// sanitize the vendorId $vendorId = filter_input(INPUT_GET, "vendorId", FILTER_VALIDATE_INT); //sanitize the vendor name $vendorName = filter_input(INPUT_GET, "vendorName", FILTER_SANITIZE_STRING); // grab the mySQL connection $pdo = connectToEncryptedMySql("/etc/apache2/capstone-mysql/invtext.ini"); // handle all RESTful calls to Vendor // get some or all Vendors if ($method === "GET") { // set an XSRF cookie on GET requests setXsrfCookie("/"); if (empty($vendorId) === false) { $reply->data = Vendor::getVendorByVendorId($pdo, $vendorId); } else { if (empty($vendorName) === false) { $reply->data = Vendor::getVendorByVendorName($pdo, $vendorName)->toArray(); } else { $reply->data = Vendor::getAllVendors($pdo)->toArray(); } } // post to a new Vendor } else { if ($method === "POST") { // convert POSTed JSON to an object verifyXsrf(); $requestContent = file_get_contents("php://input"); $requestObject = json_decode($requestContent); $vendor = new Vendor(null, $requestObject->contactName, $requestObject->vendorEmail, $requestObject->vendorName, $requestObject->vendorPhoneNumber); $vendor->insert($pdo); $reply->data = "Vendor created OK"; // delete an existing Vendor
/** * test grabbing a vendor by a vendor name that does not exists **/ public function testGetInvalidVendorByVendorName() { // grab an vendor name that does not exist $vendor = Vendor::getVendorByVendorName($this->getPDO(), "4294967296"); foreach ($vendor as $ven) { $this->assertNull($ven); } }