function rest_post($request, $data)
{
$uri = explode("/", $request);
$tip = array_pop($uri);
switch ($tip) {
case 'login':
$dao = new \Dao\KorisnikDao();
$email = htmlentities($data['email']);
$pass = htmlentities($data['password']);
$hash = md5($pass);
$logged = $dao->getLogin($email, $hash);
if ($logged) {
session_start();
$usr = $dao->getByExample('email', $email);
$usr = $usr[0];
$username = $usr->getIme();
$_SESSION['username'] = $username;
$id = $usr->getId();
$_SESSION['korisnikId'] = $id;
}
if (!$logged) {
rest_error("Pogrešni podaci.");
}
return;
break;
case 'logout':
session_start();
if (isset($_SESSION['username']) && $_SESSION['username'] == $data['username']) {
unset($_SESSION['username']);
session_destroy();
} else {
rest_error("Niste prijavljeni.");
}
return;
break;
case 'register':
session_start();
try {
$korisnik = new Korisnik();
$ime = htmlentities($data['ime']);
$prezime = htmlentities($data['prezime']);
$korisnik->setIme($ime . " " . $prezime);
$korisnik->setEmail(htmlentities($data['email']));
$password = htmlentities($data['password']);
$korisnik->setPassword(md5($password));
$kdao = new \Dao\KorisnikDao();
$kdao->create($korisnik);
$username = $ime . " " . $prezime;
$_SESSION['username'] = $username;
$id = $korisnik->getId();
$_SESSION['korisnikId'] = $id;
} catch (Exception $e) {
rest_error($e->getMessage());
}
break;
}
}
public function getByExample($name, $value)
{
try {
$sql = "SELECT * FROM korisnici WHERE {$name}=:value";
$upit = $this->konekcija->prepare($sql);
$upit->bindParam(':value', $value);
$upit->execute();
$korisnici = array();
if ($upit->rowCount() > 0) {
while ($row = $upit->fetch(PDO::FETCH_ASSOC, PDO::FETCH_ORI_NEXT)) {
$korisnik = new \Korisnik();
$korisnik->setId($row['idKorisnik']);
$korisnik->setIme($row['ime']);
$korisnik->setEmail($row['email']);
$korisnik->setPassword($row['password']);
array_push($korisnici, $korisnik);
}
}
return $korisnici;
} catch (PDOException $e) {
print $e->getMessage();
}
}
