include_once "../../common/dbconfig.php"; include_once "../../common/database.php"; include_once "../../common/handleresponse.php"; if ($_SERVER["REQUEST_METHOD"] == "POST") { // image, access_token, oldpass, newpass $ret = array(); $access_token = $_POST["access_token"]; $oldpass = $_POST["oldpass"]; $newpass = $_POST["newpass"]; if (Validation::includeBlank($access_token, $oldpass, $newpass)) { HandleResponse::badRequest("Parameters are blank"); } else { if (Validation::isMatchPassword($oldpass, $newpass)) { HandleResponse::badRequest("Old password and new password are same"); } else { if (!Validation::isValidPassword($newpass)) { HandleResponse::badRequest("Invalid user firstname"); } else { $conn = null; try { $db = new DBConnection(); $conn = $db->getConnection(); mysqli_query($conn, "set autocommit = 0"); mysqli_query($conn, "begin"); $user_id = getUserIdFromToken($conn, $access_token); if ($user_id == null) { $ret = HandleResponse::badRequestReturn("Invalid Accesstoken"); } else { if (checkPassword($conn, $user_id, $oldpass)) { // Change password $ret = updatePassword($conn, $user_id, $newpass);
if ($_SERVER["REQUEST_METHOD"] == "POST") { // TODO : Request Validation by UA $ret = array(); // email, password, firstname, lastname, birthday (required) $email = $_POST["email"]; $password = $_POST["password"]; $firstname = $_POST["firstname"]; $lastname = $_POST["lastname"]; $birthday = $_POST["birthday"]; if (Validation::includeBlank($email, $password, $firstname, $lastname, $birthday)) { HandleResponse::badRequest("Parameters are blank"); } else { if (!Validation::isValidEmail($email)) { HandleResponse::badRequest("Email is invalid"); } else { if (!Validation::isValidPassword($password)) { HandleResponse::badRequest("Password should be over 6!"); } else { if (!Validation::isValidTime($birthday)) { HandleResponse::badRequest("Birthday style is wrong!"); } else { $conn = null; try { $db = new DBConnection(); $conn = $db->getConnection(); mysqli_query($conn, "set autocommit = 0"); mysqli_query($conn, "begin"); if (isExistUser($conn, $email)) { $ret = HandleResponse::badRequestReturn("This email is already exist"); } else { $ret = createUser($conn, $email, $password, $firstname, $lastname, $birthday);