File Manager V1.5
FILE_CONTENT: register.php
<?php
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, PATCH, OPTIONS");
header("Access-Control-Allow-Headers: Authorization, Content-Type, Accept, X-Requested-With, User-Agent, Origin");
header("Access-Control-Max-Age: 86400");
header("Access-Control-Allow-Credentials: true");
header("Content-Type: application/json; charset=UTF-8");
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
http_response_code(200);
exit;
}
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
http_response_code(405);
echo json_encode(["success" => false, "message" => "Only POST method allowed"]);
exit;
}
require 'vendor/autoload.php';
use Dotenv\Dotenv;
try {
$dotenv = Dotenv::createImmutable(__DIR__);
$dotenv->load();
} catch (Exception $e) {
http_response_code(500);
echo json_encode(['success' => false, 'message' => 'Environment configuration failed']);
exit;
}
$requiredEnvVars = ['DB_HOST', 'DB_NAME', 'DB_USER', 'DB_PASSWORD'];
foreach ($requiredEnvVars as $var) {
if (!isset($_ENV[$var])) {
http_response_code(500);
echo json_encode(['success' => false, 'message' => "Required environment variable $var is missing"]);
exit;
}
}
try {
$pdo = new PDO(
"mysql:host={$_ENV['DB_HOST']};dbname={$_ENV['DB_NAME']};charset=utf8mb4",
$_ENV['DB_USER'],
$_ENV['DB_PASSWORD']
);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
} catch (PDOException $e) {
http_response_code(500);
echo json_encode(['success' => false, 'message' => 'Database connection failed']);
exit;
}
$input = file_get_contents('php://input');
if (empty($input)) {
http_response_code(400);
echo json_encode(['success' => false, 'message' => 'Empty request body']);
exit;
}
$data = json_decode($input, true);
if (json_last_error() !== JSON_ERROR_NONE) {
http_response_code(400);
echo json_encode(['success' => false, 'message' => 'Invalid JSON data']);
exit;
}
if (empty($data['number']) || empty($data['password']) || !isset($data['user_type'])) {
http_response_code(400);
echo json_encode(['success' => false, 'message' => 'Phone number, password and user type are required']);
exit;
}
if (!in_array((int)$data['user_type'], [0, 1, 2])) {
http_response_code(400);
echo json_encode(['success' => false, 'message' => 'Invalid user type']);
exit;
}
if (!preg_match('/^\+?\d{10,15}$/', $data['number'])) {
http_response_code(400);
echo json_encode(['success' => false, 'message' => 'Invalid phone number format']);
exit;
}
if (strlen($data['password']) < 8) {
http_response_code(400);
echo json_encode(['success' => false, 'message' => 'Password must be at least 8 characters long']);
exit;
}
$tableName = match((int)$data['user_type']) {
0 => 'individusers',
1 => 'companyusers',
2 => 'leasingmanagers',
};
try {
$stmt = $pdo->prepare("SELECT id FROM $tableName WHERE number = ?");
$stmt->execute([$data['number']]);
if ($stmt->fetch()) {
http_response_code(409);
echo json_encode(['success' => false, 'message' => 'User with this phone number already exists']);
exit;
}
$hashedPassword = password_hash($data['password'], PASSWORD_DEFAULT);
switch((int)$data['user_type']) {
case 0:
if (empty($data['first_name']) || empty($data['last_name']) ||
empty($data['passport_series']) || empty($data['number_password']) ||
empty($data['data_vidachi'])) {
http_response_code(400);
echo json_encode(['success' => false, 'message' => 'All personal data fields are required']);
exit;
}
$dateObj = DateTime::createFromFormat('d.m.Y', $data['data_vidachi']);
if ($dateObj === false) {
http_response_code(400);
echo json_encode(['success' => false, 'message' => 'Invalid date format. Use DD.MM.YYYY']);
exit;
}
$sql = "INSERT INTO individusers (
number, password, first_name, last_name, otchestvo,
passport_series, number_password, data_vidachi, created_at
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, NOW())";
$stmt = $pdo->prepare($sql);
$phoneNumber = preg_replace('/[^0-9]/', '', $data['number']);
$stmt->execute([
$data['number'],
$hashedPassword,
$data['first_name'],
$data['last_name'],
$data['otchestvo'] ?? null,
$data['passport_series'],
$data['number_password'],
$dateObj->format('Y-m-d')
]);
break;
case 1:
if (empty($data['company_name']) || empty($data['inn']) ||
empty($data['address']) || empty($data['director_name'])) {
http_response_code(400);
echo json_encode(['success' => false, 'message' => 'All company data fields are required']);
exit;
}
if (!preg_match('/^\d{10}$/', $data['inn'])) {
http_response_code(400);
echo json_encode(['success' => false, 'message' => 'INN must contain 10 digits']);
exit;
}
$sql = "INSERT INTO companyusers (
number, password, company_name, inn, address, director_name, created_at
) VALUES (?, ?, ?, ?, ?, ?, NOW())";
$stmt = $pdo->prepare($sql);
$stmt->execute([
$data['number'],
$hashedPassword,
$data['company_name'],
$data['inn'],
$data['address'],
$data['director_name']
]);
break;
case 2:
if (empty($data['first_name']) || empty($data['last_name']) ||
empty($data['company_name']) || empty($data['position'])) {
http_response_code(400);
echo json_encode(['success' => false, 'message' => 'All manager data fields are required']);
exit;
}
$sql = "INSERT INTO leasingmanagers (
number, password, first_name, last_name, middle_name,
company_name, position, created_at
) VALUES (?, ?, ?, ?, ?, ?, ?, NOW())";
$stmt = $pdo->prepare($sql);
$stmt->execute([
$data['number'],
$hashedPassword,
$data['first_name'],
$data['last_name'],
$data['middle_name'] ?? null,
$data['company_name'],
$data['position']
]);
break;
}
$userId = $pdo->lastInsertId();
// Информация об отправке SMS (без реальной отправки)
$phoneNumber = preg_replace('/[^0-9]/', '', $data['number']);
$smsMessage = "Спасибо за регистрацию! Ваш аккаунт успешно создан.";
http_response_code(201);
echo json_encode([
'success' => true,
'message' => 'User registered successfully',
'user_id' => $userId,
'user_type' => (int)$data['user_type'],
'sms' => [
'phone' => $phoneNumber,
'message' => $smsMessage,
'status' => 'pending'
]
]);
} catch (PDOException $e) {
http_response_code(500);
echo json_encode(['success' => false, 'message' => 'Database error: ' . $e->getMessage()]);
} catch (Exception $e) {
http_response_code(400);
echo json_encode(['success' => false, 'message' => $e->getMessage()]);
}[ KEMBALI ]