merge core/app.php

d8d1dbf5 · mrsyaban · d67615a2 · 3ed880b4 · d8d1dbf5 · d8d1dbf5
Commit d8d1dbf5 authored 1 year ago by mrsyaban
--- a/src/app/components/app/app_page.php
+++ b/src/app/components/app/app_page.php
@@ -17,8 +17,10 @@
    <link rel="stylesheet" type="text/css" href="<?= BASE_URL ?>/styles/dashboard/pages/episode.css">
    <link rel="stylesheet" type="text/css" href="<?= BASE_URL ?>/styles/dashboard/components/button.css">
    <!-- JavaScript Library -->
+    <script type="module" src="<?= BASE_URL ?>/javascript/toast.mjs" defer></script>
    <script type="text/javascript" src="<?= BASE_URL ?>/javascript/player.js" defer></script>
    <script type="text/javascript" src="<?= BASE_URL ?>/javascript/util/debounce.js" defer></script>
+    <script type="text/javascript" src="<?= BASE_URL ?>/javascript/profile/profile.js" defer></script>
    <script type="module" src="<?= BASE_URL ?>/javascript/dashboard/layout.mjs" defer></script>
    <script type="module" src="<?= BASE_URL ?>/javascript/app/app.js" defer></script>
    <!-- Google Fonts -->

--- a/src/app/components/common/profile.php
+++ b/src/app/components/common/profile.php
@@ -18,19 +18,17 @@
                    <img class="profpic-edit" src="<?= STORAGE_URL . $this->data["url_profpic"] ?>" alt="image">
                    <div class="edit-info">
                        <div class="sh5">Nama</div>
-                        <input type="text">
+                        <input type="text" value="<?=$this->data["name"] ?>" id="name-form">
                        <div class="sh5">Username</div>
-                        <input type="text">
+                        <input type="text"value="<?=$this->data["username"]?>" id="username-form">
-                        <div class="sh5">Password</div>
-                        <input type="text">
                    </div>
                </div>
-                <button class="sh4">Submit</button>
+                <button class="sh3" id="submit-profile">Save</button>
+                <p id="save-profile-alert"></p>
            </div>
        </div>
    <?php endif; ?>
 </section>
-<script type="text/javascript" src="<?= BASE_URL ?>/javascript/profile/profile.js" defer></script>
 <script>
    const logoutBtn = document.getElementById("logout");
    logoutBtn.addEventListener("click", (e) => {

--- a/src/app/controllers/login/post_login.php
+++ b/src/app/controllers/login/post_login.php
@@ -23,7 +23,7 @@ class PostLoginController
                } else {
                    if (password_verify($password, $user['password'])) {
                        $_SESSION["start"] = time();
-                        $_SESSION["expire"] = time() + 60 * 1000;
+                        $_SESSION["expire"] = time() + 60 * 600;
                        $_SESSION["user_id"] = $user['id_user'];
                        if ($username == "premium") {

--- a/src/app/controllers/profile/get_profile.php
+++ b/src/app/controllers/profile/get_profile.php
@@ -4,37 +4,35 @@ class getProfileController
 {
  public function call()
  {
-    require_once __DIR__ . "/../../views/login/login.php";
    session_start();
-    // print_r($_SESSION);
-    // if (isset($_SESSION['user_id'])) {
+    if (isset($_SERVER["HTTP_API_KEY"])) {
-      $user_id = "4";
+      if ($_SERVER["HTTP_API_KEY"] != $_ENV["API_KEY"]) {
-      // if (isset($_GET["user_id"])) {
+        http_response_code(403);
-      //   $user_id = $_GET["user_id"];
+        session_destroy();
-      // } 
+        return;
+      }
+    }
-      $userModel = new UserModel();
+    $user_id = "";
-      $profile = $userModel->getUserInfo(4);
+    if (isset($_GET["user_id"])) {
+      $user_id = $_GET["user_id"];
-      $data = [
+    } 
-        "name" => $profile->name,
-        "username" => $profile->username,
-        "url_profpic" => $profile->url_profpic,
-        "is_admin" => $profile->is_admin,
-      ];
-      header("Access-Control-Allow-Origin: http://localhost:3000");
-      header("Access-Control-Allow-Credentials: true");
-      header("Max-Age: 86400");
-      header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
-      // header("Access-Control-Allow-Headers: $_SERVER[HTTP_ACCESS_CONTROL_REQUEST_HEADERS]");
-      echo json_encode($data);
-    // } else {
-    //   session_destroy();
-    //   http_response_code(403);
+    $userModel = new UserModel();
-    //   header("Location: " . BASE_URL . "/login");
+    $profile = $userModel->getUserInfo(4);
-    //   return;
+    $data = [
-    // }
+      "name" => $profile->name,
+      "username" => $profile->username,
+      "url_profpic" => $profile->url_profpic,
+    ];
+    header("Access-Control-Allow-Origin: *");
+    header("Access-Control-Allow-Credentials: true");
+    header("Max-Age: 86400");
+    header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
+    // header("Access-Control-Allow-Headers: $_SERVER[HTTP_ACCESS_CONTROL_REQUEST_HEADERS]");
+    http_response_code(200);
+    echo json_encode($data);
  }
 }
\ No newline at end of file
--- a/src/app/controllers/profile/update_profile.php
+++ b/src/app/controllers/profile/update_profile.php
+<?php
+class UpdateProfileController
+{
+    public function call()
+    {
+        if (isset($_SERVER["HTTP_API_KEY"])) {
+            if ($_SERVER["HTTP_API_KEY"] != $_ENV["REST_PHP_KEY"]) {
+                http_response_code(403);
+                echo json_encode(["message" => "Invalid API key"]);
+                return;
+            }
+        }
+        header("Access-Control-Allow-Origin: *");
+        header("Access-Control-Allow-Credentials: true");
+        header("Max-Age: 86400");
+        header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
+        if (isset($_SERVER["QUERY_STRING"])) {
+            if ((!isset($_POST['name']) || !isset($_POST['username'])) && !(file_get_contents('php://input') != null)) {
+                http_response_code(403);
+                echo json_encode(["message" => "invalid username or name"]);
+                exit;
+            }
+            $name = "";
+            $username = "";
+            if (isset($_POST['name']) && isset($_POST['username'])){
+                $name = $_POST['name'];
+                $username = $_POST['username'];
+            } else if ((file_get_contents('php://input') != null)){
+                $data = json_decode(file_get_contents('php://input'), true);
+                $name = $data['name'];
+                $username = $data['username'];
+            }
+            try {
+                if (!isset($_GET["user_id"]) && !isset($_SESSION["user_id"])) {
+                    http_response_code(400);
+                    echo json_encode(["message" => "Invalid user id"]);
+                    exit;
+                } else {
+                    $user_id = "";
+                    if (isset($_GET["user_id"])) {
+                        $user_id = $_GET["user_id"];
+                    } else {
+                        $user_id = $_SESSION["user_id"];
+                    }
+                    $userModel = new UserModel();
+                    $status = $userModel->updateProfile($user_id, $name, $username); 
+                    if ($status == 200) {
+                        http_response_code(200);
+                        echo json_encode(["message" => "Profile updated successfully!", "name" => $name, "username" => $username]);
+                        exit;
+                    } else {
+                        http_response_code(500);
+                        echo json_encode(["message" => "Internal server error"]);
+                        exit;
+                    }
+                }
+            } catch (PDOException $e) {
+                echo $e->getCode();
+                http_response_code(500);
+                echo json_encode(["message" => "Internal server error"]);
+                exit;
+            }
+        }
+    }
+}
--- a/src/app/core/app.php
+++ b/src/app/core/app.php
@@ -10,6 +10,8 @@ class App
    // Pages routes
    $router->get("public/login", new GetLoginController());
    $router->get("public/signup", new GetSignupController());
+    $router->get("public/profile", new getProfileController());
+    $router->post("public/profile", new UpdateProfileController());
    $router->get("public", new AppController());
    $router->get("public/home", new AppController());

--- a/src/app/init.php
+++ b/src/app/init.php
@@ -43,6 +43,7 @@ require_once __DIR__ . "/controllers/signup/get_signup.php";
 require_once __DIR__ . "/controllers/signup/post_signup.php";
 require_once __DIR__ . "/controllers/search/get_search.php";
 require_once __DIR__ . "/controllers/profile/get_profile.php";
+require_once __DIR__ . "/controllers/profile/update_profile.php";
 require_once __DIR__ . "/controllers/app/app_controller.php";

--- a/src/app/models/user.php
+++ b/src/app/models/user.php
@@ -67,4 +67,24 @@ class UserModel
    return $rowAffected;
  }
+  public function updateProfile($id_user, $name, $username) {
+    $query = "UPDATE user
+              SET name=:name, username=:username
+              WHERE id_user=:id_user";
+    $this->db->query($query);
+    $this->db->bind('name', $name);
+    $this->db->bind('username', $username);
+    $this->db->bind('id_user', $id_user);
+    $status = 200;
+    try {
+      $user = $this->db->execute();
+    } catch (PDOException $e) {
+      $status = 500;
+    }
+    return $status;
+  }
 }
--- a/src/public/javascript/profile/profile.js
+++ b/src/public/javascript/profile/profile.js
 const profile = document.querySelector(".profile");
 const profileMenu = document.querySelector(".profile-menu");
+const SaveProfileAlert = document.getElementById("save-profile-alert");
 console.log("masuk");
 profile &&
  profile.addEventListener("click", (e) => {
@@ -25,5 +26,46 @@ menuProfile &&
 window.addEventListener("click", function (e) {
  if (!editSection.contains(e.target) && !menuProfile.contains(e.target)) {
    editProfile.style.display = "none";
+    SaveProfileAlert.innerHTML = "";
  }
 });
+// Handle submit
+const nameForm = document.getElementById("name-form");
+const usernameForm = document.getElementById("username-form");
+const submitProfileButton = document.getElementById("submit-profile");
+submitProfileButton.addEventListener("click", (e) => {
+  e.preventDefault();
+  const name = nameForm.value;
+  const username = usernameForm.value;
+  const formData = new FormData();
+  formData.append("name", name);
+  formData.append("username", username);
+  const xhr = new XMLHttpRequest();
+  xhr.open("POST", "/public/profile", true);
+  xhr.onload = function () {
+    if (xhr.readyState === XMLHttpRequest.DONE) {
+      if (xhr.status === 200) {
+        nameForm.value = JSON.parse(xhr.responseText).name;
+        usernameForm.value = JSON.parse(xhr.responseText).username;
+        SaveProfileAlert.color = "green";
+        SaveProfileAlert.innerHTML = JSON.parse(xhr.responseText).message;      
+      } else {
+        SaveProfileAlert.color = "red";
+        SaveProfileAlert.innerHTML = JSON.parse(xhr.responseText).message;
+      }
+    }
+  };
+  xhr.send(formData);
+});