<?php
require_once '../libraries/common.php';
include 'ajax_common.php';
$userId = \sessions\getCurrentUserId();
if (is_null($userId)) {
notAuthErrorResponse();
return;
}
$parsedOrderId = getParsedOrderId($_POST, 'order_id');
if (!$parsedOrderId) {
validationErrorResponse(msg('incorrect.order.id'));
return;
}
$result = \storage\cancelOrder($parsedOrderId['order_id'], $userId);
if ($result === false) {
noObjectErrorResponse();
} else {
if (!$result) {
internalErrorResponse();
} else {
successResponse();
}
}
if (is_null($userId)) {
notAuthErrorResponse();
return;
}
$description = trim(getIfExists($_POST, 'description'));
if ($description == '') {
validationErrorResponse(msg('no.description'));
return;
}
$descriptionMaxLength = getCommonConstant('description.max.length');
if (mb_strlen($description) > $descriptionMaxLength) {
validationErrorResponse(msg('description.length.error', $descriptionMaxLength));
return;
}
$price = floatval(getIfExists($_POST, 'price'));
if ($price < 1) {
validationErrorResponse(msg('min.price.error') . ' 1 ' . msg('currency'));
return;
}
$maxPrice = getCommonConstant('order.max.price');
if ($price > $maxPrice) {
validationErrorResponse(msg('max.price.error') . ' ' . $maxPrice . ' ' . msg('currency'));
return;
}
$orderFromDb = \storage\addOrder($userId, $description, $price);
if (is_null($orderFromDb)) {
internalErrorResponse();
return;
}
$order = ['order_id' => getCompositeOrderId($orderFromDb), 'customer_id' => $orderFromDb['customer_id'], 'description' => $orderFromDb['description'], 'price' => number_format($orderFromDb['price'], 2), 'time' => $orderFromDb['time']];
echo jsonEncode(['order' => $order]);
logError('incorrect request method ' . $requestMethod);
internalErrorResponse();
return;
}
$userName = getIfExists($_POST, 'user-name');
$password = getIfExists($_POST, 'password');
if (!is_string($userName) || mb_strlen($userName) == 0) {
validationErrorResponse(msg('no.username.error'), 'user-name');
return;
}
if (!is_string($password) || mb_strlen($password) == 0) {
validationErrorResponse(msg('no.password.error'), 'password');
return;
}
if (mb_strlen($userName) > 20 || mb_strlen($password) > 20) {
validationErrorResponse(msg('auth.failed.error'));
return;
}
$userInfo = \storage\getUserInfoByName($userName);
if (is_null($userInfo) || !array_key_exists('password', $userInfo) || !password_verify($password, $userInfo['password'])) {
validationErrorResponse(msg('auth.failed.error'));
return;
}
$userId = getIfExists($userInfo, 'id');
if (intval($userId) <= 0) {
logError("user id should be a positive int but it is " . $userId);
internalErrorResponse();
return;
}
\sessions\login($userId);
successResponse();
$passwordMaxLength = getCommonConstant('password.max.length');
if (mb_strlen($password) < $passwordMinLength || mb_strlen($password) > $passwordMaxLength) {
validationErrorResponse(msg('password.length.error', $passwordMinLength, $passwordMaxLength), 'password');
return;
}
if ($repeatPassword !== $password) {
validationErrorResponse(msg('passwords.matching.error'), 'repeat-password');
return;
}
$intRole = intval($role);
if ($intRole != $role || $intRole < 0 || $intRole > 1) {
validationErrorResponse(msg('invalid.value'), 'role');
return;
}
$userId = \storage\getUserIdByName($userName);
if (is_null($userId)) {
internalErrorResponse();
return;
}
if ($userId != 0) {
validationErrorResponse(msg('username.conflict.error'), 'user-name');
return;
}
$newUserId = \storage\addUser($userName, password_hash($password, PASSWORD_BCRYPT), $role);
if ($newUserId == 0) {
logError('cannot add new user into db');
internalErrorResponse();
return;
}
\sessions\login($newUserId);
successResponse();
