$stmt = $db->query("SELECT* FROM wine WHERE name LIKE {$keyword} ORDER BY name");
$wines = $stmt->fetchAll(PDO::FETCH_OBJ);
$response->getBody()->write('{"VinsKeyword": ' . json_encode($wines) . '}');
} catch (PDOException $e) {
$response->getBody()->write('{"error":' . $e->getMessage() . '}');
die;
}
return $response;
});
/**
*TO DO
*tester et checker les erreurs resultantes
*verifier et securiser les données
**/
$app->post('/api/add/wines', function (Request $request, Response $response) {
$request = $app->request();
// or $app = \Slim\Slim::getInstance();
$body = $request->getBody();
// $allPostVars = $app->request->post(); renvoie null si non trouvé
$input = json_decode($body);
// $name = $allPostVars['name'];
$sql = "INSERT INTO wine(name,grapes,country,region,year,description) VALUES(:name, :grapes, :country, :region, :year, :description)";
try {
$db = thisConnection();
$stmt = $db->prepare($sql) or exit(print_r($db->errorInfo()));
$stmt->bindParam("name", $input->name);
//remplacer $input->name par $name etc.
$stmt->bindParam("grapes", $input->grapes);
$stmt->bindParam("country", $input->country);
$stmt->bindParam("region", $input->region);
$stmt->bindParam("year", $input->year);
