--- /dev/null
+<?php
+/**
+ * UserAPI short summary.
+ *
+ * GET : Verify if user exists and if it's administrator. Give username, name and firstname
+ * PUT : Create a non-administrator user
+ * POST : Add a project proposed by User (authentication necessary)
+ * DELETE : Delete this user (authentication necessary)
+ *
+ * @version 1.0
+ * @author Ferrand
+ */
+class UserAPI extends RestAPI {
+ use dontAllowPost;
+ use dontAllowPutCollection;
+ use dontAllowDeleteCollection;
+
+ protected function GETAction() {
+ $dbh = $this->databaseHelper();
+
+ $response = $dbh->prepare('SELECT * FROM pub_User WHERE pseudo = :pseudo');
+ $response->execute(['pseudo' => $this->element]);
+
+ if ($response === false) {
+ $this->respondeError();
+ return;
+ }
+
+ $row = $response->fetch();
+ if ($row === false) {
+ $this->respondeNoResult();
+ return;
+ }
+
+ $serverUser = new DetailedServerUser();
+ $serverUser->pseudo = $row['pseudo'];
+ $serverUser->mail = $row['mail'];
+ $serverUser->name = $row['name'];
+ $serverUser->firstName = $row['firstName'];
+ $serverUser->city = $row['city'];
+ $serverUser->sexe = $row['sexe'];
+ $serverUser->proposedProjects = array();
+ $serverUser->bookmarkedProjects = array();
+ $serverUser->fundedProjects = array();
+ $serverUser->commentaries = array();
+
+ $response = $dbh->prepare('SELECT * FROM pub_Project
+ WHERE `proposedBy` = :pseudo
+ ');
+ $response->execute(['pseudo' => $this->element]);
+
+ if($response === false) {
+ $this->respondeError();
+ return; // end this
+ }
+
+ while($row = $response->fetch(PDO::FETCH_ASSOC)) {
+ if(($row['active'] == "1") && ($row['validate'] == 1)) {
+ $serverProject = new ServerProject();
+ $serverProject->id = $row['id'];
+ $serverProject->active = $row['active'];
+ $serverProject->proposedBy = $row['proposedBy'];
+ $serverProject->validate = $row['validate'];
+ $serverProject->name = $row['name'];
+ $serverProject->description = $row['description'];
+ $serverProject->currentFunding = $row['currentFunding'];
+ $serverProject->requestedFunding = $row['requestedFunding'];
+ $serverProject->lastModification = $row['lastModification'];
+ $serverProject->creationDate = $row['creationDate'];
+ $serverProject->beginDate = $row['beginDate'];
+ $serverProject->endDate = $row['endDate'];
+ $serverProject->latitude = $row['latitude'];
+ $serverProject->longitude = $row['longitude'];
+ $serverProject->illustration = $row['illustration'];
+ $serverProject->email = $row['email'];
+ $serverProject->website = $row['website'];
+ $serverProject->phone = $row['phone'];
+
+ $serverUser->proposedProjects[] = $serverProject;
+ }
+ }
+
+ $response = $dbh->prepare('SELECT *, p.active, p.validate FROM pub_Bookmark LEFT JOIN pub_Project p ON (pub_Bookmark.projectId = p.id)
+ WHERE userId = :pseudo
+ ');
+ $response->execute(['pseudo' => $this->element]);
+
+ if($response === false) {
+ $this->respondeError();
+ return; // end this
+ }
+
+ while($row = $response->fetch(PDO::FETCH_ASSOC)) {
+ if(($row['active'] == "1") && ($row['validate'] == 1)) {
+ $serverBookmark = new ServerBookmark();
+ $serverBookmark->id = $row['id'];
+ $serverBookmark->username = $row['userId'];
+ $serverBookmark->projectID = $row['projectId'];
+ $serverBookmark->creationDate = $row['creationDate'];
+ $serverUser->bookmarkedProjects[] = $serverBookmark;
+ }
+ }
+
+ // Vue que j'affiche qu'une fiche projet
+ $response = $dbh->prepare('SELECT * FROM pub_Funding LEFT JOIN pub_Project p ON (pub_Funding.projectId = p.id)
+ WHERE userId = :pseudo group by projectId
+ ');
+ $response->execute(['pseudo' => $this->element]);
+
+ if($response === false) {
+ $this->respondeError();
+ return; // end this
+ }
+
+ while($row = $response->fetch(PDO::FETCH_ASSOC)) {
+
+ $serverFunding = new ServerFunding();
+ $serverFunding->id = $row['id'];
+ $serverFunding->creationDate = $row['creationDate'];
+ $serverFunding->userId = $row['userId'];
+ $serverFunding->value = $row['value'];
+ $serverFunding->username = $row['userId'];
+ $serverFunding->projectID = $row['projectId'];
+ $serverUser->fundedProjects[] = $serverFunding;
+ }
+
+ $this->responde(200, $serverUser);
+ }
+
+ protected function GETCollectionAction() {
+ $dbh = $this->databaseHelper();
+
+ $response = $dbh->prepare('SELECT * FROM pub_User');
+ $response->execute();
+
+ if ($response === false) {
+ $this->respondeError();
+ return;
+ }
+
+ $data = array();
+ while($row = $response->fetch()) {
+ $serverUser = new ServerUser();
+ $serverUser->pseudo = $row['pseudo'];
+ $serverUser->mail = $row['mail'];
+ $serverUser->name = $row['name'];
+ $serverUser->firstName = $row['firstName'];
+ $serverUser->city = $row['city'];
+ $serverUser->sexe = $row['sexe'];
+
+ array_push($data, $serverUser);
+ }
+
+ $this->responde(200, $data);
+ }
+
+ /**
+ * code :
+ * 0 : Created (201)
+ * 1 : username not exists
+ */
+ protected function PUTAction() {
+ $dbh = $this->databaseHelper();
+
+ $data = $this->getBodyData();
+
+ /*
+
+ if (!isset($data->username) || !isset($data->password)) {
+ $this->respondeError();
+ return; // End this!
+ }
+ */
+
+ $encryptedpassword = crypt($data->password, $GLOBALS['PF_KEY']);
+ $response = $dbh->prepare('SELECT * FROM pub_Account WHERE username = :username');
+ $response->execute(['username' => $data->pseudo]);
+
+ if ($response === false) { // Server/database fails
+ $this->respondeError();
+ return; // End this!
+ }
+
+ $row = $response->fetch();
+
+ if ($row === false) { // No one exists, sorry!
+ $simpleServerResponse = new SimpleServerResponse();
+ $simpleServerResponse->code = 1;
+
+ $this->responde(200, $simpleServerResponse);
+ return; // End this!
+ }
+
+ /*
+ $user = $this->authentication();
+ if ($user === null) { // authentication failed, go out !
+ $this->respondeUnauthorized();
+ return; // End this!
+ }
+ */
+
+ //if (($user['administrator'] === 1) || ($user['username'] === $data->pseudo)) {
+ $response = $dbh->prepare('UPDATE pub_User SET name = :name, firstName = :firstname, city = :city, sexe = :sexe WHERE pseudo = :username');
+ $response->execute(
+ ['username' => $data->pseudo,
+ 'name' => $data->name,
+ 'firstname' => $data->firstName,
+ 'city' => $data->city,
+ 'sexe' => $data->sexe
+ ]);
+ if ($response === false) { // Server/database fails
+ $this->respondeError();
+ } else {
+ $simpleServerResponse = new SimpleServerResponse();
+ $simpleServerResponse->code = 0;
+ var_dump($data);
+ $this->responde(202, $simpleServerResponse);
+ }
+/*
+ }
+
+ } else {
+ $this->respondeForbidden();
+ }*/
+ }
+
+ /**
+ * code :
+ * 0 : Created (201)
+ * 1 : Username already exists
+ */
+ protected function POSTCollectionAction() {
+ $dbh = new PDO("mysql:host=" . $GLOBALS['PF_HOST'] . ";dbname=" . $GLOBALS['PF_DATABASE_NAME'], $GLOBALS['PF_USERNAME'], $GLOBALS['PF_PASSWORD']);
+
+ $data = $this->getBodyData();
+ if (!isset($data->pseudo)) {
+ $this->respondeError();
+ return; // End this!
+ }
+
+ $response = $dbh->prepare('SELECT * FROM pub_User WHERE pseudo = :pseudo');
+ $response->execute(['pseudo' => $data->pseudo]);
+
+ if ($response === false) { // Server/database fails
+ $this->respondeError();
+ return; // End this!
+ }
+
+ $row = $response->fetch();
+
+ if ($row !== false) { // Once exists, sorry!
+ $simpleServerResponse = new SimpleServerResponse();
+ $simpleServerResponse->code = 1;
+
+ $this->responde(200, $simpleServerResponse);
+ return; // End this!
+ }
+
+ $response = $dbh->prepare('INSERT INTO pub_User VALUES (:pseudo, :mail, :name, :firstname)');
+ $response->execute(['pseudo' => $data->pseudo, 'mail' => $data->mail, 'name' => $data->name, 'firstname' => $data->firstName]);
+ if ($response === false) { // Server/database fails
+ $this->respondeError();
+ } else { // Amazing, all works fine <3
+ $simpleServerResponse = new SimpleServerResponse();
+ $simpleServerResponse->code = 0;
+
+ $this->responde(201, $simpleServerResponse);
+ }
+ }
+
+ /**
+ * code :
+ * 0 : Deleted
+ * 1 : Username doesn't exists
+ */
+ protected function DELETEAction() {
+ if ($this->isAuthenticated()) {
+ $dbh = new PDO("mysql:host=" . $GLOBALS['PF_HOST'] . ";dbname=" . $GLOBALS['PF_DATABASE_NAME'], $GLOBALS['PF_USERNAME'], $GLOBALS['PF_PASSWORD']);
+
+ $response = $dbh->prepare('SELECT * FROM pub_User WHERE username = :username');
+ $response->execute(['username' => $this->element]);
+
+ if ($response === false) { // Database fails hard today :'(
+ $this->respondeError();
+ return; // end this!
+ }
+
+ $row = $response->fetch();
+ if ($row === false) { // No one exists, sorry!
+ $simpleServerResponse = new SimpleServerResponse();
+ $simpleServerResponse->code = 1;
+
+ $this->responde(200, $simpleServerResponse);
+ return;
+ }
+
+ $response = $dbh->prepare('DELETE FROM pub_User WHERE username = :username');
+ $response->execute(['username' => $this->element]);
+
+ if ($response === false) { // Database fails hard today :'(
+ $this->respondeError();
+ }
+ else {
+ $simpleServerResponse = new SimpleServerResponse();
+ $simpleServerResponse->code = 0;
+
+ $this->responde(200, $simpleServerResponse);
+ }
+ } else {
+ $this->respondeUnauthorized();
+ }
+ }
+}