-
Notifications
You must be signed in to change notification settings - Fork 16
/
interact_user.php
executable file
·64 lines (53 loc) · 2.31 KB
/
interact_user.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
<?php
session_start();
header('Content-Type: application/json');
// Check if user is signed in
if (!isset($_SESSION['user_id'])) {
echo json_encode(['success' => false, 'error' => 'not_signed_in']);
exit;
}
try {
// Connect to the SQLite database
$db = new PDO('sqlite:' . __DIR__ . '/../chirp.db');
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// Decode JSON input
$data = json_decode(file_get_contents('php://input'), true);
// Validate input data
if (empty($data['userId']) || empty($data['action'])) {
echo json_encode(['success' => false, 'error' => 'missing_data']);
exit;
}
// Sanitize and validate inputs
$userIdToFollow = (int) $data['userId'];
$action = strtolower($data['action']);
$currentUserId = $_SESSION['user_id'];
// Verify that the userIdToFollow exists
$stmt = $db->prepare('SELECT COUNT(*) FROM users WHERE id = :userId');
$stmt->bindParam(':userId', $userIdToFollow, PDO::PARAM_INT);
$stmt->execute();
$userExists = $stmt->fetchColumn();
if (!$userExists) {
echo json_encode(['success' => false, 'error' => 'user_not_found']);
exit;
}
if ($action === 'follow') {
// Add a new follow entry
$stmt = $db->prepare('INSERT INTO following (follower_id, following_id) VALUES (:followerId, :followingId)');
$stmt->bindParam(':followerId', $currentUserId, PDO::PARAM_INT);
$stmt->bindParam(':followingId', $userIdToFollow, PDO::PARAM_INT);
$stmt->execute();
echo json_encode(['success' => true, 'action' => 'follow']);
} elseif ($action === 'unfollow') {
// Remove the follow entry
$stmt = $db->prepare('DELETE FROM following WHERE follower_id = :followerId AND following_id = :followingId');
$stmt->bindParam(':followerId', $currentUserId, PDO::PARAM_INT);
$stmt->bindParam(':followingId', $userIdToFollow, PDO::PARAM_INT);
$stmt->execute();
echo json_encode(['success' => true, 'action' => 'unfollow']);
} else {
echo json_encode(['success' => false, 'error' => 'invalid_action']);
}
} catch (PDOException $e) {
echo json_encode(['success' => false, 'error' => 'database_error', 'message' => $e->getMessage()]);
}
?>