Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
No results found
Show changes
<?php
ob_start();
require_once(__DIR__ . '/../Models/Subscription.php');
class SubscriptionController {
private $subscriptionModel;
public function __construct() {
$this->subscriptionModel = new SubscriptionModel();
}
public function createSubscription($creator_id, $subscriber_id, $creator_name) {
return $this->subscriptionModel->createSubscription($creator_id, $subscriber_id, $creator_name);
}
public function getSubscription($subscriber_id) {
return $this->subscriptionModel->getSubscription($subscriber_id);
}
public function updateSubscription($creator_id, $subscriber_id, $status) {
return $this->subscriptionModel->updateSubscription($creator_id, $subscriber_id, $status);
}
}
?>
\ No newline at end of file
......@@ -8,7 +8,7 @@ class TicketController {
private $ticketModel;
public function __construct() {
$this->ticketModel = new TicketModel();
$this->ticketModel = new \Server\Models\TicketModel();
}
public function createTicket($name, $eventId) {
......
<?php
// app/controllers/userController.php
ob_start();
require_once(__DIR__ . '/../Models/User.php');
namespace Server\Controllers;
include (__DIR__.'/../Models/User.php');
class UserController {
private $userModel;
public function __construct() {
$this->userModel = new UserModel();
$this->userModel = new \Server\Models\UserModel();
}
public function createUser($name, $username, $email, $hashedPass, $isAdmin) {
......@@ -32,8 +33,15 @@ class UserController {
}
public function registerUser($name, $username, $email, $password, $isAdmin) {
return $this->createUser($name, $username, $email, password_hash($password,PASSWORD_DEFAULT), $isAdmin);
$hashedPassword = password_hash($password, PASSWORD_DEFAULT);
if ($hashedPassword === false) {
return ['success' => false, 'message' => 'Password hashing failed'];
}
return $this->createUser($name, $username, $email, $hashedPassword, $isAdmin);
}
public function loginByEmail($email,$password) {
$user = $this->userModel->getUserByEmail($email);
......@@ -45,18 +53,6 @@ class UserController {
return "wrong credentials";
}
}
public function loginByUsername($username,$password) {
$user = $this->userModel->getUserByUsername($username);
if ($user !== false && password_verify($password, $user['user_hashedPass'])) {
session_start();
$_SESSION["user_id"] = $user['user_ID'];
return "success";
} else {
session_start();
return "wrong credentials";
}
}
public function logout() {
session_start();
......@@ -72,6 +68,90 @@ class UserController {
public function editProfile($user_id, $name, $username, $email) {
return $this->userModel->editProfile($user_id, $name, $username, $email);
}
public function loginview() {
if (session_status() == PHP_SESSION_NONE) {
// If a session is not already started, start a new one
session_start();
}
// Check if the user is already logged in, redirect to home if true
if (isset($_SESSION['user_id'])) {
header("Location: /home");
ob_end_flush();
exit();
}
include (__DIR__.'/../../Client/pages/login/login.php');
}
public function login() {
// Check if the required parameters are set in the POST request
if (isset($_POST['loginIdentifier']) && isset($_POST['loginPassword'])) {
$emailOrUsername = $_POST['loginIdentifier'];
$password = $_POST['loginPassword'];
if (filter_var($emailOrUsername, FILTER_VALIDATE_EMAIL)) {
$user = $this->userModel->getUserByEmail($emailOrUsername);
} else {
$user = $this->userModel->getUserByUsername($emailOrUsername);
}
if ($user !== false) {
if (password_verify($password, $user['user_hashedpass'])) {
session_start();
$_SESSION["user_id"] = $user['user_id'];
header("Location: /home");
ob_end_flush();
exit();
} else {
session_start();
$_SESSION['message'] = "Wrong Password";
header("Location: /login");
ob_end_flush();
exit();
}
} else {
session_start();
$_SESSION['message'] = "Wrong credentials";
header("Location: /login");
ob_end_flush();
exit();
}
} else {
// Handle missing parameters
session_start();
$_SESSION['message'] = "Missing login parameters";
header("Location: /login");
ob_end_flush();
exit();
}
}
public function registerview() {
include (__DIR__."/../../Client/pages/login/register.php");
}
public function register() {
$userName = $_POST['userName'];
$userUsername = $_POST['userUsername'];
$userEmail = $_POST['userEmail'];
$userPassword = $_POST['userPassword'];
$isAdmin = isset($_POST['isAdmin']) ? 1 : 0;
$response = $this->registerUser($userName,$userUsername,$userEmail,$userPassword,$isAdmin);
$success = $response['success'];
if($success){
session_start();
$_SESSION['message'] = "You have successfully registered. Please log in";
header("Location:login");
ob_end_flush();
} else {
session_start();
$_SESSION['error_message'] = $response['message'];
header("Location:register");
ob_end_flush();
}
}
public function handleRequest() {
if (isset($_POST['userAction'])) {
......
<?php
require_once(__DIR__ . '/../../db/connect.php');
require_once(__DIR__ . '/../util.php');
namespace Server\Models;
class EventModel {
use PDO;
public function createEvent($event_name, $stock, $event_price, $event_date, $event_location, $gambar, $vid) {
global $db;
class EventModel extends Model {
public function createEvent($event_name, $stock, $event_price, $event_date, $event_location, $gambar, $vid) {
$success = true;
if ($gambar !== null && isset($gambar['name']) && isset($gambar['tmp_name'])) {
$imageFilePath = '../assets/images/' . $gambar['name'];
// Move the uploaded file to the desired directory
if (move_uploaded_file($gambar['tmp_name'], $imageFilePath)) {
echo "File uploaded successfully";
} else {
......@@ -26,8 +25,7 @@ class EventModel {
if ($vid !== null && isset($vid['name']) && isset($vid['tmp_name'])) {
$vidFilePath = '../assets/videos/' . $vid['name'];
// Move the uploaded file to the desired directory
if (move_uploaded_file($vid['tmp_name'], $vidFilePath)) {
echo "File uploaded successfully";
} else {
......@@ -43,9 +41,9 @@ class EventModel {
$success = false;
return $success;
}
$stmt = $db->prepare("INSERT INTO events (event_name, event_stock, event_price, event_date, event_location, gambar, vid) VALUES (?, ?, ?, ?, ?, ?, ?)");
$stmt = $this->database->prepare("INSERT INTO events (event_name, event_stock, event_price, event_date, event_location, gambar, vid) VALUES (?, ?, ?, ?, ?, ?, ?)");
if ($stmt->execute([$event_name, $stock, $event_price, $event_date, $event_location, $imageFilePath, $vidFilePath])) {
echo "Event created successfully";
return $success;
......@@ -55,162 +53,124 @@ class EventModel {
return $success;
}
}
public function updateEvent($event_id, $event_name, $event_price, $event_date, $event_location, $gambar, $vid) {
global $db;
$db->setAttribute(PDO::ATTR_AUTOCOMMIT, 1);
echo "Updating Event with ID: $event_id, Name: $event_name, Price: $event_price, Date: $event_date, Location: $event_location";
$sql = "UPDATE events SET event_name = ?, event_price = ?, event_date = ?, event_location = ?";
if ($gambar !== null && isset($gambar['name']) && isset($gambar['tmp_name'])) {
$imageFilePath = '../assets/images/' . $gambar['name'];
// Move the uploaded file to the desired directory
if (move_uploaded_file($gambar['tmp_name'], $imageFilePath)) {
echo "File uploaded successfully<br>";
} else {
echo "Error moving file to destination<br>";
$imageFilePath = null; // Set to null if there's an error
}
} else {
echo "No image uploaded<br>";
$imageFilePath = null; // Set to null if no file is uploaded
$sql .= ", gambar = ?";
}
if ($vid !== null && isset($vid['name']) && isset($vid['tmp_name'])) {
$vidFilePath = '../assets/videos/' . $vid['name'];
// Move the uploaded file to the desired directory
if (move_uploaded_file($vid['tmp_name'], $vidFilePath)) {
echo "File uploaded successfully<br>";
} else {
echo "Error moving file to destination<br>";
$vidFilePath = null; // Set to null if there's an error
}
} else {
echo "No video uploaded<br>";
$vidFilePath = null; // Set to null if no file is uploaded
$sql .= ", vid = ?";
}
// chek wheter image or video is null or not
if ($imageFilePath === null && $vidFilePath === null) {
$sql = "UPDATE events SET event_name = '$event_name', event_price = '$event_price', event_date = '$event_date', event_location = '$event_location' WHERE event_id = $event_id";
} elseif ($imageFilePath === null) {
$sql = "UPDATE events SET event_name = '$event_name', event_price = '$event_price', event_date = '$event_date', event_location = '$event_location', vid = '$vidFilePath' WHERE event_id = $event_id";
} elseif ($vidFilePath === null) {
$sql = "UPDATE events SET event_name = '$event_name', event_price = '$event_price', event_date = '$event_date', event_location = '$event_location', gambar = '$imageFilePath' WHERE event_id = $event_id";
} else {
$sql = "UPDATE events SET event_name = '$event_name', event_price = '$event_price', event_date = '$event_date', event_location = '$event_location', gambar = '$imageFilePath', vid = '$vidFilePath' WHERE event_id = $event_id";
$sql .= " WHERE event_id = ?";
$stmt = $this->database->prepare($sql);
$params = [$event_name, $event_price, $event_date, $event_location];
if ($imageFilePath !== null) {
$params[] = $imageFilePath;
}
$rowCount = $db->exec($sql);
if ($vidFilePath !== null) {
$params[] = $vidFilePath;
}
$params[] = $event_id;
$rowCount = $stmt->execute($params);
if ($rowCount !== false) {
echo "Event updated successfully. Rows affected: $rowCount";
} else {
echo "Error updating event: " . print_r($db->errorInfo(), true);
echo "Error updating event: " . print_r($stmt->errorInfo(), true);
}
return "Event updated successfully";
}
public function deleteEvent($eventId) {
global $db;
try {
// Delete associated pembelian records
$stmtPembelian = $db->prepare("DELETE FROM pembelian WHERE ticket_id IN (SELECT ticket_id FROM tickets WHERE event_id = ?)");
$stmtPembelian->execute([$eventId]);
// Delete associated tickets
$stmtTickets = $db->prepare("DELETE FROM tickets WHERE event_id = ?");
$stmtTickets->execute([$eventId]);
// Delete the event
$stmtEvent = $db->prepare("DELETE FROM events WHERE event_id = ?");
// Delete associated records or perform necessary cleanup
$stmtEvent = $this->database->prepare("DELETE FROM events WHERE event_id = ?");
$stmtEvent->execute([$eventId]);
echo "Event, associated tickets, and pembelian records deleted successfully<br>";
return "Event, associated tickets, and pembelian records deleted successfully";
echo "Event deleted successfully<br>";
return "Event deleted successfully";
} catch (PDOException $e) {
echo "Error: " . $e->getMessage() . "<br>";
return "Error: " . $e->getMessage();
}
}
public function getAllEvents() {
global $db;
$stmt = $db->prepare("SELECT * FROM events");
$stmt = $this->database->prepare("SELECT * FROM events");
$stmt->execute();
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
public function getEvent($eventId) {
global $db;
$stmt = $db->prepare("SELECT * FROM events WHERE event_id = ?");
$stmt = $this->database->prepare("SELECT * FROM events WHERE event_id = ?");
$stmt->execute([$eventId]);
return $stmt->fetch(PDO::FETCH_ASSOC);
}
public function getLastEventId() {
global $db;
$stmt = $db->prepare("SELECT event_id FROM events ORDER BY event_id DESC LIMIT 1");
$stmt = $this->database->prepare("SELECT event_id FROM events ORDER BY event_id DESC LIMIT 1");
$stmt->execute();
return $stmt->fetch(PDO::FETCH_ASSOC)['event_id'];
}
public function searchEvents($searchQuery, $sortKey, $minStock) {
global $db;
try {
$sql = "SELECT * FROM events WHERE 1"; // Start with a true condition
// Add search condition
if (!empty($searchQuery)) {
$sql .= " AND (LOWER(event_name) LIKE CONCAT('%', :query, '%') OR LOWER(event_location) LIKE CONCAT('%', :query, '%'))";
}
// Add filter condition
if ($minStock !== null) {
$sql .= " AND event_stock >= :minStock";
}
// Add sort condition
if ($sortKey === 'name') {
$sql .= " ORDER BY event_name ASC";
} elseif ($sortKey === 'location') {
$sql .= " ORDER BY event_location ASC";
}
$stmt = $db->prepare($sql);
// Bind search query parameter
if (!empty($searchQuery)) {
$lowerSearchQuery = strtolower("%" . $searchQuery . "%");
$stmt->bindParam(':query', $lowerSearchQuery, PDO::PARAM_STR);
if ($minStock == null) {
$minStock = 0;
}
// Bind filter parameter
if ($minStock !== null) {
$stmt->bindParam(':minStock', $minStock, PDO::PARAM_INT);
$stmt = "SELECT * FROM events
WHERE (LOWER(event_name) LIKE LOWER(?) OR LOWER(event_location) LIKE LOWER(?))
AND event_stock >= ?";
if (!empty($sortKey)) {
$stmt .= " ORDER BY ";
if ($sortKey === 'name') {
$stmt .= "event_name ASC";
} elseif ($sortKey === 'location') {
$stmt .= "event_location ASC";
}
}
$stmt->execute();
return $stmt->fetchAll(PDO::FETCH_ASSOC);
$query = $this->database->prepare($stmt);
$query->execute(array('%'.$searchQuery.'%', '%'.$searchQuery.'%', $minStock));
return $query->fetchAll(PDO::FETCH_ASSOC);
} catch (PDOException $e) {
throw new Exception("Error searching events: " . $e->getMessage());
}
}
}
?>
<?php
namespace Server\Models;
use PDO;
class Model {
protected $database;
public function __construct()
{
$dsn = "pgsql:host=ticketku-php-db;port=5433;dbname=ticketku;";
$user = "postgres";
$password = "postgres";
try {
$this->database = new PDO($dsn, $user, $password, [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]);
} catch (\PDOException $e) {
die($e->getMessage());
}
}
}
<?php
// app/models/Pembelian.php
require_once(__DIR__ . '/../../db/connect.php');
require_once(__DIR__ . '/../util.php');
namespace Server\Models;
class PembelianModel {
use PDO;
class PembelianModel extends Model {
public function createPembelian($ticketId, $userId, $createdTime) {
global $db;
$stmt = $this->database->prepare("INSERT INTO pembelian (ticket_id, user_id, pembelian_created_time) VALUES (?, ?, ?)");
$stmt = $db->prepare("INSERT INTO pembelian (ticket_id, user_id, pembelian_created_time) VALUES (?, ?, ?)");
if ($stmt->execute([$ticketId, $userId, $createdTime])) {
$stmt = $db->prepare("SELECT event_id FROM tickets WHERE ticket_id = ?");
$stmt = $this->database->prepare("SELECT event_id FROM tickets WHERE ticket_id = ?");
$stmt->execute([$ticketId]);
$result = $stmt->fetch(PDO::FETCH_ASSOC);
......@@ -18,58 +17,48 @@ class PembelianModel {
$eventId = $result['event_id'];
// Decrement the event's stock by 1
$stmt = $db->prepare("UPDATE events SET event_stock = event_stock - 1 WHERE event_id = ?");
$stmt = $this->database->prepare("UPDATE events SET event_stock = event_stock - 1 WHERE event_id = ?");
return $stmt->execute([$eventId]);
}
}
}
public function getPembelian($pembelianId) {
global $db;
$stmt = $db->prepare("SELECT * FROM pembelian WHERE pembelian_id = ?");
$stmt = $this->database->prepare("SELECT * FROM pembelian WHERE pembelian_id = ?");
$stmt->execute([$pembelianId]);
return $stmt->fetch(PDO::FETCH_ASSOC);
}
public function updatePembelian($pembelianId, $ticketId, $userId, $createdTime) {
global $db;
$stmt = $db->prepare("UPDATE pembelian SET ticket_id = ?, user_id = ?, pembelian_created_time = ? WHERE pembelian_id = ?");
$stmt = $this->database->prepare("UPDATE pembelian SET ticket_id = ?, user_id = ?, pembelian_created_time = ? WHERE pembelian_id = ?");
$stmt->execute([$ticketId, $userId, $createdTime, $pembelianId]);
return "Pembelian updated successfully";
}
public function deletePembelian($pembelianId) {
global $db;
$stmt = $db->prepare("DELETE FROM pembelian WHERE pembelian_id = ?");
$stmt = $this->database->prepare("DELETE FROM pembelian WHERE pembelian_id = ?");
$stmt->execute([$pembelianId]);
return "Pembelian deleted successfully";
}
public function getAllPembelian(){
global $db;
$stmt = $db->prepare("SELECT * FROM pembelian");
public function getAllPembelian() {
$stmt = $this->database->prepare("SELECT * FROM pembelian");
$stmt->execute();
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
public function getAllPembelianWithDetails(){
global $db;
$stmt = $db->prepare("SELECT * FROM pembelian JOIN tickets ON pembelian.ticket_id = tickets.ticket_id JOIN events ON tickets.event_id = events.event_id ORDER BY pembelian_created_time DESC");
public function getAllPembelianWithDetails() {
$stmt = $this->database->prepare("SELECT * FROM pembelian JOIN tickets ON pembelian.ticket_id = tickets.ticket_id JOIN events ON tickets.event_id = events.event_id ORDER BY pembelian_created_time DESC");
$stmt->execute();
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
public function getPembelianByUserId($userId){
global $db;
$stmt = $db->prepare("SELECT * FROM pembelian JOIN tickets ON pembelian.ticket_id = tickets.ticket_id JOIN events ON tickets.event_id = events.event_id WHERE user_id = ? ORDER BY pembelian_created_time DESC");
public function getPembelianByUserId($userId) {
$stmt = $this->database->prepare("SELECT * FROM pembelian JOIN tickets ON pembelian.ticket_id = tickets.ticket_id JOIN events ON tickets.event_id = events.event_id WHERE user_id = ? ORDER BY pembelian_created_time DESC");
$stmt->execute([$userId]);
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
}
?>
<?php
require_once(__DIR__ . '/../../db/connect.php');
class SubscriptionModel {
public function createSubscription($creator_id, $subscriber_id, $creator_name) {
global $db;
$stmt = $db->prepare("INSERT INTO subscription (creator_id, subscriber_id, creator_name) VALUES (?, ?, ?)");
if ($stmt->execute([$creator_id, $subscriber_id, $creator_name])) {
return "Subscription created successfully";
}
}
public function getSubscription($subscriber_id) {
global $db;
$stmt = $db->prepare("SELECT * FROM subscription WHERE subscriber_id = ?");
$stmt->execute([$subscriber_id]);
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
public function updateSubscription($creator_id, $subscriber_id, $status) {
global $db;
$stmt = $db->prepare("UPDATE subscription SET status = ? WHERE creator_id = ? AND subscriber_id = ?");
if ($stmt->execute([$status, $creator_id, $subscriber_id])) {
return "Subscription updated successfully";
}
}
}
?>
\ No newline at end of file
<?php
// app/models/Ticket.php
require_once(__DIR__ . '/../../db/connect.php');
namespace Server\Models;
use PDO;
class TicketModel {
class TicketModel extends Model {
public function createTicket($name, $eventId) {
global $db;
$stmt = $db->prepare("INSERT INTO tickets (ticket_name, event_id) VALUES (?, ?)");
$stmt = $this->database->prepare("INSERT INTO tickets (ticket_name, event_id) VALUES (?, ?)");
$stmt->execute([$name, $eventId]);
return "Ticket created successfully";
}
public function getTicket($ticketId) {
global $db;
$stmt = $db->prepare("SELECT * FROM tickets WHERE ticket_id = ?");
$stmt = $this->database->prepare("SELECT * FROM tickets WHERE ticket_id = ?");
$stmt->execute([$ticketId]);
return $stmt->fetch(PDO::FETCH_ASSOC);
}
public function updateTicket($ticketId, $name, $eventId) {
global $db;
$stmt = $db->prepare("UPDATE tickets SET ticket_name = ?, event_id = ? WHERE ticket_id = ?");
$stmt = $this->database->prepare("UPDATE tickets SET ticket_name = ?, event_id = ? WHERE ticket_id = ?");
$stmt->execute([$name, $eventId, $ticketId]);
return "Ticket updated successfully";
}
public function updateTicketByEventId($eventId, $name) {
global $db;
$stmt = $db->prepare("UPDATE tickets SET ticket_name = ? WHERE event_id = ?");
$stmt = $this->database->prepare("UPDATE tickets SET ticket_name = ? WHERE event_id = ?");
$stmt->execute([$name, $eventId]);
return "Ticket updated successfully";
}
public function deleteTicket($ticketId) {
global $db;
$stmt = $db->prepare("DELETE FROM tickets WHERE ticket_id = ?");
$stmt = $this->database->prepare("DELETE FROM tickets WHERE ticket_id = ?");
$stmt->execute([$ticketId]);
return "Ticket deleted successfully";
}
public function getSmallestAvailableTicket($eventId) {
global $db;
$stmt = $db->prepare("
$stmt = $this->database->prepare("
SELECT t.*, e.*
FROM tickets t
JOIN events e ON t.event_id = e.event_id
......@@ -73,4 +61,3 @@ class TicketModel {
return $stmt->fetch(PDO::FETCH_ASSOC);
}
}
?>
<?php
// app/models/User.php
require_once(__DIR__ . '/../../db/connect.php');
namespace Server\Models;
use PDO;
include (__DIR__."/Model.php");
class UserModel {
public function createUser($name, $username, $email, $hashedPass, $isAdmin) {
global $db;
class UserModel extends Model {
public function createUser($name, $username, $email, $hashedPass, $isAdmin) {
$response = [
'success'=> true,
'message'=> ''
];
try {
$stmt = $db->prepare("INSERT INTO users (user_name, username, user_email, user_hashedPass, isAdmin) VALUES (?, ?, ?, ?, ?)");
$stmt = $this->database->prepare("INSERT INTO users (user_name, username, user_email, user_hashedPass, isAdmin) VALUES (?, ?, ?, ?, ?)");
$stmt->execute([$name, $username, $email, $hashedPass, $isAdmin]);
$response['message'] = "User created successfully";
return $response;
......@@ -36,9 +37,7 @@ class UserModel {
// User.php
public function getUser($userId) {
global $db;
$stmt = $db->prepare("SELECT * FROM users WHERE user_ID = ?");
$stmt = $this->database->prepare("SELECT * FROM users WHERE user_ID = ?");
$stmt->execute([$userId]);
if ($stmt) {
......@@ -56,54 +55,41 @@ class UserModel {
}
public function getUserByEmail($email) {
global $db;
$stmt = $db->prepare("SELECT * FROM users WHERE user_email = ?");
$stmt = $this->database->prepare("SELECT * FROM users WHERE user_email = ?");
$stmt->execute([$email]);
return $stmt->fetch(PDO::FETCH_ASSOC);
}
public function getUserByUsername($username){
global $db;
$stmt = $db->prepare("SELECT * FROM users WHERE username = ?");
$stmt = $this->database->prepare("SELECT * FROM users WHERE username = ?");
$stmt->execute([$username]);
return $stmt->fetch(PDO::FETCH_ASSOC);
}
public function updateUser($userId, $name, $username, $email, $hashedPass, $isAdmin) {
global $db;
$stmt = $db->prepare("UPDATE users SET user_name = ?, username = ?, user_email = ?, user_hashedPass = ?, isAdmin = ? WHERE user_ID = ?");
$stmt = $this->database->prepare("UPDATE users SET user_name = ?, username = ?, user_email = ?, user_hashedPass = ?, isAdmin = ? WHERE user_ID = ?");
$stmt->execute([$name, $username, $email, $hashedPass, $isAdmin, $userId]);
return "User updated successfully";
}
public function editProfile($userId, $name, $username, $email) {
global $db;
$stmt = $db->prepare("UPDATE users SET user_name = ?, username = ?, user_email = ? WHERE user_id = ?");
$stmt = $this->database->prepare("UPDATE users SET user_name = ?, username = ?, user_email = ? WHERE user_id = ?");
return $stmt->execute([$name, $username, $email, $userId]);
}
public function deleteUser($userId) {
global $db;
$stmt = $db->prepare("DELETE FROM users WHERE user_ID = ?");
$stmt = $this->database->prepare("DELETE FROM users WHERE user_ID = ?");
$stmt->execute([$userId]);
return "User deleted successfully";
}
public function getAllUsers() {
global $db;
$stmt = $db->query("SELECT * FROM users");
$stmt = $this->database->query("SELECT * FROM users");
return $stmt->fetchAll(PDO::FETCH_ASSOC);
}
}
?>
<?php
namespace Server\Router;
class Router {
private array $handlers;
private const METHOD_GET = 'GET';
private const METHOD_POST = 'POST';
public function get(string $path, $handler): void
{
$this->addHandler(self::METHOD_GET, $path, $handler);
}
public function post(string $path, $handler): void
{
$this->addHandler(self::METHOD_POST, $path, $handler);
}
private function addHandler(string $method, string $path, $handler): void
{
$this->handlers[$method.$path] = [
'path' => $path,
'method' => $method,
'handler' => $handler,
];
}
public function run()
{
$requstUri = parse_url($_SERVER['REQUEST_URI']);
$requestPath = $requstUri['path'];
$method = $_SERVER['REQUEST_METHOD'];
$callback = null;
foreach ($this->handlers as $handler) {
if($handler['path'] === $requestPath && $method === $handler['method']) {
$callback = $handler['handler'];
}
}
if (is_string($callback)) {
$parts = explode('@', $callback);
if (is_array($parts)) {
$className = array_shift($parts);
$method = array_shift($parts);
// Check if the class exists before creating an instance
if (class_exists($className)) {
$handler = new $className;
// Check if the method exists before setting the callback
if (method_exists($handler, $method)) {
$callback = [$handler, $method];
}
}
}
}
if(!$callback) {
include 'Client/pages/Errors/NotFound.php';
return;
}
call_user_func_array($callback, [
array_merge($_GET, $_POST)
]);
}
}
\ No newline at end of file
<?php
declare(strict_types=1);
include (__DIR__."/Router/Router.php");
include (__DIR__."/Controllers/UserController.php");
include (__DIR__."/Controllers/EventController.php");
include (__DIR__."/Controllers/HomeController.php");
$router = new \Server\Router\Router();
function checkLoggedIn(): bool {
if (session_status() == PHP_SESSION_NONE) {
// If a session is not already started, start a new one
session_start();
}
return isset($_SESSION['user_id']);
}
$router->get('/', function() {
header('Location: /home');
exit();
});
// Routes for HomeController
$router->get('/home', [new \Server\Controllers\HomeController(),'home']);
// Routes for UserController
$router->get('/register', [new \Server\Controllers\UserController(), 'registerview']);
$router->post('/register', [new \Server\Controllers\UserController(), 'register']);
$router->post('/register/search-email', [checkLoggedIn(), [new \Server\Controllers\UserController(), 'findEmail']]);
$router->post('/register/search-username', [checkLoggedIn(), [new \Server\Controllers\UserController(), 'findByUsername']]);
$router->get('/login', [new \Server\Controllers\UserController(), 'loginview']);
$router->post('/login', [new \Server\Controllers\UserController(), 'login']);
$router->post('/logout', function() {
// No need to checkLoggedIn() here, as users can access this even if not logged in
if (session_status() == PHP_SESSION_NONE) {
// If a session is not already started, start a new one
session_start();
}
session_destroy();
header('Location: /login');
exit();
});
$router->post('/profile', [checkLoggedIn(), [new \Server\Controllers\UserController(), 'viewProfile']]);
$router->post('/profile/edit', [checkLoggedIn(), [new \Server\Controllers\UserController(), 'editProfile']]);
// Routes for EventsController
// $router->get('/events', [checkLoggedIn(), [new \Server\Controllers\EventController(), 'eventList10view']]);
// $router->post('/events/create', [checkLoggedIn(), [new \Server\Controllers\EventController(), 'createEvent']]);
// $router->post('/events/update', [checkLoggedIn(), [new \Server\Controllers\EventController(), 'updateEvent']]);
// $router->post('/events/delete', [checkLoggedIn(), [new \Server\Controllers\EventController(), 'deleteEvent']]);
// $router->get('/events/search', [checkLoggedIn(), [new \Server\Controllers\EventController(), 'searchview']]);
$router->run();
<?php
declare(strict_types=1);
if (session_status() == PHP_SESSION_NONE) {
// If a session is not already started, start a new one
session_start();
}
include 'Server/web.php';
?>