File Manager V1.5
FILE_CONTENT: get_car_listings.php
<?php
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS");
header("Access-Control-Allow-Headers: Authorization, Content-Type, Accept, X-Requested-With, User-Agent, Origin");
header("Access-Control-Max-Age: 86400");
header("Content-Type: application/json; charset=UTF-8");
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
http_response_code(200);
exit;
}
require __DIR__ . '/vendor/autoload.php';
use Firebase\JWT\JWT;
use Firebase\JWT\Key;
require_once 'db.php';
function sendResponse($success, $message = '', $data = null, $code = 200) {
http_response_code($code);
echo json_encode([
'success' => $success,
'message' => $message,
'data' => $data,
'timestamp' => time()
]);
exit;
}
try {
$headers = getallheaders();
if (!isset($headers['Authorization'])) {
sendResponse(false, 'Требуется авторизация', null, 401);
}
$token = str_replace('Bearer ', '', $headers['Authorization']);
$decoded = verifyToken($token);
if (!$decoded) {
sendResponse(false, 'Неверный токен', null, 401);
}
$userId = $decoded['user_id'];
$pdo = getPDO();
if (!$pdo) {
sendResponse(false, 'Ошибка подключения к БД', null, 500);
}
$query = "SELECT * FROM car_listings WHERE status != 'pending'";
$params = [];
if (isset($_GET['user_id'])) {
$query .= " AND user_id = ?";
$params[] = $_GET['user_id'];
}
$stmt = $pdo->prepare($query);
$stmt->execute($params);
$listings = $stmt->fetchAll(PDO::FETCH_ASSOC);
sendResponse(true, 'Объявления успешно загружены', $listings);
} catch (PDOException $e) {
sendResponse(false, 'Ошибка базы данных: ' . $e->getMessage(), null, 500);
} catch (Exception $e) {
sendResponse(false, 'Ошибка сервера: ' . $e->getMessage(), null, 500);
}
?>[ KEMBALI ]