function execSignup($username, $password, $confirmpw, $firstname, $lastname, $gender)
{
if ($username == "" || !isValidUsername($username)) {
return "Username is empty or invalid!";
}
if ($password == "" || !isValidPassword($password)) {
return "Password is empty or invalid!";
}
if ($confirmpw == "" || !isValidPassword($confirmpw)) {
return "Confirm Password is empty or invalid!";
}
if ($firstname == "" || !isValidName($firstname)) {
return "First Name is empty or invalid!";
}
if ($lastname == "" || !isValidName($lastname)) {
return "Last Name is empty or invalid!";
}
if ($gender == "" || !isValidGender($gender)) {
return "Gender is empty or invalid!";
}
$userDAO = new UserDAO();
//verify username exist
$result = $userDAO->getUserByUsername($username);
if ($result !== null) {
return "Username exists, please change to another one!";
}
//verify $password == $confirmpw
if ($password != $confirmpw) {
return "Password and Confirm Password must be same!";
}
$roleDAO = new RoleDAO();
$role = $roleDAO->getRoleByID(3);
//normal user
$departmentDAO = new DepartmentDAO();
$depart = $departmentDAO->getDepartmentByID(1);
//root department
$encryptPW = encryptPassword($password);
$photoURL = "photo/default.png";
$user = new User($role, $depart, $username, $encryptPW, $firstname, $lastname, $gender, $photoURL);
if ($userDAO->insertUser($user) === true) {
return true;
} else {
return "Insert user into table error, please contact administrator!";
}
}
} else {
JsonResponse::sendResponse(404, "Invalid Spire API Request");
}
} elseif (isset($_GET['user']) && (User::isAdmin($_SESSION['user_type']) || $_SESSION['user'] == $_GET['user'])) {
if ($_SERVER['REQUEST_METHOD'] === "GET") {
$user_id = $_GET['user'];
$fnHash = UserDAO::getUsers($user_id);
$logger->writeLog("fnHash['ok'] = " . $fnHash['ok']);
if ($fnHash['ok']) {
JsonResponse::sendResponse(200, $fnHash['result']);
} else {
JsonResponse::sendResponse(400, $fnHash['reason']);
}
} elseif ($_SERVER['REQUEST_METHOD'] === "POST" && User::isAdmin($_SESSION['user_type'])) {
$logger->writeLog("Inserting: " . $request_data->email);
$fnHash = UserDAO::insertUser($request_data->email, $request_data->password, $request_data->first_name, $request_data->last_name, $request_data->phone_nbr, $request_data->facebook_id, $request_data->twitter_id, $request_data->google_id, $request_data->tumblr_id, $request_data->instagram_id, $request_data->img_url, $request_data->img_file_path);
if ($fnHash['ok']) {
JsonResponse::sendResponse(200, $fnHash['reason']);
} else {
JsonResponse::sendResponse(400, $fnHash['reason']);
}
} elseif ($_SERVER['REQUEST_METHOD'] === "PUT" && User::isAdmin($_SESSION['user_type'])) {
$logger->writeLog("Updating: " . $request_data->id);
$fnHash = UserDAO::updateUser($request_data->id, $request_data->email, $request_data->first_name, $request_data->last_name, $request_data->phone_nbr, $request_data->facebook_id, $request_data->twitter_id, $request_data->google_id, $request_data->tumblr_id, $request_data->instagram_id, $request_data->img_url, $request_data->img_file_path);
if ($fnHash['ok']) {
JsonResponse::sendResponse(200, $fnHash['reason']);
} else {
JsonResponse::sendResponse(400, $fnHash['reason']);
}
} elseif ($_SERVER['REQUEST_METHOD'] === "DELETE" && User::isAdmin($_SESSION['user_type'])) {
$user_id = $_GET['user'];