<?php
//getting the dboperation class
require_once '../includes/DbOperation.php';
//function validating all the paramters are available
//we will pass the required parameters to this function
function isTheseParametersAvailable($params){
//assuming all parameters are available
$available = true;
$missingparams = "";
foreach($params as $param){
if(!isset($_POST[$param]) || strlen($_POST[$param])<=0){
$available = false;
$missingparams = $missingparams . ", " . $param;
}
}
//if parameters are missing
if(!$available){
$response = array();
$response['error'] = true;
$response['message'] = 'Parameters ' . substr($missingparams, 1, strlen($missingparams)) . ' missing';
//displaying error
echo json_encode($response);
//stopping further execution
die();
}
}
//an array to display response
$response = array();
//if it is an api call
//that means a get parameter named api call is set in the URL
//and with this parameter we are concluding that it is an api call
if(isset($_GET['apicall'])){
switch($_GET['apicall']){
//the CREATE operation
//if the api call value is 'createhero'
//we will create a record in the database
case 'createhero':
//first check the parameters required for this request are available or not
isTheseParametersAvailable(array('name','fio','rating','details', 'data', 'image'));
//creating a new dboperation object
$db = new DbOperation();
//creating a new record in the database
$result = $db->createHero(
$_POST['name'],
$_POST['fio'],
$_POST['rating'],
$_POST['details'],
$_POST['data'],
$_POST['image']
);
//if the record is created adding success to response
if($result){
//record is created means there is no error
$response['error'] = false;
//in message we have a success message
$response['message'] = 'Hero addedd successfully';
//and we are getting all the heroes from the database in the response
$response['heroes'] = $db->getHeroes();
}else{
//if record is not added that means there is an error
$response['error'] = true;
//and we have the error message
$response['message'] = 'problem tut 2';
}
break;
//the READ operation
//if the call is getheroes
case 'getheroes':
$db = new DbOperation();
$response['error'] = false;
$response['message'] = 'Request successfully completed';
$response['heroes'] = $db->getHeroes();
break;
//the UPDATE operation
case 'updatehero':
isTheseParametersAvailable(array('id','name','fio','rating','details', 'data', 'image'));
$db = new DbOperation();
$result = $db->updateHero(
$_POST['id'],
$_POST['name'],
$_POST['fio'],
$_POST['rating'],
$_POST['details'],
$_POST['data'],
$_POST['image']
);
if($result){
$response['error'] = false;
$response['message'] = 'Hero updated successfully';
$response['heroes'] = $db->getHeroes();
}else{
$response['error'] = true;
$response['message'] = 'problem tut 3';
}
break;
//the delete operation
case 'deletehero':
//for the delete operation we are getting a GET parameter from the url having the id of the record to be deleted
if(isset($_GET['id'])){
$db = new DbOperation();
if($db->deleteHero($_GET['id'])){
$response['error'] = false;
$response['message'] = 'Hero deleted successfully';
$response['heroes'] = $db->getHeroes();
}else{
$response['error'] = true;
$response['message'] = 'roblem tut 1';
}
}else{
$response['error'] = true;
$response['message'] = 'Nothing to delete, provide an id please';
}
break;
}
}else{
//if it is not api call
//pushing appropriate values to response array
$response['error'] = true;
$response['message'] = 'Invalid API Call';
}
//displaying the response in json structure
echo json_encode($response);
<?php
class DbOperation
{
//Database connection link
private $con;
//Class constructor
function __construct()
{
//Getting the DbConnect.php file
require_once dirname(__FILE__) . '/DbConnect.php';
//Creating a DbConnect object to connect to the database
$db = new DbConnect();
//Initializing our connection link of this class
//by calling the method connect of DbConnect class
$this->con = $db->connect();
}
/*
* The create operation
* When this method is called a new record is created in the database
*/
function createHero($name, $fio, $rating, $details, $data, $image){
$stmt = $this->con->prepare("INSERT INTO heroes (name, fio, rating, details, data, image) VALUES (?, ?, ?, ?, ?, ?)");
$stmt->bind_param("ssis", $name, $fio, $rating, $details, $data, $image);
if($stmt->execute())
return true;
return false;
}
/*
* The read operation
* When this method is called it is returning all the existing record of the database
*/
function getHeroes(){
$stmt = $this->con->prepare("SELECT id, name, fio, rating, details, data, image FROM heroes");
$stmt->execute();
$stmt->bind_result($id, $name, $fio, $rating, $details, $data, $image);
$heroes = array();
while($stmt->fetch()){
$hero = array();
$hero['id'] = $id;
$hero['name'] = $name;
$hero['fio'] = $fio;
$hero['rating'] = $rating;
$hero['details'] = $details;
$hero['data'] = $data;
$hero['image'] = $image;
array_push($heroes, $hero);
}
return $heroes;
}
/*
* The update operation
* When this method is called the record with the given id is updated with the new given values
*/
function updateHero($id, $name, $fio, $rating, $details, $data, $image){
$stmt = $this->con->prepare("UPDATE heroes SET name = ?, fio = ?, rating = ?, details = ?, data = ?, image = ? WHERE id = ?");
$stmt->bind_param("ssisi", $name, $fio, $rating, $details, $data, $image, $id);
if($stmt->execute())
return true;
return false;
}
/*
* The delete operation
* When this method is called record is deleted for the given id
*/
function deleteHero($id){
$stmt = $this->con->prepare("DELETE FROM heroes WHERE id = ? ");
$stmt->bind_param("i", $id);
if($stmt->execute())
return true;
return false;
}
}