Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- This file is subject to the terms and conditions defined in
- file 'LICENSE', which is part of this source code package.
- © 2022 OtteIT s.r.o.
- All Rights Reserved.
- Author: Vilem Otte <dev@otte.cz>
- */
- /**
- * Endpoint to create product record
- *
- * @param eshop_id Reference (Required), references ID in eshop table
- * @param bottle_id Reference (Required), references ID in bottle table
- * @param name String (Required), name of the product
- * @param link String (Required), link (hyperlink) to the product on the eshop
- * @param auction Number (Required), 1 for auction, 0 otherwise (boolean)
- * @param stock Number (Required), 0 for unavailable, non-0 for available
- * @param confirmed Number, 1 for confirmed product record, 0 otherwise (boolean)
- * @param auction_start String, ISO time when auction starts
- * @param auction_end String, ISO time when auction ends
- *
- * @return _ JSON with result (HTTP response code), error (details, if error happens) or product (holding result of create call)
- */
- header("Access-Control-Allow-Origin: *");
- header("Content-Type: application/json; charset=UTF-8");
- header("Access-Control-Allow-Methods: POST");
- header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
- require_once(__DIR__."/../../db.php");
- require_once(__DIR__."/../../util.php");
- require_once(__DIR__."/product.php");
- require_once(__DIR__."/../../session/session.php");
- require_once(__DIR__."/../../auth/auth.php");
- require_once(__DIR__."/../../permission/permission.php");
- // Session set up
- $auth = new Auth();
- $session = new Session();
- // Payload requirements
- $data = json_decode(file_get_contents("php://input"));
- $payloadError = Util::PayloadCheck($data, "eshop_id", "bottle_id", "name", "link", "auction", "stock");
- if ($payloadError != false)
- {
- http_response_code(200);
- echo json_encode(array("result" => 500, "error" => $payloadError));
- exit();
- }
- // Connect to database, attach to session
- $db = new Database();
- $session->SetDB($db);
- // Require user authentication
- $auth_id = $session->GetUserID($auth);
- if ($auth_id != null)
- {
- // Check permission
- $permission = new Permission($db);
- $permissionCheck = $permission->Check($auth_id, "rum", Permission::WRITE);
- if ($permissionCheck == true)
- {
- // Permission check success - create record
- $product = new Rum_Product($db);
- $product->eshop_id = $data->eshop_id;
- $product->bottle_id = $data->bottle_id;
- $product->link = $data->link;
- $product->name = $data->name;
- $product->auction = $data->auction;
- $product->stock = $data->stock;
- if (isset($data->confirmed))
- {
- $product->confirmed = $data->confirmed;
- }
- if (isset($data->auction_start))
- {
- $product->auction_start = $data->auction_start;
- }
- if (isset($data->auction_end))
- {
- $product->auction_end = $data->auction_end;
- }
- $result = $product->Create();
- if ($result != null)
- {
- // Successfully created record
- http_response_code(200);
- echo json_encode(array("result" => 200, "product" => $result));
- }
- else
- {
- // DB Error during record creation
- http_response_code(200);
- echo json_encode(array("result" => 500, "error" => $db->GetLastError()));
- }
- }
- else if ($permissionCheck === false)
- {
- // Permission check failure
- http_response_code(200);
- echo json_encode(array("result" => 401, "error" => "Unauthorized: Permission level too low."));
- }
- else
- {
- // DB Error during permission check
- http_response_code(200);
- echo json_encode(array("result" => 500, "error" => $db->GetLastError()));
- }
- }
- else
- {
- // User unauthorized
- http_response_code(200);
- echo json_encode(array("result" => 401, "error" => "Unauthorized"));
- }
- // Close database connection
- $db->Disconnect();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
