|
@@ -4,6 +4,7 @@
|
4
|
4
|
$method = $_SERVER['REQUEST_METHOD'];
|
5
|
5
|
$request = explode('/', trim($_SERVER['PATH_INFO'],'/'));
|
6
|
6
|
$input = json_decode(file_get_contents('php://input'),true);
|
|
7
|
+if (!$input) $input = array();
|
7
|
8
|
|
8
|
9
|
// connect to the mysql database
|
9
|
10
|
$link = mysqli_connect('localhost', 'php-crud-api', 'php-crud-api', 'php-crud-api');
|
|
@@ -13,20 +14,18 @@ mysqli_set_charset($link,'utf8');
|
13
|
14
|
$table = preg_replace('/[^a-z0-9_]+/i','',array_shift($request));
|
14
|
15
|
$key = array_shift($request)+0;
|
15
|
16
|
|
16
|
|
-if ($input) {
|
17
|
|
- // escape the columns and values from the input object
|
18
|
|
- $columns = preg_replace('/[^a-z0-9_]+/i','',array_keys($input));
|
19
|
|
- $values = array_map(function ($value) use ($link) {
|
20
|
|
- if ($value===null) return null;
|
21
|
|
- return mysqli_real_escape_string($link,(string)$value);
|
22
|
|
- },array_values($input));
|
|
17
|
+// escape the columns and values from the input object
|
|
18
|
+$columns = preg_replace('/[^a-z0-9_]+/i','',array_keys($input));
|
|
19
|
+$values = array_map(function ($value) use ($link) {
|
|
20
|
+ if ($value===null) return null;
|
|
21
|
+ return mysqli_real_escape_string($link,(string)$value);
|
|
22
|
+},array_values($input));
|
23
|
23
|
|
24
|
|
- // build the SET part of the SQL command
|
25
|
|
- $set = '';
|
26
|
|
- for ($i=0;$i<count($columns);$i++) {
|
27
|
|
- $set.=($i>0?',':'').'`'.$columns[$i].'`=';
|
28
|
|
- $set.=($values[$i]===null?'NULL':'"'.$values[$i].'"');
|
29
|
|
- }
|
|
24
|
+// build the SET part of the SQL command
|
|
25
|
+$set = '';
|
|
26
|
+for ($i=0;$i<count($columns);$i++) {
|
|
27
|
+ $set.=($i>0?',':'').'`'.$columns[$i].'`=';
|
|
28
|
+ $set.=($values[$i]===null?'NULL':'"'.$values[$i].'"');
|
30
|
29
|
}
|
31
|
30
|
|
32
|
31
|
// create SQL based on HTTP method
|