File Manager V1.5

FILE_CONTENT: get_liz_profile.php

<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);

ob_start();

require_once 'db.php';

header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS");
header("Access-Control-Allow-Headers: Authorization, Content-Type, Accept, X-Requested-With, User-Agent, Origin");
header("Access-Control-Max-Age: 86400");
header("Content-Type: application/json; charset=UTF-8");

if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
    http_response_code(200);
    exit;
}

function sendResponse($success, $message = '', $data = null, $code = 200) {
    global $debugInfo;
    if (ob_get_length()) ob_clean();
    
    $response = [
        'success' => $success,
        'message' => $message,
        'data' => $data,
        'timestamp' => time()
    ];
    if (!empty($debugInfo)) {
        $response['debug'] = $debugInfo;
    }
    
    http_response_code($code);
    echo json_encode($response);
    exit;
}

$debugInfo = [];

try {
    $headers = getallheaders();
    if (!isset($headers['Authorization'])) {
        $debugInfo[] = 'Authorization header missing';
        sendResponse(false, 'Требуется авторизация', null, 401);
    }
    
    $token = str_replace('Bearer ', '', $headers['Authorization']);
    $debugInfo[] = "Token received: $token";
    $decoded = verifyToken($token);
    
    if (!$decoded) {
        $debugInfo[] = 'Token verification failed';
        sendResponse(false, 'Неверный токен', null, 401);
    }
    $debugInfo[] = 'Token decoded: ' . json_encode($decoded);

    if (!isset($_GET['id']) || !ctype_digit($_GET['id'])) {
        $debugInfo[] = 'Invalid ID parameter: ' . ($_GET['id'] ?? 'not set');
        sendResponse(false, 'Неверный ID пользователя', null, 400);
    }

    $userId = (int)$_GET['id'];
    $debugInfo[] = "Requested user ID: $userId";
    
    if ($decoded['user_id'] != $userId) {
        $debugInfo[] = "Token user_id: {$decoded['user_id']}, user_type: {$decoded['user_type']}";
        sendResponse(false, 'Доступ запрещен', null, 403);
    }

    $pdo = getPDO();
    if (!$pdo) {
        $debugInfo[] = 'Database connection failed';
        sendResponse(false, 'Ошибка подключения к БД', null, 500);
    }
    $debugInfo[] = 'Database connection established';

    $stmt = $pdo->prepare("SELECT * FROM leasingmanagers WHERE id = ?");
    $stmt->execute([$userId]);
    $user = $stmt->fetch(PDO::FETCH_ASSOC);

    if (!$user) {
        $debugInfo[] = "No user found with ID: $userId";
        sendResponse(false, 'Пользователь не найден', null, 404);
    }

    unset($user['password']);

    sendResponse(true, '', $user);

} catch (PDOException $e) {
    $debugInfo[] = 'PDO Exception: ' . $e->getMessage();
    sendResponse(false, 'Ошибка базы данных: ' . $e->getMessage(), null, 500);
} catch (Exception $e) {
    $debugInfo[] = 'General Exception: ' . $e->getMessage();
    sendResponse(false, 'Ошибка сервера: ' . $e->getMessage(), null, 500);
} finally {
    if (ob_get_length()) ob_end_clean();
}
?>