$this->out('Access denied !', 401);
}
};
//function to output error
$app->out = function ($msg, $code) {
if (is_array($msg)) {
$this->end(json_encode($msg), $code);
} else {
$this->end(json_encode(['msg' => $msg]), $code);
}
};
//---------------------------------------------------------------------------------------
// User CRUD API
//---------------------------------------------------------------------------------------
$app->on('POST /test', function () {
$this->end('a');
});
$app->on('POST /login', function () {
//get input from request body
$username = $this->body['username'];
$password = $this->body['password'];
// get user id if both credential matched (i.e username & password )
$sql = 'SELECT id FROM user WHERE username=:uname AND password=:upass LIMIT 1';
$prm = [':uname' => $username, ':upass' => $password];
// connect to db and execute query
$dbh = $this->dbc();
$qry = $dbh->prepare($sql);
$qry->execute($prm);
$res = $qry->fetch(PDO::FETCH_ASSOC);
// create token to be sent to client app to be used as API access credential
if ($res) {
};
//api for user login -------> "/api/login"
$app->on('POST /login', function () {
$username = $this->body['username'];
$password = $this->body['password'];
// db sql query to check user and password
$sql = 'SELECT id FROM user WHERE username=:uname AND password=:upass LIMIT 1';
// query parameter
$prm = [':uname' => $username, ':upass' => $password];
// create db connection and executing query
$dbh = $this->dbc();
$qry = $dbh->prepare($sql);
$qry->execute($prm);
$res = $qry->fetch(PDO::FETCH_ASSOC);
if (!empty($res)) {
$token = md5(time());
// update query to append access token
$sql = 'UPDATE user SET access_token=:token WHERE id=:id';
// query parameter
$prm = [':id' => $res['id'], ':token' => $token];
// create db connection and executing query
$dbh = $this->dbc();
$qry = $dbh->prepare($sql);
$qry->execute($prm);
}
// creating json output
$out = ['id' => $res['id'], 'token' => $token];
// send output
$this->out($out, 202);
});
//api to get all user -------> "/api/user"
$app->on('GET /user', function () {
$app->config->base = '/';
function render($path, $data = null)
{
$loader = new Twig_Loader_Filesystem('../templates');
$twig = new Twig_Environment($loader, array('debug' => true));
// Figure out mcm mana nak set global to the template...
$ENV["BOOKSTORE_TITLE"] = 'Kedai Buku SIH';
$twig->addExtension(new Twig_Extension_Debug());
$twig->addGlobal('env', $ENV);
$template = $twig->loadTemplate($path . '.twig');
echo $template->render($data);
}
// STATIC PAGES
// =======================================
$app->on('GET /', function () {
$this->end(render('index', []));
})->on('GET /contact', function () {
$this->end(render('contact', []));
})->on('GET /how-to', function () {
$this->end(render('how-to', []));
})->on('GET /booklist', function () {
$books = ['books' => run(Factory::GETBOOKLIST, [])];
$this->end(render('booklist', $books));
})->on('GET /legal/policy', function () {
$this->end(render('legal_policy', []));
})->on('GET /legal/tnc', function () {
$this->end(render('legal_tnc', []));
})->on('GET /shop', function () {
// Yang ni sepatutnya ada middleware that checks for session
$this->end(render('shop', []));
})->on('GET /admin/dashboard', function () {
Twig_Autoloader::register();
$app = new Horus();
$app->config->base = '/';
function render($path, $data = null)
{
$loader = new Twig_Loader_Filesystem('../app');
$twig = new Twig_Environment($loader, array('debug' => true));
$twig->addExtension(new Twig_Extension_Debug());
$template = $twig->loadTemplate($path . '.html');
echo $template->render($data);
}
session_start();
include 'cart.php';
include 'checkout.php';
$app->on('/', function () {
$this->end(render('index', []));
});
// CARTS API
// ================
$app->on('GET /api/cart', function () {
$cart = isset($_SESSION['cart']) ? $_SESSION['cart'] : [];
$this->json($cart);
});
$app->on('POST /api/cart', function () {
$cart = new Cart();
$a = $cart->add($this->body);
$this->json($a);
});
$app->on('PUT /api/cart/:?/:?', function ($productid, $action) {
$cart = new Cart();
$a = $cart->update($productid, $action);
