Restful Web Services in PHP & MySQL
10:50 PM
Create Database
CREATE TABLE `users` (
`id` int(11) NOT NULL PRIMARY KEY AUTO_INCREMENT,
`username` varchar(255) NOT NULL,
`password` varchar(255) NOT NULL,
`created` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
)
Koneksi Database
class Database{
// specify your own database credentials
private $host = "localhost";
private $db_name = "PHPLearning";
private $username = "root";
private $password = "";
public $conn;
// get the database connection
public function getConnection(){
$this->conn = null;
try{
$this->conn = new PDO("mysql:host=" . $this->host . ";dbname=" . $this->db_name, $this->username, $this->password);
$this->conn->exec("set names utf8");
}catch(PDOException $exception){
echo "Connection error: " . $exception->getMessage();
}
return $this->conn;
}
}
Fungsi User
class User{
// database connection and table name
private $conn;
private $table_name = "users";
// object properties
public $id;
public $username;
public $password;
public $created;
// constructor with $db as database connection
public function __construct($db){
$this->conn = $db;
}
// signup user
function signup(){
if($this->isAlreadyExist()){
return false;
}
// query to insert record
$query = "INSERT INTO
" . $this->table_name . "
SET
username=:username, password=:password, created=:created";
// prepare query
$stmt = $this->conn->prepare($query);
// sanitize
$this->username=htmlspecialchars(strip_tags($this->username));
$this->password=htmlspecialchars(strip_tags($this->password));
$this->created=htmlspecialchars(strip_tags($this->created));
// bind values
$stmt->bindParam(":username", $this->username);
$stmt->bindParam(":password", $this->password);
$stmt->bindParam(":created", $this->created);
// execute query
if($stmt->execute()){
$this->id = $this->conn->lastInsertId();
return true;
}
return false;
}
// login user
function login(){
// select all query
$query = "SELECT
`id`, `username`, `password`, `created`
FROM
" . $this->table_name . "
WHERE
username='".$this->username."' AND password='".$this->password."'";
// prepare query statement
$stmt = $this->conn->prepare($query);
// execute query
$stmt->execute();
return $stmt;
}
function isAlreadyExist(){
$query = "SELECT *
FROM
" . $this->table_name . "
WHERE
username='".$this->username."'";
// prepare query statement
$stmt = $this->conn->prepare($query);
// execute query
$stmt->execute();
if($stmt->rowCount() > 0){
return true;
}
else{
return false;
}
}
}
Login.php
// include database and object files
include_once '../config/database.php';
include_once '../objects/user.php';
// get database connection
$database = new Database();
$db = $database->getConnection();
// prepare user object
$user = new User($db);
// set ID property of user to be edited
$user->username = isset($_GET['username']) ? $_GET['username'] : die();
$user->password = base64_encode(isset($_GET['password']) ? $_GET['password'] : die());
// read the details of user to be edited
$stmt = $user->login();
if($stmt->rowCount() > 0){
// get retrieved row
$row = $stmt->fetch(PDO::FETCH_ASSOC);
// create array
$user_arr=array(
"status" => true,
"message" => "Successfully Login!",
"id" => $row['id'],
"username" => $row['username']
);
}
else{
$user_arr=array(
"status" => false,
"message" => "Invalid Username or Password!",
);
}
// make it json format
print_r(json_encode($user_arr));
Signup.php
// get database connection
include_once '../config/database.php';
// instantiate user object
include_once '../objects/user.php';
$database = new Database();
$db = $database->getConnection();
$user = new User($db);
// set user property values
$user->username = $_POST['username'];
$user->password = base64_encode($_POST['password']);
$user->created = date('Y-m-d H:i:s');
// create the user
if($user->signup()){
$user_arr=array(
"status" => true,
"message" => "Successfully Signup!",
"id" => $user->id,
"username" => $user->username
);
}
else{
$user_arr=array(
"status" => false,
"message" => "Username already exists!"
);
}
print_r(json_encode($user_arr));