File Manager V1.5

[SYSTEM@ROOT]: /var/www/html/
FILE_CONTENT: check_verification.php

<?php
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS");
header("Access-Control-Allow-Headers: Authorization, Content-Type, Accept, X-Requested-With, User-Agent, Origin");
header("Access-Control-Max-Age: 86400");
header("Content-Type: application/json; charset=UTF-8");

ini_set('display_errors', 0);
ini_set('log_errors', 1);
ini_set('error_log', __DIR__ . '/php_error.log');

$servername = "gvitamb3.beget.tech";
$username = "gvitamb3_dcarbas";
$password = "Man363906";
$dbname = "gvitamb3_dcarbas";

try {
    $conn = new PDO("mysql:host=$servername;dbname=$dbname;charset=utf8mb4", $username, $password);
    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    $conn->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);

    if ($_SERVER['REQUEST_METHOD'] !== 'GET') {
        http_response_code(405);
        echo json_encode([
            'success' => false,
            'message' => 'Method Not Allowed. Use GET request.'
        ]);
        error_log("Invalid request method: " . $_SERVER['REQUEST_METHOD']);
        exit;
    }

    $user_id = isset($_GET['user_id']) ? (int)$_GET['user_id'] : 0;
    $user_type = isset($_GET['user_type']) ? (int)$_GET['user_type'] : -1;

    if ($user_id <= 0) {
        http_response_code(400);
        echo json_encode([
            'success' => false,
            'message' => 'Invalid or missing user_id'
        ]);
        error_log("Invalid user_id: " . $_GET['user_id']);
        exit;
    }

    if (!in_array($user_type, [0, 1, 2])) {
        http_response_code(400);
        echo json_encode([
            'success' => false,
            'message' => 'Invalid or missing user_type. Must be 0, 1, or 2.'
        ]);
        error_log("Invalid user_type: " . $_GET['user_type']);
        exit;
    }

    $table = '';
    switch ($user_type) {
        case 0:
            $table = 'individusers';
            break;
        case 1:
            $table = 'companyusers';
            break;
        case 2:
            $table = 'leasingmanagers';
            break;
    }

    $sql = "SELECT status FROM $table WHERE id = :user_id";
    $stmt = $conn->prepare($sql);
    $stmt->bindParam(':user_id', $user_id, PDO::PARAM_INT);
    $stmt->execute();

    $result = $stmt->fetch(PDO::FETCH_ASSOC);

    if ($result) {
        http_response_code(200);
        echo json_encode([
            'success' => true,
            'status' => $result['status'],
            'message' => 'User verification status retrieved successfully'
        ]);
        error_log("Successfully retrieved status for user_id: $user_id from table: $table");
    } else {
        http_response_code(404);
        echo json_encode([
            'success' => false,
            'message' => 'User not found'
        ]);
        error_log("User not found for user_id: $user_id in table: $table");
    }

} catch (PDOException $e) {
    http_response_code(500);
    echo json_encode([
        'success' => false,
        'message' => 'Database error: ' . $e->getMessage()
    ]);
    error_log("Database error for user_id $user_id: " . $e->getMessage());
} catch (Exception $e) {
    http_response_code(500);
    echo json_encode([
        'success' => false,
        'message' => 'Unexpected error: ' . $e->getMessage()
    ]);
    error_log("Unexpected error for user_id $user_id: " . $e->getMessage());
} finally {
    $conn = null;
}
?>
[ KEMBALI ]