<?php require_once '../libraries/common.php'; include 'ajax_common.php'; $userId = \sessions\getCurrentUserId(); if (is_null($userId)) { notAuthErrorResponse(); return; } $parsedOrderId = getParsedOrderId($_POST, 'order_id'); if (!$parsedOrderId) { validationErrorResponse(msg('incorrect.order.id')); return; } $result = \storage\cancelOrder($parsedOrderId['order_id'], $userId); if ($result === false) { noObjectErrorResponse(); } else { if (!$result) { internalErrorResponse(); } else { successResponse(); } }
if (is_null($userId)) { notAuthErrorResponse(); return; } $description = trim(getIfExists($_POST, 'description')); if ($description == '') { validationErrorResponse(msg('no.description')); return; } $descriptionMaxLength = getCommonConstant('description.max.length'); if (mb_strlen($description) > $descriptionMaxLength) { validationErrorResponse(msg('description.length.error', $descriptionMaxLength)); return; } $price = floatval(getIfExists($_POST, 'price')); if ($price < 1) { validationErrorResponse(msg('min.price.error') . ' 1 ' . msg('currency')); return; } $maxPrice = getCommonConstant('order.max.price'); if ($price > $maxPrice) { validationErrorResponse(msg('max.price.error') . ' ' . $maxPrice . ' ' . msg('currency')); return; } $orderFromDb = \storage\addOrder($userId, $description, $price); if (is_null($orderFromDb)) { internalErrorResponse(); return; } $order = ['order_id' => getCompositeOrderId($orderFromDb), 'customer_id' => $orderFromDb['customer_id'], 'description' => $orderFromDb['description'], 'price' => number_format($orderFromDb['price'], 2), 'time' => $orderFromDb['time']]; echo jsonEncode(['order' => $order]);
logError('incorrect request method ' . $requestMethod); internalErrorResponse(); return; } $userName = getIfExists($_POST, 'user-name'); $password = getIfExists($_POST, 'password'); if (!is_string($userName) || mb_strlen($userName) == 0) { validationErrorResponse(msg('no.username.error'), 'user-name'); return; } if (!is_string($password) || mb_strlen($password) == 0) { validationErrorResponse(msg('no.password.error'), 'password'); return; } if (mb_strlen($userName) > 20 || mb_strlen($password) > 20) { validationErrorResponse(msg('auth.failed.error')); return; } $userInfo = \storage\getUserInfoByName($userName); if (is_null($userInfo) || !array_key_exists('password', $userInfo) || !password_verify($password, $userInfo['password'])) { validationErrorResponse(msg('auth.failed.error')); return; } $userId = getIfExists($userInfo, 'id'); if (intval($userId) <= 0) { logError("user id should be a positive int but it is " . $userId); internalErrorResponse(); return; } \sessions\login($userId); successResponse();
$passwordMaxLength = getCommonConstant('password.max.length'); if (mb_strlen($password) < $passwordMinLength || mb_strlen($password) > $passwordMaxLength) { validationErrorResponse(msg('password.length.error', $passwordMinLength, $passwordMaxLength), 'password'); return; } if ($repeatPassword !== $password) { validationErrorResponse(msg('passwords.matching.error'), 'repeat-password'); return; } $intRole = intval($role); if ($intRole != $role || $intRole < 0 || $intRole > 1) { validationErrorResponse(msg('invalid.value'), 'role'); return; } $userId = \storage\getUserIdByName($userName); if (is_null($userId)) { internalErrorResponse(); return; } if ($userId != 0) { validationErrorResponse(msg('username.conflict.error'), 'user-name'); return; } $newUserId = \storage\addUser($userName, password_hash($password, PASSWORD_BCRYPT), $role); if ($newUserId == 0) { logError('cannot add new user into db'); internalErrorResponse(); return; } \sessions\login($newUserId); successResponse();