brammp/Travel-tracker
1
0
Fork 0
Code Issues Pull Requests Activity

Added backend and refactored frond-end to support it.

Browse Source 
* Removed unecesery home page
* Added PHP Api that provides auth and replaces the json-server for data storage
* Added support for alternate geocode-api
* Added registration  page
This commit is contained in:
Bram Prieshof
2025-05-27 00:42:00 +02:00
parent 25c1b73e32
commit e88269224c
60 changed files with 4438 additions and 8994 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
api/.gitignore vendored Normal file
View File

@@ -0,0 +1,2 @@
config/db.php
config/geocode.php

10
api/auth/check_session.php Normal file
View File

@@ -0,0 +1,10 @@
<?php
require_once 'config/auth.php';
session_start();
if (isset($_SESSION['name'])) {
echo json_encode(['message' => 'Authorized', 'user' => $_SESSION['name'] , 'allowRegistration' => $AllowUserRegistration]);
} else {
http_response_code(401);
echo json_encode(['message' => 'Unauthorized', 'allowRegistration' => $AllowUserRegistration]);
}

32
api/auth/login.php Normal file
View File

@@ -0,0 +1,32 @@
<?php
require_once 'config/db.php';
$data = json_decode(file_get_contents("php://input"));
if (isset($data->username) && isset($data->password)) {
$username = $data->username;
$password = $data->password;
$query = "SELECT * FROM users WHERE username = :username";
$stmt = $pdo->prepare($query);
$stmt->bindParam(':username', $username);
$stmt->execute();
$user = $stmt->fetch(PDO::FETCH_ASSOC);
if ($user && password_verify($password, $user['password'])) {
// Start a session and set session variables
session_start();
//$_SESSION['user_id'] = $user['id'];
$_SESSION['username'] = $user['username'];
$_SESSION['name'] = $user['name'];
echo json_encode(['message' => 'Login successful', 'username' => $user]);
} else {
http_response_code(401);
echo json_encode(['message' => 'Invalid credentials']);
}
} else {
http_response_code(400);
echo json_encode(['message' => 'Missing username or password']);
}
?>

7
api/auth/logout.php Normal file
View File

@@ -0,0 +1,7 @@
<?php
session_start();
session_unset();
session_destroy();
echo json_encode(['success' => true]);
?>

34
api/auth/register.php Normal file
View File

@@ -0,0 +1,34 @@
<?php
require_once 'config/auth.php';
if (!$AllowUserRegistration){
echo json_encode(['message' => 'Endpoint not found']);
http_response_code(404);
die;
}
require_once 'config/db.php';
$data = json_decode(file_get_contents("php://input"));
if (isset($data->username) && isset($data->password) && isset($data->name)) {
$username = $data->username;
$password = password_hash($data->password, PASSWORD_BCRYPT);
$name = $data->name;
$query = "INSERT INTO users (username, password, name) VALUES (:username, :password, :name)";
$stmt = $pdo->prepare($query);
$stmt->bindParam(':username', $username);
$stmt->bindParam(':password', $password);
$stmt->bindParam(':name', $name);
if ($stmt->execute()) {
echo json_encode(['message' => 'User registered successfully']);
} else {
echo json_encode(['message' => 'User registration failed']);
}
} else {
http_response_code(400);
echo json_encode(['message' => 'Missing name, username or password']);
}
?>

40
api/calls/create_item.php Normal file
View File

@@ -0,0 +1,40 @@
<?php
session_start();
if (!isset($_SESSION['name'])) {
http_response_code(401);
echo json_encode(['message' => 'Unauthorized']);
die;
}
require_once 'config/db.php';
$data = json_decode(file_get_contents("php://input"));
if (isset($data->cityName) && isset($data->country) && isset($data->flag) && isset($data->date) && isset($data->notes) && isset($data->lat) && isset($data->lng) ) {
$date = new DateTime($data->date);
$data->date = $date->format('Y-m-d');
$query = "INSERT INTO items (cityName, country, flag, date, notes, lat, lng) VALUES (:cityName, :country, :flag, :date, :notes, :lat, :lng)";
$stmt = $pdo->prepare($query);
$stmt->bindParam(':cityName', $data->cityName);
$stmt->bindParam(':country', $data->country);
$stmt->bindParam(':flag', $data->flag);
$stmt->bindParam(':date', $data->date);
$stmt->bindParam(':notes', $data->notes);
$stmt->bindParam(':lat', $data->lat);
$stmt->bindParam(':lng', $data->lng);
if ($stmt->execute()) {
$data->id = $pdo->lastInsertId();
echo json_encode(['message' => 'Item created successfully','id' => $data->id ,'id' => $data->id, 'cityName' => $data->cityName, 'country' => $data->country, 'flag' => $data->flag, 'date' => $data->date, 'notes' => $data->notes, 'lat' => $data->lat, 'lng' => $data->lng ]);
} else {
http_response_code(500);
echo json_encode(['message' => 'Failed to create item']);
}
} else {
http_response_code(400);
echo json_encode(['message' => 'Invalid input']);
}

22
api/calls/delete_item.php Normal file
View File

@@ -0,0 +1,22 @@
<?php
session_start();
if (!isset($_SESSION['name'])) {
http_response_code(401);
echo json_encode(['message' => 'Unauthorized']);
die;
}
require_once 'config/db.php';
$id = isset($_GET['id']) ? $_GET['id'] : die('Item ID not provided');
$query = "DELETE FROM items WHERE id = :id";
$stmt = $pdo->prepare($query);
$stmt->bindParam(':id', $id);
if ($stmt->execute()) {
echo json_encode(['message' => 'Item deleted successfully']);
} else {
http_response_code(400);
echo json_encode(['message' => 'Failed to delete item']);
}

53
api/calls/geocode.php Normal file
View File

@@ -0,0 +1,53 @@
<?php
session_start();
if (!isset($_SESSION['name'])) {
http_response_code(401);
echo json_encode(['message' => 'Unauthorized']);
die;
}
if (!isset($_GET["latitude"]) || !isset($_GET["longitude"]) || empty($_GET["latitude"]) || empty($_GET["longitude"]) ) {
http_response_code(400);
echo json_encode(['message' => 'Invalid input']);
die;
}
require_once 'config/geocode.php';
$ch = curl_init();
switch ($geocodeType) {
case 'bigdatacloud':
$requrl = $geocodeApiurl . "?latitude=". $_GET["latitude"] ."&longitude=". $_GET["longitude"];
break;
case 'photon':
$requrl = $geocodeApiurl . "?lon=". $_GET["longitude"] ."&lat=". $_GET["latitude"];
break;
default:
http_response_code(401);
echo json_encode(['message' => 'Invalid request']);
die;
}
curl_setopt_array($ch, array(
CURLOPT_URL => $requrl,
CURLOPT_RETURNTRANSFER => true,
));
if ($geocodeApikey != false) {
curl_setopt($ch, CURLOPT_HTTPHEADER, ['X-Api-Key: '. $geocodeApikey]);
}
$response = json_decode(curl_exec($ch), true);
curl_close($ch);
switch ($geocodeType) {
case 'bigdatacloud':
echo json_encode(['city' => $response['city'], 'locality' => $response['locality'], 'countryName' => $response['countryName'],'countryCode' => $response['countryCode']]);
break;
case 'photon':
echo json_encode(['city' => $response['features'][0]['properties']['city'],'countryName' => $response['features'][0]['properties']['country'],'countryCode' => $response['features'][0]['properties']['countrycode']]);
break;
}

24
api/calls/get_item.php Normal file
View File

@@ -0,0 +1,24 @@
<?php
session_start();
if (!isset($_SESSION['name'])) {
http_response_code(401);
echo json_encode(['message' => 'Unauthorized']);
die;
}
require_once 'config/db.php';
$id = isset($_GET['id']) ? $_GET['id'] : die('Item ID not provided');
$query = "SELECT * FROM items WHERE id = :id";
$stmt = $pdo->prepare($query);
$stmt->bindParam(':id', $id);
$stmt->execute();
$item = $stmt->fetch(PDO::FETCH_ASSOC);
if ($item) {
echo json_encode($item);
} else {
http_response_code(404);
echo json_encode(['message' => 'Item not found']);
}

17
api/calls/get_items.php Normal file
View File

@@ -0,0 +1,17 @@
<?php
session_start();
if (!isset($_SESSION['name'])) {
http_response_code(401);
echo json_encode(['message' => 'Unauthorized']);
die;
}
require_once 'config/db.php';
$query = "SELECT * FROM items";
$stmt = $pdo->prepare($query);
$stmt->execute();
$items = $stmt->fetchAll(PDO::FETCH_ASSOC);
echo json_encode($items);

3
api/config/auth.php Normal file
View File

@@ -0,0 +1,3 @@
<?php
$AllowUserRegistration = true;

13
api/config/db.php.example Normal file
View File

@@ -0,0 +1,13 @@
<?php
$host = 'localhost';
$dbname = 'ttapi';
$username = 'ttapi';
$password = '';
try {
$pdo = new PDO("mysql:host=$host;dbname=$dbname", $username, $password);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
echo "Connection failed: " . $e->getMessage();
}

5
api/config/geocode.php.example Normal file
View File

@@ -0,0 +1,5 @@
<?php
$geocodeType = 'bigdatacloud'; //bigdatacloud or photon
$geocodeApikey = false; //false to disable or enter api key between quotes to enable auth for the api call (key is send as 'X-Api-Key' header )
$geocodeApiurl = 'https://api.bigdatacloud.net/data/reverse-geocode-client'; //Set url of the geoip Api

8
api/config/headers.php Normal file
View File

@@ -0,0 +1,8 @@
<?php
//Use for Dev environment
/*
header("Access-Control-Allow-Origin: http://localhost:5173");
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Allow-Headers: Content-Type');
header('Access-Control-Allow-Methods: GET, POST, OPTIONS,DELETE');
*/

45
api/db.sql Normal file
View File

@@ -0,0 +1,45 @@
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
SET time_zone = "+00:00";
/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;
/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;
/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;
/*!40101 SET NAMES utf8mb4 */;
CREATE TABLE `items` (
`id` int NOT NULL,
`cityName` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL,
`country` varchar(255) NOT NULL,
`flag` varchar(2) NOT NULL,
`date` date NOT NULL,
`notes` text NOT NULL,
`lat` varchar(100) NOT NULL,
`lng` varchar(100) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_0900_ai_ci;
CREATE TABLE `users` (
`id` int NOT NULL,
`username` varchar(255) NOT NULL,
`password` varchar(255) NOT NULL,
`name` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_0900_ai_ci;
ALTER TABLE `items`
ADD PRIMARY KEY (`id`);
ALTER TABLE `users`
ADD PRIMARY KEY (`id`),
ADD UNIQUE KEY `username` (`username`);
ALTER TABLE `items`
MODIFY `id` int NOT NULL AUTO_INCREMENT;
ALTER TABLE `users`
MODIFY `id` int NOT NULL AUTO_INCREMENT;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;
/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;

67
api/index.php Normal file
View File

@@ -0,0 +1,67 @@
<?php
require_once 'config/headers.php';
header('Content-Type: application/json');
$request_method = $_SERVER['REQUEST_METHOD'];
$path = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
$path_parts = explode('/', $path);
if ($path_parts[1] == 'api') {
switch ($path_parts[2]) {
case 'geocode':
if ($request_method == 'GET') {
include 'calls/geocode.php';
}
break;
case 'get_items':
if ($request_method == 'GET') {
include 'calls/get_items.php';
}
break;
case 'get_item':
if ($request_method == 'GET') {
include 'calls/get_item.php';
}
break;
case 'create_item':
if ($request_method == 'POST') {
include 'calls/create_item.php';
}
break;
case 'update_item':
if ($request_method == 'PUT') {
include 'calls/update_item.php';
}
break;
case 'delete_item':
if ($request_method == 'DELETE') {
include 'calls/delete_item.php';
}
break;
case 'check':
if ($request_method == 'GET') {
include 'auth/check_session.php';
}
break;
case 'login':
if ($request_method == 'POST') {
include 'auth/login.php';
}
break;
case 'logout':
if ($request_method == 'POST') {
include 'auth/logout.php';
}
break;
case 'register':
if ($request_method == 'POST') {
include 'auth/register.php';
}
break;
default:
http_response_code(404);
echo json_encode(['message' => 'Endpoint not found']);
}
} else {
http_response_code(400);
echo json_encode(['message' => 'Invalid request']);
}