File Manager V1.5

FILE_CONTENT: get_user.php

<?php
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS");
header("Access-Control-Allow-Headers: Authorization, Content-Type, Accept, X-Requested-With, User-Agent, Origin");
header("Access-Control-Max-Age: 86400");
header("Content-Type: application/json; charset=UTF-8");

require 'db.php';

$headers = getallheaders();
if (!isset($headers['Authorization'])) {
    http_response_code(401);
    echo json_encode(['success' => false, 'message' => 'Authorization header missing']);
    exit;
}

$token = str_replace('Bearer ', '', $headers['Authorization']);
$decoded = verifyToken($token);

if (!isset($_GET['id'])) {
    http_response_code(400);
    echo json_encode(['success' => false, 'message' => 'User ID required']);
    exit;
}

$userId = (int)$_GET['id'];
if ($decoded['user_id'] != $userId) {
    http_response_code(403);
    echo json_encode(['success' => false, 'message' => 'Access denied']);
    exit;
}

try {
    $pdo = getPDO();
    
    $table = match((int)$decoded['user_type']) {
        0 => 'individusers',
        1 => 'companyusers',
        2 => 'leasingmanagers',
        default => throw new Exception('Invalid user type')
    };
    
    $stmt = $pdo->prepare("SELECT * FROM $table WHERE id = ?");
    $stmt->execute([$userId]);
    $user = $stmt->fetch(PDO::FETCH_ASSOC);

    if (!$user) {
        http_response_code(404);
        echo json_encode(['success' => false, 'message' => 'User not found']);
        exit;
    }

    unset($user['password']);
    
    $user['user_type'] = (int)$decoded['user_type'];
    
    echo json_encode([
        'success' => true,
        'data' => $user
    ]);
} catch (Exception $e) {
    http_response_code(500);
    echo json_encode(['success' => false, 'message' => $e->getMessage()]);
}