mirror of
https://github.com/pierre42100/ComunicAPI
synced 2024-12-24 12:38:58 +00:00
Can find user ID with its folder name
This commit is contained in:
parent
2a9f0ed1a0
commit
d8de0866ae
@ -124,4 +124,32 @@ class userController
|
||||
//Return userID
|
||||
return array("userID" => userID);
|
||||
}
|
||||
|
||||
/**
|
||||
* Find user ID by a specified folder name
|
||||
*
|
||||
* @url POST /user/findbyfolder
|
||||
*/
|
||||
public function findUserByFolder(){
|
||||
|
||||
//Check for domain name
|
||||
if(!isset($_POST['subfolder']))
|
||||
Rest_fatal_error(400, "No subfolder specified!");
|
||||
|
||||
$input = safe_for_sql($_POST['subfolder']);
|
||||
|
||||
if(!check_string_before_insert($input))
|
||||
Rest_fatal_error(401, "The request was cancelled because the query is unsafe !");
|
||||
|
||||
//Search user ID in the database
|
||||
$id = CS::get()->components->user->findByFolder($input);
|
||||
|
||||
//Check for error
|
||||
if($id === 0)
|
||||
Rest_fatal_error(404, "No user was found with the specifed subfolder!");
|
||||
|
||||
//Return result
|
||||
return array("userID" => $id);
|
||||
|
||||
}
|
||||
}
|
@ -297,6 +297,36 @@ class User{
|
||||
return count($result) !== 0;
|
||||
}
|
||||
|
||||
/**
|
||||
* Find the user specified by a folder name
|
||||
*
|
||||
* @param string $folder The folder of the research
|
||||
* @return int 0 if no user was found or the ID of the user in case of success
|
||||
*/
|
||||
public function findByFolder(string $folder) : int {
|
||||
|
||||
//Perform a request on the database
|
||||
$tableName = $this->userTable;
|
||||
$condition = "WHERE sous_repertoire = ?";
|
||||
$condValues = array($folder);
|
||||
$requiredFields = array("ID");
|
||||
|
||||
//Try to perform the request
|
||||
$result = CS::get()->db->select($tableName, $condition, $condValues, $requiredFields);
|
||||
|
||||
//Check for errors
|
||||
if($result === false){
|
||||
return 0;
|
||||
}
|
||||
|
||||
if(count($result) == 0)
|
||||
return 0; //There is no result
|
||||
|
||||
//Return result
|
||||
return $result[0]["ID"];
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* Crypt user password
|
||||
*
|
||||
|
@ -102,4 +102,21 @@ function check_string_before_insert($string){
|
||||
|
||||
//Success
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Make a string safe to be used to perform a query on a database
|
||||
*
|
||||
* @param string $input The string to process
|
||||
* @return string The result string
|
||||
*/
|
||||
function safe_for_sql(string $input) : string {
|
||||
|
||||
//Perform safe adapation
|
||||
$input = str_ireplace("\\", "\\\\", $input);
|
||||
$input = str_ireplace("'", "\\'", $input);
|
||||
$input = str_ireplace('"', "\\\"", $input);
|
||||
|
||||
return $input;
|
||||
|
||||
}
|
Loading…
Reference in New Issue
Block a user