DbOperation.php
<?php
class DbOperation
{
private $con;
function __construct()
{
require_once dirname(__FILE__) . '/DbConnect.php';
$db = new DbConnect();
$this->con = $db->connect();
}
//Method to create a new user
function registerUser($name, $email, $pass, $gender)
{
if (!$this->isUserExist($email)) {
$password = md5($pass);
$stmt = $this->con->prepare("INSERT INTO users (name, email, password, gender) VALUES (?, ?, ?, ?)");
$stmt->bind_param("ssss", $name, $email, $password, $gender);
if ($stmt->execute())
return USER_CREATED;
return USER_CREATION_FAILED;
}
return USER_EXIST;
}
//Method for user login
function userLogin($email, $pass)
{
$password = md5($pass);
$stmt = $this->con->prepare("SELECT id FROM users WHERE email = ? AND password = ?");
$stmt->bind_param("ss", $email, $password);
$stmt->execute();
$stmt->store_result();
return $stmt->num_rows > 0;
}
//Method to send a message to another user
function sendMessage($from, $to, $title, $message)
{
$stmt = $this->con->prepare("INSERT INTO messages (from_users_id, to_users_id, title, message) VALUES (?, ?, ?, ?);");
$stmt->bind_param("iiss", $from, $to, $title, $message);
if ($stmt->execute())
return true;
return false;
}
//Method to update profile of user
function updateProfile($id, $name, $email, $pass, $gender)
{
$password = md5($pass);
$stmt = $this->con->prepare("UPDATE users SET name = ?, email = ?, password = ?, gender = ? WHERE id = ?");
$stmt->bind_param("ssssi", $name, $email, $password, $gender, $id);
if ($stmt->execute())
return true;
return false;
}
//Method to get messages of a particular user
function getMessages($userid)
{
$stmt = $this->con->prepare("SELECT messages.id, (SELECT users.name FROM users WHERE users.id = messages.from_users_id) as `from`, (SELECT users.name FROM users WHERE users.id = messages.to_users_id) as `to`, messages.title, messages.message, messages.sentat FROM messages WHERE messages.to_users_id = ? ORDER BY messages.sentat DESC;");
$stmt->bind_param("i", $userid);
$stmt->execute();
$stmt->bind_result($id, $from, $to, $title, $message, $sent);
$messages = array();
while ($stmt->fetch()) {
$temp = array();
$temp['id'] = $id;
$temp['from'] = $from;
$temp['to'] = $to;
$temp['title'] = $title;
$temp['message'] = $message;
$temp['sent'] = $sent;
array_push($messages, $temp);
}
return $messages;
}
//Method to get user by email
function getUserByEmail($email)
{
$stmt = $this->con->prepare("SELECT id, name, email, gender FROM users WHERE email = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
$stmt->bind_result($id, $name, $email, $gender);
$stmt->fetch();
$user = array();
$user['id'] = $id;
$user['name'] = $name;
$user['email'] = $email;
$user['gender'] = $gender;
return $user;
}
//Method to get all users
function getAllUsers(){
$stmt = $this->con->prepare("SELECT id, name, email, gender FROM users");
$stmt->execute();
$stmt->bind_result($id, $name, $email, $gender);
$users = array();
while($stmt->fetch()){
$temp = array();
$temp['id'] = $id;
$temp['name'] = $name;
$temp['email'] = $email;
$temp['gender'] = $gender;
array_push($users, $temp);
}
return $users;
}
//Method to check if email already exist
function isUserExist($email)
{
$stmt = $this->con->prepare("SELECT id FROM users WHERE email = ?");
$stmt->bind_param("s", $email);
$stmt->execute();
$stmt->store_result();
return $stmt->num_rows > 0;
}
}
Index.php
<?php
use \Psr\Http\Message\ServerRequestInterface as Request;
use \Psr\Http\Message\ResponseInterface as Response;
require '../vendor/autoload.php';
require_once '../includes/DbOperation.php';
//Creating a new app with the config to show errors
$app = new \Slim\App([
'settings' => [
'displayErrorDetails' => true
]
]);
//registering a new user
$app->post('/register', function (Request $request, Response $response)
{
if (isTheseParametersAvailable(array('name', 'email', 'password', 'gender'))) {
$requestData = $request->getParsedBody();
$name = $requestData['name'];
$email = $requestData['email'];
$password = $requestData['password'];
$gender = $requestData['gender'];
$db = new DbOperation();
$responseData = array();
$result = $db->registerUser($name, $email, $password, $gender);
if ($result == USER_CREATED) {
$responseData['error'] = false;
$responseData['message'] = 'Registered successfully';
$responseData['user'] = $db->getUserByEmail($email);
} elseif ($result == USER_CREATION_FAILED) {
$responseData['error'] = true;
$responseData['message'] = 'Some error occurred';
} elseif ($result == USER_EXIST) {
$responseData['error'] = true;
$responseData['message'] = 'This email already exist, please login';
}
$response->getBody()->write(json_encode($responseData));
}
});
//user login route
$app->post('/login', function (Request $request, Response $response) {
if (isTheseParametersAvailable(array('email', 'password'))) {
$requestData = $request->getParsedBody();
$email = $requestData['email'];
$password = $requestData['password'];
$db = new DbOperation();
$responseData = array();
if ($db->userLogin($email, $password)) {
$responseData['error'] = false;
$responseData['user'] = $db->getUserByEmail($email);
} else {
$responseData['error'] = true;
$responseData['message'] = 'Invalid email or password';
}
$response->getBody()->write(json_encode($responseData));
}
});
//getting all users
$app->get('/users', function (Request $request, Response $response) {
$db = new DbOperation();
$users = $db->getAllUsers();
$response->getBody()->write(json_encode(array("users" => $users)));
});
//getting messages for a user
$app->get('/messages/{id}', function (Request $request, Response $response) {
$userid = $request->getAttribute('id');
$db = new DbOperation();
$messages = $db->getMessages($userid);
$response->getBody()->write(json_encode(array("messages" => $messages)));
});
//updating a user
$app->post('/update/{id}', function (Request $request, Response $response) {
if (isTheseParametersAvailable(array('name', 'email', 'password', 'gender'))) {
$id = $request->getAttribute('id');
$requestData = $request->getParsedBody();
$name = $requestData['name'];
$email = $requestData['email'];
$password = $requestData['password'];
$gender = $requestData['gender'];
$db = new DbOperation();
$responseData = array();
if ($db->updateProfile($id, $name, $email, $password, $gender)) {
$responseData['error'] = false;
$responseData['message'] = 'Updated successfully';
$responseData['user'] = $db->getUserByEmail($email);
} else {
$responseData['error'] = true;
$responseData['message'] = 'Not updated';
}
$response->getBody()->write(json_encode($responseData));
}
});
//sending message to user
$app->post('/sendmessage', function (Request $request, Response $response) {
if (isTheseParametersAvailable(array('from', 'to', 'title', 'message'))) {
$requestData = $request->getParsedBody();
$from = $requestData['from'];
$to = $requestData['to'];
$title = $requestData['title'];
$message = $requestData['message'];
$db = new DbOperation();
$responseData = array();
if ($db->sendMessage($from, $to, $title, $message)) {
$responseData['error'] = false;
$responseData['message'] = 'Message sent successfully';
} else {
$responseData['error'] = true;
$responseData['message'] = 'Could not send message';
}
$response->getBody()->write(json_encode($responseData));
}
});
//function to check parameters
function isTheseParametersAvailable($required_fields)
{
$error = false;
$error_fields = "";
$request_params = $_REQUEST;
foreach ($required_fields as $field) {
if (!isset($request_params[$field]) || strlen(trim($request_params[$field])) <= 0) {
$error = true;
$error_fields .= $field . ', ';
}
}
if ($error) {
$response = array();
$response["error"] = true;
$response["message"] = 'Required field(s) ' . substr($error_fields, 0, -2) . ' is missing or empty';
echo json_encode($response);
return false;
}
return true;
}
$app->run();