}
});
$app->post('/resetPassword', function () use($app) {
require_once 'passwordHash.php';
$response = array();
$r = json_decode($app->request->getBody());
$password_non = $r->password;
if (strtolower($password) == $password_non) {
$response["status"] = "error";
$response["message"] = "Need at least 1 capital letter in password";
echoResponse(201, $response);
$app->stop();
}
if (!preg_match('/[0-9]+/', $password_non)) {
$response["status"] = "error";
$response["message"] = "Need at least 1 number in password";
echoResponse(201, $response);
$app->stop();
}
$password = passwordHash::hash($password_non);
$key = $r->key;
$db = new DbHandler();
$dbemail = $db->getOneRecord("select email from confirm where validation_key='{$key}'");
$email = $dbemail['email'];
$dbuid = $db->getOneRecord("select uid from users where email='{$email}'");
$uid = $dbuid['uid'];
$db->updateOneRecord("update users set password = '******' where uid='{$uid}'");
$response["status"] = "success";
$response["message"] = "Account password sucessfully reset.";
echoResponse(200, $response);
});
$response[] = array("status" => "success", "rec_id" => $record_id, "file_name" => $file_name, "comp_id" => $comp_id, "user_id" => $user_id, "uploaded_sts" => $uploaded_by_f, "uploaded" => $uploaded);
}
echoResponse(200, $response);
});
$app->post('/signUp', function () use($app) {
$response = array();
$r = json_decode($app->request->getBody());
verifyRequiredParams(array('email', 'name', 'password'), $r->customer);
require_once 'passwordHash.php';
$db = new DbHandler();
$phone = $r->customer->phone;
$name = $r->customer->name;
$email = $r->customer->email;
$address = $r->customer->address;
$password = $r->customer->password;
$isUserExists = $db->getOneRecord("select 1 from customers_auth where phone='{$phone}' or email='{$email}'");
if (!$isUserExists) {
$r->customer->password = passwordHash::hash($password);
$tabble_name = "customers_auth";
$column_names = array('phone', 'name', 'email', 'password', 'city', 'address');
$result = $db->insertIntoTable($r->customer, $column_names, $tabble_name);
if ($result != NULL) {
$response["status"] = "success";
$response["message"] = "User account created successfully";
$response["uid"] = $result;
if (!isset($_SESSION)) {
session_start();
}
$_SESSION['uid'] = $response["uid"];
$_SESSION['phone'] = $phone;
$_SESSION['name'] = $name;
$response['message'] = 'No such user is registered';
}
echoResponse(200, $response);
});
$app->post('/signUp', function () use($app) {
$response = array();
$r = json_decode($app->request->getBody());
verifyRequiredParams(array('email', 'name', 'password'), $r->user);
require_once 'passwordHash.php';
$db = new DbHandler();
$phone = $r->user->phone;
$name = $r->user->name;
$email = $r->user->email;
$address = $r->user->address;
$password = $r->user->password;
$isUserExists = $db->getOneRecord("select 1 from users where phone='{$phone}' or email='{$email}'");
if (!$isUserExists) {
$r->user->password = passwordHash::hash($password);
$tabble_name = "users";
$column_names = array('phone', 'name', 'email', 'password', 'city', 'address');
$result = $db->insertIntoTable($r->user, $column_names, $tabble_name);
if ($result != NULL) {
$response["status"] = "success";
$response["message"] = "User account created successfully";
$response["uid"] = $result;
if (!isset($_SESSION)) {
session_start();
}
$_SESSION['uid'] = $response["uid"];
$_SESSION['phone'] = $phone;
$_SESSION['name'] = $name;
} else {
$response['status'] = "error";
$response['message'] = 'No such user is registered';
}
echoResponse(200, $response);
});
$app->post('/signUp', function () use($app) {
$response = array();
$r = json_decode($app->request->getBody());
verifyRequiredParams(array('email', 'nickname', 'password'), $r->user);
require_once 'passwordHash.php';
$db = new DbHandler();
$nickname = $r->user->nickname;
$email = $r->user->email;
$password = $r->user->password;
$isUserExists = $db->getOneRecord("select 1 from user where nickname='{$nickname}' or email='{$email}'");
if (!$isUserExists) {
$r->user->password = passwordHash::hash($password);
$table_name = "user";
$column_names = array('nickname', 'email', 'password');
$result = $db->insertIntoTable($r->user, $column_names, $table_name);
if ($result != NULL) {
$response["status"] = "success";
$response["message"] = "User account created successfully";
$response["ID"] = $result;
if (!isset($_SESSION)) {
session_start();
}
$_SESSION['ID'] = $response["ID"];
$_SESSION['nickname'] = $nickname;
$_SESSION['email'] = $email;
$response["identifiant"] = $session['identifiant'];
$response["nom"] = $session['nom'];
$response["id_laboratoire"] = $session['id_laboratoire'];
$response["id_etude"] = $session['id_etude'];
$response["prenom"] = $session['prenom'];
$response["type"] = $session['type'];
echoResponse(200, $session);
});
$app->post('/login', function () use($app) {
$r = json_decode($app->request->getBody());
// verifyRequiredParams(array('email', 'mdp'),$r->utilisateur);
$response = array();
$db = new DbHandler();
$mdp = $r->utilisateur->mdp;
$identifiant = $r->utilisateur->identifiant;
$user = $db->getOneRecord("\tselect u.id,u.nom,u.prenom,u.identifiant,u.mdp,type,u.id_laboratoire ,u.id_etude from utilisateur u where u.identifiant='{$identifiant}' ");
if ($user != NULL) {
if (passwordHash::hash($mdp) == $user['mdp']) {
$response['status'] = "success";
$response['message'] = 'Identification réussie.';
$response['nom'] = $user['nom'];
$response['prenom'] = $user['prenom'];
$response['id_laboratoire'] = $user['id_laboratoire'];
$response['id_etude'] = $user['id_etude'];
$response['identifiant'] = $user['identifiant'];
$response['type'] = $user['type'];
$response['id'] = $user['id'];
if (!isset($_SESSION)) {
session_start();
}
$_SESSION['id'] = $user['id'];
* Register a new user
*
* By Kai Rune Orten
*/
$app->post('/register', function () use($app) {
$r = json_decode($app->request->getBody());
verifyRequiredParams(array('phone', 'birth'), $r->user);
validateRequest($r->user);
$db = new DbHandler();
$tabble_name = "user";
$phone = $r->user->phone;
$birth = $r->user->birth;
//We need to format the date to MySQL standard yyyy-mm-dd.
$r->user->birth = Date('Y-m-d', strtotime($birth));
//If we dont care if the user register multiple time, remove the following function and condition
$userExists = $db->getOneRecord("select 1 from {$tabble_name} where phone='{$phone}'");
if (!$userExists) {
$column_names = array('first_name', 'last_name', 'email', 'phone', 'birth');
$result = $db->insertIntoTable($r->user, $column_names, $tabble_name);
if ($result !== NULL) {
$response["status"] = "success";
$response["message"] = array("Registrering fullført");
echoResponse(200, $response);
} else {
$response["status"] = "error";
$response["message"] = array("En feil oppstod i registreringen, vennligst prøv igjen");
echoResponse(200, $response);
}
} else {
$response["status"] = "error";
$response["message"] = array("En bruker med dette telefonnummnert finnes fra før!");
} else {
$response['status'] = "error";
$response['message'] = 'No such user is registered';
}
echoResponse(200, $response);
});
$app->post('/signUp', function () use($app) {
$response = array();
$r = json_decode($app->request->getBody());
verifyRequiredParams(array('email', 'name', 'password'), $r->user);
require_once 'passwordHash.php';
$db = new DbHandler();
$name = $r->user->name;
$email = $r->user->email;
$password = $r->user->password;
$isUserExists = $db->getOneRecord("select 1 from p3_users where email='{$email}'");
if (!$isUserExists) {
$r->user->password = passwordHash::hash($password);
$tabble_name = "p3_users";
$column_names = array('name', 'email', 'password');
$result = $db->insertIntoTable($r->user, $column_names, $tabble_name);
if ($result != NULL) {
$response["status"] = "success";
$response["message"] = "User account created successfully";
$response["name"] = $name;
$response["uid"] = $result;
if (!isset($_SESSION)) {
session_start();
}
$_SESSION['uid'] = $response["uid"];
$_SESSION['name'] = $name;
} else {
$response['status'] = "error";
$response['message'] = 'No such user is registered';
}
echoResponse(200, $response);
});
$app->post('/signUp', function () use($app) {
$response = array();
$r = json_decode($app->request->getBody());
verifyRequiredParams(array('email', 'name', 'password'), $r->customer);
require_once 'passwordHash.php';
$db = new DbHandler();
$name = $r->customer->name;
$email = $r->customer->email;
$password = $r->customer->password;
$isUserExists = $db->getOneRecord("select 1 from user_details where email='{$email}'");
if (!$isUserExists) {
$r->customer->password = passwordHash::hash($password);
$tabble_name = "user_details";
$column_names = array('name', 'email', 'password');
$result = $db->insertIntoTable($r->customer, $column_names, $tabble_name);
if ($result != NULL) {
$response["status"] = "success";
$response["message"] = "Account created successfully";
$response["userid"] = $result;
if (!isset($_SESSION)) {
session_start();
}
$_SESSION['userid'] = $response["userid"];
$_SESSION['name'] = $name;
$_SESSION['email'] = $email;
if ($pengguna) {
$result["result"] = array($pengguna);
}
echo json_encode($result);
});
$app->put('/pengguna/:iduser', function ($iduser) use($app) {
$response = array();
$db = new DbHandler();
$r = json_decode($app->request->getBody());
$user = $r->user;
$password = $r->password;
$password2 = $r->password2;
$nama_lengkap = $r->nama_lengkap;
$iduserlevel = $r->iduserlevel;
$query = "select * from user where iduser="******" AND password='******'";
$pengguna = $db->getOneRecord($query);
$result["result"] = array();
if ($pengguna) {
$query = "update user set user='******',nama_lengkap='" . $nama_lengkap . "',password='******',iduserlevel=" . $iduserlevel . " where iduser="******"success";
$response['message'] = "Update data berhasil!";
} else {
$response['status'] = "error";
$response['message'] = "Maaf, update data tidak berhasil!";
}
} else {
$response['status'] = "error";
$response['message'] = "Maaf, update data tidak berhasil! Password lama salah!";
}
echoResponse(200, $response);
$app->stop();
}
$db = new DbHandler();
$db->updateOneRecord("update users set teamname = NULL where name='{$tm}'");
$response["status"] = "success";
$response["message"] = "Removed '{$tm}'";
echoResponse(200, $response);
});
$app->post('/assignRole', function () use($app) {
$response = array();
$r = json_decode($app->request->getBody());
$fr = $r->fr;
$rc = $r->rc;
$db = new DbHandler();
$result = $db->getOneRecord("select uid,teamname from users where name='{$fr}'");
$confirm_tabble_name = "user_roles";
$confirm_column_names = array('id', 'name', 'teamname', 'role', 'uid');
$content = array('id' => 'NULL', 'name' => $fr, 'teamname' => $result['teamname'], 'role' => $rc, 'uid' => $result['uid']);
$object = json_decode(json_encode($content), FALSE);
$db->oneRecord("DELETE FROM project.user_roles WHERE name = '{$fr}'");
$plz = $db->insertIntoTable($object, $confirm_column_names, $confirm_tabble_name);
$response["status"] = "success";
$response["message"] = "Assigned role";
echoResponse(200, $response);
});
$app->post('/createProject', function () use($app) {
$response = array();
$r = json_decode($app->request->getBody());
if (!isset($r->projectName) or $r->projectName == "" or $r->projectModel == "") {
$response["status"] = "error";
