From 8a7eb760e05e91d772a32f1e02135bd0f4157ef4 Mon Sep 17 00:00:00 2001
From: Lucie Bedouret <lucie@air-de-lucie.home>
Date: Fri, 4 Nov 2022 16:13:09 +0100
Subject: [PATCH] ADD : request POST PUT DELETE readOneId and readOneUsername
 for User

---
 api-rest/models/User.php           | 35 +++++++++++++++++++++
 api-rest/users/delete.php          | 44 ++++++++++++++++++++++++++
 api-rest/users/post.php            | 40 ++++++++++++++++++++++++
 api-rest/users/put.php             | 43 +++++++++++++++++++++++++
 api-rest/users/readOneId.php       | 50 ++++++++++++++++++++++++++++++
 api-rest/users/readOneUsername.php | 50 ++++++++++++++++++++++++++++++
 6 files changed, 262 insertions(+)
 create mode 100644 api-rest/users/delete.php
 create mode 100644 api-rest/users/post.php
 create mode 100644 api-rest/users/put.php
 create mode 100644 api-rest/users/readOneId.php
 create mode 100644 api-rest/users/readOneUsername.php

diff --git a/api-rest/models/User.php b/api-rest/models/User.php
index dbb45aa..7eba19f 100644
--- a/api-rest/models/User.php
+++ b/api-rest/models/User.php
@@ -25,6 +25,41 @@ class User{
         $query->execute();
         return $query;
     }
+
+    public function post(){
+        $sqlQuery= "INSERT INTO User VALUES(\"" . $this->id . "\",\"" . $this->username . "\",\"" . $this->password . "\",\"" . $this->nationality . "\",\"" . $this->sex . "\",\"" . $this->dateOfBirth . "\",0,0,0)";
+        $query = $this->connection->prepare($sqlQuery);
+        $query->execute();
+        return $query;
+    }
+
+    public function delete(){
+        $sqlQuery = "DELETE FROM User WHERE username=\"" . $this->username . "\"";
+        $query = $this->connection->prepare($sqlQuery);
+        $query->execute();
+        return $query;
+    }
+
+    public function readOneId(){
+        $sqlQuery = "SELECT * FROM User WHERE id=\"" . $this->id . "\"";
+        $query = $this->connection->prepare($sqlQuery);
+        $query->execute();
+        return $query;
+    }
+
+    public function readOneUsername(){
+        $sqlQuery = "SELECT * FROM User WHERE username=\"" . $this->username . "\"";
+        $query = $this->connection->prepare($sqlQuery);
+        $query->execute();
+        return $query;
+    }
+
+    public function put(){
+        $sqlQuery = "UPDATE User SET username='" . $this->username . "', nationality='" . $this->nationality . "', sex='" . $this->sex . "', dateOfBirth='" . $this->dateOfBirth . "', currentBobCoins='" . $this->currentBobCoins . "', totalBobCoins='" . $this->totalBobCoins . "', nbGamesPlayed='" . $this->nbGamesPlayed . "' WHERE id =\"" . $this->id . "\"";
+        $query=$this->connection->prepare($sqlQuery);
+        $query->execute();
+        return $query;
+    }
 }
 
 ?>
\ No newline at end of file
diff --git a/api-rest/users/delete.php b/api-rest/users/delete.php
new file mode 100644
index 0000000..395f6b2
--- /dev/null
+++ b/api-rest/users/delete.php
@@ -0,0 +1,44 @@
+<?php
+
+//Headers
+header("Access-Control-Allow-Origin: *");
+header("Content-Type: application.json; charset=UTF-8");
+header("Access-Control-Allow-Method: GET");
+header("Access-Control-Max-Age: 3600");
+header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
+
+// Checking that the method is correct and dealing with the error
+if($_SERVER['REQUEST_METHOD'] != 'DELETE'){
+    http_response_code(405);
+    echo json_encode(["message" => "Unauthorized method"]);
+}else{
+    include_once '../dbConnection.php';
+    include_once '../models/User.php';
+
+    $db= new Database();
+    $db= $db->establishConnection();
+
+    $user = new User($db);
+    $user->id="4";
+    $user->username="petitFilou";
+    $user->password="blblbl";
+    $user->nationality="Francaise";
+    $user->sex="M";
+    $user->dateOfBirth="2002-05-10";
+
+
+    $stmt = $user->delete();
+
+    if($stmt->rowCount() > 0){
+        
+        echo "User deleted successfully";
+        http_response_code(200);
+        
+    }
+    else{
+        echo "The user can't be deleted because not found in database";
+        http_response_code(200);
+    }
+}
+
+?>
\ No newline at end of file
diff --git a/api-rest/users/post.php b/api-rest/users/post.php
new file mode 100644
index 0000000..8ff9f2b
--- /dev/null
+++ b/api-rest/users/post.php
@@ -0,0 +1,40 @@
+<?php
+
+//Headers
+header("Access-Control-Allow-Origin: *");
+header("Content-Type: application.json; charset=UTF-8");
+header("Access-Control-Allow-Method: GET");
+header("Access-Control-Max-Age: 3600");
+header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
+
+// Checking that the method is correct and dealing with the error
+if($_SERVER['REQUEST_METHOD'] != 'POST'){
+    http_response_code(405);
+    echo json_encode(["message" => "Unauthorized method"]);
+}else{
+    include_once '../dbConnection.php';
+    include_once '../models/User.php';
+
+    $db= new Database();
+    $db= $db->establishConnection();
+
+    $user = new User($db);
+    $user->id="U0004";
+    $user->username="petitFilou";
+    $user->password="blblbl";
+    $user->nationality="Francaise";
+    $user->sex="M";
+    $user->dateOfBirth="2002-05-10";
+
+
+    $stmt = $user->post();
+
+    if($stmt != false){
+
+        echo "user created successfully :)";
+        http_response_code(200);
+        
+    }
+}
+
+?>
\ No newline at end of file
diff --git a/api-rest/users/put.php b/api-rest/users/put.php
new file mode 100644
index 0000000..926a812
--- /dev/null
+++ b/api-rest/users/put.php
@@ -0,0 +1,43 @@
+<?php
+
+//Headers
+header("Access-Control-Allow-Origin: *");
+header("Content-Type: application.json; charset=UTF-8");
+header("Access-Control-Allow-Method: GET");
+header("Access-Control-Max-Age: 3600");
+header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
+
+// Checking that the method is correct and dealing with the error
+if($_SERVER['REQUEST_METHOD'] != 'PUT'){
+    http_response_code(405);
+    echo json_encode(["message" => "Unauthorized method"]);
+}else{
+    include_once '../dbConnection.php';
+    include_once '../models/User.php';
+
+    $db= new Database();
+    $db= $db->establishConnection();
+
+    $user = new User($db);
+    $user->id="U0004";
+    $user->username="petitFilou";
+    $user->password="blblbl";
+    $user->nationality="Francaise";
+    $user->sex="M";
+    $user->dateOfBirth="2002-05-10";
+    $user->currentBobCoins=10;
+    $user->totalBobCoins=10;
+    $user->nbGamesPlayed=1;
+
+    $stmt = $user->put();
+
+    if($stmt != false){
+
+        http_response_code(200);
+        echo "User updated successfully :)";
+                    
+    }
+        
+}
+
+?>
\ No newline at end of file
diff --git a/api-rest/users/readOneId.php b/api-rest/users/readOneId.php
new file mode 100644
index 0000000..0612ee6
--- /dev/null
+++ b/api-rest/users/readOneId.php
@@ -0,0 +1,50 @@
+<?php
+
+//Headers
+header("Access-Control-Allow-Origin: *");
+header("Content-Type: application.json; charset=UTF-8");
+header("Access-Control-Allow-Method: GET");
+header("Access-Control-Max-Age: 3600");
+header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
+
+// Checking that the method is correct and dealing with the error
+if($_SERVER['REQUEST_METHOD'] != 'GET'){
+    http_response_code(405);
+    echo json_encode(["message" => "Unauthorized method"]);
+}else{
+    include_once '../dbConnection.php';
+    include_once '../models/User.php';
+
+    $db= new Database();
+    $db= $db->establishConnection();
+
+    $user = new User($db);
+    $user->id="U0004";
+
+    $stmt = $user->readOneId();
+
+    if($stmt != false){
+
+        $row = $stmt->fetch(PDO::FETCH_ASSOC);
+        extract($row);
+
+        $user= [
+            "id" => $id,
+            "username" => $username,
+            "password" => $password,
+            "nationality" => $nationality,
+            "sex" => $sex,
+            "dateofBirth" => $dateOfBirth,
+            "currentBobCoins"=>$currentBobCoins,
+            "totalBobCoins" => $totalBobCoins,
+            "nbGamesPlayed" => $nbGamesPlayed,
+        ];
+
+        http_response_code(200);
+
+        echo json_encode($user);
+        
+    }
+}
+
+?>
\ No newline at end of file
diff --git a/api-rest/users/readOneUsername.php b/api-rest/users/readOneUsername.php
new file mode 100644
index 0000000..b6a2bdd
--- /dev/null
+++ b/api-rest/users/readOneUsername.php
@@ -0,0 +1,50 @@
+<?php
+
+//Headers
+header("Access-Control-Allow-Origin: *");
+header("Content-Type: application.json; charset=UTF-8");
+header("Access-Control-Allow-Method: GET");
+header("Access-Control-Max-Age: 3600");
+header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
+
+// Checking that the method is correct and dealing with the error
+if($_SERVER['REQUEST_METHOD'] != 'GET'){
+    http_response_code(405);
+    echo json_encode(["message" => "Unauthorized method"]);
+}else{
+    include_once '../dbConnection.php';
+    include_once '../models/User.php';
+
+    $db= new Database();
+    $db= $db->establishConnection();
+
+    $user = new User($db);
+    $user->username="lulu";
+
+    $stmt = $user->readOneUsername();
+
+    if($stmt != false){
+
+        $row = $stmt->fetch(PDO::FETCH_ASSOC);
+        extract($row);
+
+        $user= [
+            "id" => $id,
+            "username" => $username,
+            "password" => $password,
+            "nationality" => $nationality,
+            "sex" => $sex,
+            "dateofBirth" => $dateOfBirth,
+            "currentBobCoins"=>$currentBobCoins,
+            "totalBobCoins" => $totalBobCoins,
+            "nbGamesPlayed" => $nbGamesPlayed,
+        ];
+
+        http_response_code(200);
+
+        echo json_encode($user);
+        
+    }
+}
+
+?>
\ No newline at end of file