scoot/createAccountFunctions.php at master · ParksAaron/scoot · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
<?php
session_start();
include 'database.php';
//$dbConn = getDatabaseConnection();
$httpMethod = strtoupper($_SERVER['REQUEST_METHOD']);


switch($httpMethod) {
  case "OPTIONS":
    // Allows anyone to hit your API, not just this c9 domain
    header("Access-Control-Allow-Headers: X-ACCESS_TOKEN, Access-Control-Allow-Origin, Authorization, Origin, X-Requested-With, Content-Type, Content-Range, Content-Disposition, Content-Description");
    header("Access-Control-Allow-Methods: POST, GET");
    header("Access-Control-Max-Age: 3600");
    exit();
  case "GET":
    // Allow any client to access
    header("Access-Control-Allow-Origin: *");

    http_response_code(401);
    //echo "Not Supported";

    break;
  case 'POST':
    // Get the body json that was sent
    $rawJsonString = file_get_contents("php://input");

    //var_dump($rawJsonString);

    // Make it a associative array (true, second param)
    $jsonData = json_decode($rawJsonString, true);

    $data = createUser($jsonData["username"], $jsonData["password"], $jsonData["rePassword"]);

    $results = ["statusCode" => "0",
                "data" => $data];

    // Allow any client to access
    header("Access-Control-Allow-Origin: *");
    // Let the client know the format of the data being returned
    header("Content-Type: application/json");

    // Sending back down as JSON
    echo json_encode($results);

    break;
  case 'PUT':
    // Allow any client to access
    header("Access-Control-Allow-Origin: *");

    http_response_code(401);
    echo "Not Supported";
    break;
  case 'DELETE':
    // Allow any client to access
    header("Access-Control-Allow-Origin: *");

    http_response_code(401);
    break;
}

function createUser($username, $password, $rePassword){

    //$dbConn = getDatabaseConnection();
        //echo "im here!";
        //$userCheck;
        $dbConn = getDatabaseConnection();

        //$dbConn = getDatabaseConnection();
        $sql = "INSERT INTO `users` (`user_id`, `username`, `password`) VALUES ('@NextId', '$username', SHA1('$password'))";
        $statement = $dbConn->prepare($sql);
        $statement->execute();

        return $records;

    }
?>