Exemplo n.º 1
0
<?php

session_start();
use views\helpers\PathHelper;
require_once dirname(dirname(dirname(__FILE__))) . '/views/helpers/PathHelper.php';
$path = new PathHelper();
require_once $path->getModelPath() . 'DBHandler.php';
require_once $path->getModelPath() . 'AuthHandler.php';
require_once $path->getConfigPath() . 'connectionInfo.private.php';
$dbHandler = new DBHandler($host, $user, $password, $db);
$authHandler = new AuthHandler($dbHandler);
if (isset($_POST['title']) && isset($_POST['content'])) {
    if ($id = $dbHandler->insertNote($_POST['title'], $_POST['content'], $authHandler->getUserId())) {
        $result = array("id" => $id, "title" => $_POST['title'], "content" => $_POST['content']);
    } else {
        header("HTTP/1.1 501 Could not modify object");
        $result = array("error" => "An error occurred saving your note.");
    }
} else {
    // title and content were not set
    header("HTTP/1.1 502 Empty parameter set");
    $result = array("error" => "Please provide a title and content for your note.");
}
header("Content-Type: application/json; charset=UTF-8");
echo json_encode($result);
Exemplo n.º 2
0
<?php

use views\helpers\PathHelper;
require_once dirname(dirname(__FILE__)) . '/views/helpers/PathHelper.php';
$path = new PathHelper();
require_once $path->getModelPath() . 'Note.php';
require_once $path->getModelPath() . 'User.php';
class DBHandler
{
    var $connection;
    /**
     * @param $host String host to connect to.
     * @param $user String username to use with the connection. Make sure to grant all necessary privileges.
     * @param $password String password belonging to the username.
     * @param $db String name of the database.
     */
    function __construct($host, $user, $password, $db)
    {
        $this->connection = new mysqli($host, $user, $password, $db);
        $this->connection->set_charset('utf8');
        // prevent charset errors.
        $this->ensureUsersTable();
        $this->ensureNotesTable();
    }
    function ensureUsersTable()
    {
        assert($this->connection);
        $queryString = "CREATE TABLE IF NOT EXISTS users (id INT(5) PRIMARY KEY AUTO_INCREMENT, " . "name VARCHAR(100) UNIQUE NOT NULL, password VARCHAR(255) NOT NULL)";
        // it's okay not to use prepared statements here
        // because it is quite a static thing to do and does not take potentially harmful user input.
        $this->connection->query($queryString);