payfrit/payfrit-api
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
payfrit-api/api/auth/completeProfile.php
John Mizerek 1f81d98c52 Initial PHP API migration from CFML 
Complete port of all 163 API endpoints from Lucee/CFML to PHP 8.3.
Shared helpers in api/helpers.php (DB, auth, request/response, security).
PDO prepared statements throughout. Same JSON response shapes as CFML.
2026-03-14 14:26:59 -07:00

66 lines
2.1 KiB
PHP
Raw Blame History

<?php
require_once __DIR__ . '/../helpers.php';
runAuth();
/*
Complete user profile after phone verification
POST: { "firstName": "John", "lastName": "Smith", "email": "john@example.com" }
Requires auth token (X-User-Token header)
Returns: { OK: true }
*/
global $userId;
if ($userId <= 0) {
apiAbort(['OK' => false, 'ERROR' => 'unauthorized', 'MESSAGE' => 'Authentication required']);
}
$data = readJsonBody();
$firstName = trim($data['firstName'] ?? '');
$lastName = trim($data['lastName'] ?? '');
$email = strtolower(trim($data['email'] ?? ''));
if (empty($firstName)) {
apiAbort(['OK' => false, 'ERROR' => 'missing_first_name', 'MESSAGE' => 'First name is required']);
}
if (empty($lastName)) {
apiAbort(['OK' => false, 'ERROR' => 'missing_last_name', 'MESSAGE' => 'Last name is required']);
}
if (empty($email) || !filter_var($email, FILTER_VALIDATE_EMAIL)) {
apiAbort(['OK' => false, 'ERROR' => 'invalid_email', 'MESSAGE' => 'Please enter a valid email address']);
}
// Check if email is already used by another verified account
$emailCheck = queryOne(
"SELECT ID FROM Users WHERE EmailAddress = ? AND IsEmailVerified = 1 AND ID != ? LIMIT 1",
[$email, $userId]
);
if ($emailCheck) {
apiAbort(['OK' => false, 'ERROR' => 'email_exists', 'MESSAGE' => 'This email is already associated with another account']);
}
// Get user UUID for email confirmation link
$userRow = queryOne("SELECT UUID FROM Users WHERE ID = ?", [$userId]);
// Update profile and mark as verified/active
queryTimed(
"UPDATE Users
SET FirstName = ?, LastName = ?, EmailAddress = ?,
IsEmailVerified = 0, IsContactVerified = 1, IsActive = 1
WHERE ID = ?",
[$firstName, $lastName, $email, $userId]
);
// Send confirmation email (non-blocking)
$emailSent = false;
$confirmLink = baseUrl() . '/confirm_email.cfm?UUID=' . ($userRow['UUID'] ?? '');
// TODO: Email sending integration
// For now, profile is saved without sending email
$message = $emailSent
? 'Profile updated. Please check your email to confirm your address.'
: 'Profile updated.';
jsonResponse(['OK' => true, 'MESSAGE' => $message]);
Reference in a new issue View git blame Copy permalink