|
|
|
ช่วยอธิบายโค้ด_php_หน่อยครับ_slim_framework |
|
|
|
|
|
|
|
config.php
error_reporting(0);
session_start();
/* DATABASE CONFIGURATION */
define('DB_SERVER', 'localhost');
define('DB_USERNAME', 'root');
define('DB_PASSWORD', '');
define('DB_DATABASE', 'test');
define("BASE_URL", "http://localhost/test/");
define("SITE_KEY", 'yourSecretKey');
function getDB()
{
$dbhost=DB_SERVER;
$dbuser=DB_USERNAME;
$dbpass=DB_PASSWORD;
$dbname=DB_DATABASE;
$dbConnection = new PDO("mysql:host=$dbhost;dbname=$dbname", $dbuser, $dbpass);
$dbConnection->exec("set names utf8");
$dbConnection->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
return $dbConnection;
}
/* DATABASE CONFIGURATION END */
/* API key encryption */
function apiToken($session_uid)
{
$key=md5(SITE_KEY.$session_uid);
return hash('sha256', $key);
}
index.php
<?php
require 'config.php';
require 'Slim/Slim.php';
\Slim\Slim::registerAutoloader();
$app = new \Slim\Slim();
$app->post('/login','login'); /* User login */
$app->post('/signup','signup'); /* User Signup */
$app->post('/feed','feed'); /* User Feeds */
$app->post('/feedUpdate','feedUpdate'); /* User Feeds */
$app->post('/feedDelete','feedDelete'); /* User Feeds */
//$app->post('/userDetails','userDetails'); /* User Details */
/*$app -> notFound(function() use ($app){
$app->render('404.html');
});*/
$app->run();
/************************* USER LOGIN *************************************/
/* ### User login ### */
function login() {
$request = \Slim\Slim::getInstance()->request();
$data = json_decode($request->getBody());
try {
$db = getDB();
$userData ='';
$sql = "SELECT user_id, name, email, username FROM users WHERE (username=:username or email=:username) and password=:password ";
$stmt = $db->prepare($sql);
$stmt->bindParam("username", $data->username, PDO::PARAM_STR);
$password=hash('sha256',$data->password);
$stmt->bindParam("password", $password, PDO::PARAM_STR);
$stmt->execute();
$mainCount=$stmt->rowCount();
$userData = $stmt->fetch(PDO::FETCH_OBJ);
if(!empty($userData))
{
$user_id=$userData->user_id;
$userData->token = apiToken($user_id);
}
$db = null;
if($userData){
$userData = json_encode($userData);
echo '{"userData": ' .$userData . '}';
} else {
echo '{"error":{"text":"Bad request wrong username and password"}}';
}
}
catch(PDOException $e) {
echo '{"error":{"text":'. $e->getMessage() .'}}';
}
}
/* ### User registration ### */
function signup() {
$request = \Slim\Slim::getInstance()->request();
$data = json_decode($request->getBody());
$email=$data->email;
$name=$data->name;
$username=$data->username;
$password=$data->password;
try {
$username_check = preg_match('~^[A-Za-z0-9_]{3,20}$~i', $username);
$emain_check = preg_match('~^[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+\.([a-zA-Z]{2,4})$~i', $email);
$password_check = preg_match('~^[A-Za-z0-9!@#$%^&*()_]{6,20}$~i', $password);
if (strlen(trim($username))>0 && strlen(trim($password))>0 && strlen(trim($email))>0 && $emain_check>0 && $username_check>0 && $password_check>0)
{
$db = getDB();
$userData = '';
$sql = "SELECT user_id FROM users WHERE username=:username or email=:email";
$stmt = $db->prepare($sql);
$stmt->bindParam("username", $username,PDO::PARAM_STR);
$stmt->bindParam("email", $email,PDO::PARAM_STR);
$stmt->execute();
$mainCount=$stmt->rowCount();
$created=time();
if($mainCount==0)
{
/*Inserting user values*/
$sql1="INSERT INTO users(username,password,email,name)VALUES(:username,:password,:email,:name)";
$stmt1 = $db->prepare($sql1);
$stmt1->bindParam("username", $username,PDO::PARAM_STR);
$password=hash('sha256',$data->password);
$stmt1->bindParam("password", $password,PDO::PARAM_STR);
$stmt1->bindParam("email", $email,PDO::PARAM_STR);
$stmt1->bindParam("name", $name,PDO::PARAM_STR);
$stmt1->execute();
$userData=internalUserDetails($email);
}
$db = null;
if($userData){
$userData = json_encode($userData);
echo '{"userData": ' .$userData . '}';
} else {
echo '{"error":{"text":"Enter valid data"}}';
}
}
else{
echo '{"error":{"text":"Enter valid data"}}';
}
}
catch(PDOException $e) {
echo '{"error":{"text":'. $e->getMessage() .'}}';
}
}
/* ### internal Username Details ### */
function internalUserDetails($input) {
try {
$db = getDB();
$sql = "SELECT user_id, name, email, username FROM users WHERE username=:input or email=:input";
$stmt = $db->prepare($sql);
$stmt->bindParam("input", $input,PDO::PARAM_STR);
$stmt->execute();
$usernameDetails = $stmt->fetch(PDO::FETCH_OBJ);
$usernameDetails->token = apiToken($usernameDetails->user_id);
$db = null;
return $usernameDetails;
} catch(PDOException $e) {
echo '{"error":{"text":'. $e->getMessage() .'}}';
}
}
function feed(){
$request = \Slim\Slim::getInstance()->request();
$data = json_decode($request->getBody());
$user_id=$data->user_id;
$token=$data->token;
$systemToken=apiToken($user_id);
try {
if($systemToken == $token){
$feedData = '';
$db = getDB();
$sql = "SELECT * FROM feed WHERE user_id_fk=:user_id ORDER BY feed_id DESC";
$stmt = $db->prepare($sql);
$stmt->bindParam("user_id", $user_id, PDO::PARAM_INT);
$stmt->execute();
$feedData = $stmt->fetchAll(PDO::FETCH_OBJ);
$db = null;
echo '{"feedData": ' . json_encode($feedData) . '}';
} else{
echo '{"error":{"text":"No access"}}';
}
} catch(PDOException $e) {
echo '{"error":{"text":'. $e->getMessage() .'}}';
}
}
function feedUpdate(){
$request = \Slim\Slim::getInstance()->request();
$data = json_decode($request->getBody());
$user_id=$data->user_id;
$token=$data->token;
$feed=$data->feed;
$systemToken=apiToken($user_id);
try {
if($systemToken == $token){
$feedData = '';
$db = getDB();
$sql = "INSERT INTO feed ( feed, created, user_id_fk) VALUES (:feed,:created,:user_id)";
$stmt = $db->prepare($sql);
$stmt->bindParam("feed", $feed, PDO::PARAM_STR);
$stmt->bindParam("user_id", $user_id, PDO::PARAM_INT);
$created = time();
$stmt->bindParam("created", $created, PDO::PARAM_INT);
$stmt->execute();
$sql1 = "SELECT * FROM feed WHERE user_id_fk=:user_id ORDER BY feed_id DESC LIMIT 1";
$stmt1 = $db->prepare($sql1);
$stmt1->bindParam("user_id", $user_id, PDO::PARAM_INT);
$stmt1->execute();
$feedData = $stmt1->fetch(PDO::FETCH_OBJ);
$db = null;
echo '{"feedData": ' . json_encode($feedData) . '}';
} else{
echo '{"error":{"text":"No access"}}';
}
} catch(PDOException $e) {
echo '{"error":{"text":'. $e->getMessage() .'}}';
}
}
function feedDelete(){
$request = \Slim\Slim::getInstance()->request();
$data = json_decode($request->getBody());
$user_id=$data->user_id;
$token=$data->token;
$feed_id=$data->feed_id;
$systemToken=apiToken($user_id);
try {
if($systemToken == $token){
$feedData = '';
$db = getDB();
$sql = "Delete * FROM feed WHERE user_id_fk=:user_id AND feed_id=:feed_id";
$stmt = $db->prepare($sql);
$stmt->bindParam("user_id", $user_id, PDO::PARAM_INT);
$stmt->bindParam("feed_id", $feed_id, PDO::PARAM_INT);
$stmt->execute();
$db = null;
echo '{"success":{"text":"Feed deleted"}}';
} else{
echo '{"error":{"text":"No access"}}';
}
} catch(PDOException $e) {
echo '{"error":{"text":'. $e->getMessage() .'}}';
}
}
?>
Tag : PHP
|
|
|
|
|
|
Date :
2017-08-18 13:32:57 |
By :
topfoxzero |
View :
840 |
Reply :
1 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
มันคือโค้ดทำงานกับฐานข้อมูลครับ
|
|
|
|
|
Date :
2017-08-19 10:51:19 |
By :
mr.v |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Load balance : Server 05
|