e949/api/user/index.php

<?php
// Viewing account data



// Includes
if ($IS_FRONTEND) {
	require_once("api/_auth.php");
	require_once("api/_utils.php");
	require_once("api/_errorslist.php");
	require_once("api/_types.php");
} else {
	require_once("../_auth.php");
	require_once("../_utils.php");
	require_once("../_errorslist.php");
	require_once("../_types.php");
}



// Functions

/*
 * FUNCTION
 * Get amount of users
 */
function User_GetUsersAmount (): array {
	global $db;

	$result = array(
		"users" => 0,
		"banned" => 0
	);

	$qr = $db->query("SELECT COUNT(*) FROM users");
	$row = $qr->fetch_row();
	$result["users"] = $row[0];

	$qr = $db->query("SELECT COUNT(*) FROM users WHERE banned = TRUE");
	$row = $qr->fetch_row();
	$result["banned"] = $row[0];

	return $result;
}

/*
 * FUNCTION
 * Check if user with supplied login exists
 */
function User_LoginExist (string $login): bool {
	global $db;

	$s = $db->prepare("SELECT id FROM users WHERE login = ?");
	$s->bind_param("s", $login);
	$s->execute();

	return (bool)$s->get_result()->fetch_assoc();
}

/*
 * FUNCTION
 * Check if user with supplied ID exists
 */
function User_IDExist (int $id): bool {
	global $db;

	$s = $db->prepare("SELECT id FROM users WHERE id = ?");
	$s->bind_param("s", $id);
	$s->execute();

	return (bool)$s->get_result()->fetch_assoc();
}

/*
 * FUNCTION
 * Check if user has specified role
 */
function User_HasRole (int $id, string $role): ReturnT {
	global $db;

	$s = $db->prepare("SELECT role FROM users WHERE id = ?");
	$s->bind_param("s", $id);
	$s->execute();
	$d = $s->get_result()->fetch_assoc();

	if (!(bool)$d)
		return new ReturnT(err_code: E_UIN_WRONGID, err_desc: "user not found in database");

	return new ReturnT(data: $d["role"] === $role);
}

/*
 * FUNCTION
 * Check if user is moderator (or higher)
 */
function User_IsMod (int $id): ReturnT {
	global $db;

	$s = $db->prepare("SELECT role FROM users WHERE id = ?");
	$s->bind_param("s", $id);
	$s->execute();
	$d = $s->get_result()->fetch_assoc();

	if (!(bool)$d)
		return new ReturnT(err_code: E_UIN_WRONGID, err_desc: "user not found in database");

	return new ReturnT(data: in_array($d["role"], array("mod", "admin")));
}

/*
 * FUNCTION
 * Get user information from DB
 */
function User_GetInfoByID (int $id): ReturnT {
	global $db, $THIS_USER, $LOGGED_IN;

	$result = array();

	$s = $db->prepare("SELECT * FROM users WHERE id = ?");
	$s->bind_param("s", $id);
	$s->execute();
	$d = $s->get_result()->fetch_assoc();

	if (!(bool)$d)
		return new ReturnT(err_code: E_UIN_WRONGID, err_desc: "user not found in database");

	$result["id"]            = $d["id"];
	$result["created_at"]    = $d["created_at"];
	$result["login"]         = $d["login"];
	$result["avatar_path"]   = $d["avatar_path"];
	$result["role"]          = $d["role"];
	$result["banned"]        = $d["banned"];
	// User himself and mods can see additional info
	if ($id === $THIS_USER) {
		$result["email"]     = $d["email"];
		$result["invite_id"] = $d["invite_id"];
	} elseif ($LOGGED_IN) {
		if (User_IsMod($THIS_USER)->GetData()) {
			$result["email"]     = $d["email"];
			$result["invite_id"] = $d["invite_id"];
		}
	}

	return new ReturnT(data: $result);
}



// Methods

/*
 * METHOD
 * Get user information from DB
 */
function User_GetInfoByID_Method (array $req): ReturnT {
	global $THIS_USER, $LOGGED_IN;

	// Input sanity checks

	$UserID = null;
	if (isset($req["id"])) {
		if (!ctype_digit($req["id"]))
			return new ReturnT(err_code: E_UIN_BADARGS, err_desc: "id must be numeric");
		$UserID = intval($req["id"]);
	} else {
		if ($LOGGED_IN)
			$UserID = $THIS_USER;
		else
			return new ReturnT(err_code: E_UIN_INSUFARGS, err_desc: "id must be specified or valid session must be provided");
	}

	// Actions

	return User_GetInfoByID($UserID);
}



if (Utils_ThisFileIsRequested(__FILE__)) {
	require_once("../_json.php");

	$result = User_GetInfoByID_Method($_REQUEST);

	if ($result->IsError())
		$result->ThrowJSONError();
	else
		JSON_ReturnData($result->GetData());
}



?>