<?php

include_once "../db_connect.php";
$data = json_decode(file_get_contents("php://input"));
if ($data->token != NULL && $data->loggedUser != NULL) {
    $response = array();
    if ($data != NULL && isset($data->username, $data->firstName, $data->lastName, $data->gender, $data->email, $data->password)) {
        $encrypted_pass = password_hash($data->password, PASSWORD_DEFAULT);
        if (checkIfStrings($data->firstName, $data->lastName) && checkEmailFormat($data->email) && $data->password == $data->password_verify) {
            $sql = "INSERT INTO users (gender,username,lname,fname,email,password,userlevel)\n\t\t\t\t\t\t\t\t   VALUES ('{$data->gender}','{$data->username}','{$data->lastName}','{$data->firstName}','{$data->email}','{$encrypted_pass}','a')";
            $query = mysqli_query($db_connect, $sql);
            if ($query === TRUE) {
                $response["success"] = 1;
                $response["message"] = "Record successfully created!";
            } else {
                $response["success"] = 0;
                $response["message"] = 'There seems to be an error wih the query:' . mysqli_error($db_connect);
            }
        } else {
            $response["success"] = 0;
            $response["message"] = 'Please provide proper input!';
        }
    } else {
        $response["success"] = 0;
        $response["message"] = 'Please fill in all fields';
    }
    echo json_encode($response);
}
function checkIfStrings($var1, $var2 = null, $var3 = null, $var4 = null, $var5 = null, $var6 = null, $var7 = null, $var8 = null)
{
    $pass = TRUE;
<?php

include_once "../db_connect.php";
$data = json_decode(file_get_contents("php://input"));
if ($data->token != NULL && $data->loggedUser != NULL) {
    $response = array();
    if ($data != NULL && isset($data->username, $data->fname, $data->lname, $data->gender, $data->email)) {
        if (checkIfStrings($data->fname, $data->lname, $data->username, $data->gender) && checkEmailFormat($data->email)) {
            //userlevel and password not changeable
            $sql = "UPDATE users SET gender ='{$data->gender}',username='******',lname='{$data->lname}',fname='{$data->fname}',email='{$data->email}'\n                                   WHERE id = '{$data->id}'";
            $query = mysqli_query($db_connect, $sql);
            if ($query === TRUE) {
                $response["success"] = 1;
                $response["message"] = "Record successfully updated!";
            } else {
                $response["success"] = 0;
                $response["message"] = 'There seems to be an error.Please try again later.';
                echo "Error: " . $query . "<br>" . $db_connect->error;
            }
        } else {
            $response["success"] = 0;
            $response["message"] = 'Please provide proper input!';
        }
    } else {
        $response["success"] = 0;
        $response["message"] = 'Please fill in all fields';
    }
    echo json_encode($response);
}
function checkIfStrings($var1, $var2 = null, $var3 = null, $var4 = null, $var5 = null, $var6 = null, $var7 = null)
{