-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathuserActionHandler.php
More file actions
152 lines (145 loc) · 8.64 KB
/
userActionHandler.php
File metadata and controls
152 lines (145 loc) · 8.64 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
<?php
include('dbConnection.php');
$userServiceLog = Logger::getLogger("myLogger");
$db = new db();
$connection_state = $db->dbConnect();
$connection_state = json_decode($connection_state);
$response->status = 0;
$response->msg = '';
/*Check if the database connection is set or not*/
if ($connection_state->status !=0){
/*Report Error if the database connecation is failed*/
$userServiceLog->error('userService :: Database Connection Failed');
$response->status = 600;
$response->msg = "Database Coneection Failed";
}
else {
/*Process user acation services if the database connection is successed*/
/*Check if front-end pass service name to server side*/
if (!isset($_POST['userService'])){
/*Report Error wheno no service name is sent via POST*/
$userServiceLog->warn('userService :: No Service Selected');
$response->status = 400;
$response->msg = "No Service Selected";
}
else {
/*Get service name and match it with service if service name is sent via POST*/
$service = $_POST['userService'];
switch($service) {
case "isDuplicate": /*Perform Service -isDuplicate- if it is called*/
$userServiceLog->info('userService :: isDuplicate Called.');
if (isset($_POST['userName'])){
/*Get all required data ---> Query Databaes ---> Return callback*/
$userName = $_POST['userName'];
$statement = "SELECT COUNT(`User_name`) AS dbResult FROM User_info WHERE `User_name` = '$userName '";
$dbResult =$db->dbExecute($statement);
if ($dbResult){
$dbResult = mysqli_fetch_assoc($dbResult);
/*Return message back if the query is succeed*/
//COVERED
$response->status = 200;
$response->msg =!!($dbResult['dbResult']);
$userServiceLog->info('userService :: isDuplicate Send dbResponse back.');
}
else {
/*Report error back if the query is failed*/
//COVERED
$response->status = 601;
$response->msg = 'Unknown error in database';
$userServiceLog->warn('userService ::isDuplicate fail in database');
}
}
else {
/*No enough data ---> Return callback*/
// COVERED
$userServiceLog->warn('userService ::isDuplicate Called Failed. No userName passed back via POST');
$response->status = 406;
$response->msg = 'userService: isDuplicate requires variable [userName]';
}
break;
case "logIn": /*Perform Service -logIn- if it is called*/
$userServiceLog->info('userService :: logIn Called.');
if (isset($_POST['userName']) && isset($_POST['userPassword'])){
/*Get all required data ---> Query Databaes ---> Return callback*/
$userName = $_POST['userName'];
$userPassword = $_POST['userPassword'];
$statement = "SELECT COUNT(`User_name`) AS dbResult FROM `User_info` WHERE `User_name` = '$userName' AND AES_DECRYPT (`Password`,UNHEX(SHA2('My secret passphrase',512))) = '$userPassword' ";
$dbResult =$db->dbExecute($statement);
$dbResult = mysqli_fetch_assoc($dbResult);
if ($dbResult){
/*Return message back if the query is succeed*/
//COVERED
$response->status = 200;
$response->msg =!!($dbResult['dbResult']);
$userServiceLog->info('userService :: logIn Send dbResponse back.');
}
else {
/*Report error back if the query is failed*/
//COVERED
$response->status = 601;
$response->msg = !!($dbResult['dbResult']);
$userServiceLog->warn('userService ::logIn fail in database');
}
}
else {
/*No enough data ---> Return callback*/
// COVERED
$userServiceLog->warn('userService ::logIn Called Failed. No userName and userPassword back via POST');
$response->status = 406;
$response->msg = 'userService: logIn requires variable [userName][userPassword]';
}
break;
/*----------------------------------------------------------------------------------------------------------*/
case "signUp": /*Perform Service -signUp- if it is called*/
$userServiceLog->info('userService :: signUp Called');
if( isset($_POST['userName']) &&
isset($_POST['userPassword']) &&
isset($_POST['userPhone'])&&
isset($_POST['userEmail'])&&
isset($_POST['userRole'])){
/*Get all required variables ---> Query Database ---> Return callback*/
// COVERED
$userName = $_POST['userName'];
$userPassword = $_POST['userPassword'];
$userRole = $_POST['userRole'];
$userPhone = $_POST['userPhone'];
$userEmail = $_POST['userEmail'];
/*$statement = "INSERT INTO User_info (User_name, Password, User_role, Email, Phone)
VALUES ('$userName',
AES_ENCRYPT('$userPassword', UNHEX(SHA2(`My secret key`,512))),
'$userRole',
'$userEmail', '$userPhone');";*/
$statement = "INSERT INTO User_info (User_name, Password, User_role, Email, Phone)
VALUES ('$userName', AES_ENCRYPT('$userPassword', UNHEX(SHA2('My secret passphrase',512))),'$userRole','$userEmail', '$userPhone');";
$dbResult =$db->dbExecute($statement);
if ($dbResult){
/*Return message back if the query is succeed*/
//COVERED
$response->status = 200;
$response->msg = 'SUCCESS';
$userServiceLog->info('userService ::signUp Success');
}
else {
/*Return error back if the query is failed*/
//COVERED
$response->status = 601;
$response->msg = 'Unknown error in database';
$userServiceLog->warn('userService ::signUp fail in database');
}
}else{
/*Not enough data ---> Return call back*/
// COVERED
$userServiceLog->warn('userService ::signUp Called Failed. No enough data');
$response->status = 406;
$response->msg = 'signUp requires variables [userName] [userPassword] [userRole] [userPhone] [userEmail]';
}
break;
default: //COVERED
$userServiceLog->warn('userService :: '.$service.' Not Found');
$response->status = 404;
$response->msg =$service." Not Found";
}
}
}
echo(json_encode($response));
?>