) {
                 echo "<script type='text/javascript'> alert('Email already registered!'); </script>";
                 break;
             default:
+                echo "<script type='text/javascript'> alert('$update[1]'); </script>";
                 break;
         }
     } catch (Exception $e) {
diff --git a/api/updateProfile.php b/api/updateProfile.php
index faf1be5..beacab0 100644
--- a/api/updateProfile.php
+++ b/api/updateProfile.php
@@ -8,7 +8,7 @@ $user = new User;
 $APIURL = 'http://eatsnow-rest:8010/api/user/';
 
 if(isset($_SESSION['email'])) {
-    if ($_SERVER["REQUEST_METHOD"] == "POST" && $_SESSION['role'] == 0) {
+    if ($_SERVER["REQUEST_METHOD"] == "POST") {
         $name = $_POST['name'];
         $email = $_POST['email'];
         $password = $_POST['password'];
diff --git a/app/core/cURL.php b/app/core/cURL.php
index 37f8c63..7dbcefa 100644
--- a/app/core/cURL.php
+++ b/app/core/cURL.php
@@ -15,18 +15,11 @@ function callAPI($method, $url, $data)
     ));
     switch ($method) {
         case "POST":
-            var_dump($data);
-            curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
-            curl_setopt($curl, CURLOPT_HTTPHEADER, array(
-                'Content-Type: application/json',
-            ));
+            curlSetPostFields($data, $curl);
             break;
 
         case "PUT":
-            curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
-            curl_setopt($curl, CURLOPT_HTTPHEADER, array(
-                'Content-Type: application/json',
-            ));
+            curlSetPostFields($data, $curl);
             break;
 
         default:
@@ -48,4 +41,11 @@ function callAPI($method, $url, $data)
     return [$result, $response_code];
 }
 
-?>
\ No newline at end of file
+function curlSetPostFields($postData, $curl) {
+    curl_setopt($curl, CURLOPT_POSTFIELDS, $postData);
+    curl_setopt($curl, CURLOPT_HTTPHEADER, array(
+        'Content-Type: application/json',
+    ));
+}
+
+?>
diff --git a/app/views/profile/index.php b/app/views/profile/index.php
index c7552ab..2760fd4 100644
--- a/app/views/profile/index.php
+++ b/app/views/profile/index.php
@@ -61,10 +61,14 @@ $page = "Profile";
                 </div>
             </form>
         </div>
-        <form class="subs-form" action="/api/subscribe.php" method="POST">
-            <input class="subs" type="submit" name="subs" 
-                value=<?php $_SESSION['subs'] == 1 ? print "Unsubscribe" : print "Subscribe"?> href="">
-        </form>
+        <?php if ($_SESSION['role'] == 0) { ?>
+            <form class="subs-form" action="/api/subscribe.php" method="POST">
+                <input 
+                    class="subs" type="submit" name="subs" href=""
+                    value=<?php echo $_SESSION['subs'] == 0 ? "Subscribe" : "Unsubscribe";?>
+                >
+            </form>
+        <?php } ?>
     </section>
 <script>
 document.addEventListener("DOMContentLoaded", function() {
-- 
GitLab