Worky

api/user-info.php

@@ -0,0 +1,49 @@
+<?php
+include_once($_SERVER['DOCUMENT_ROOT'] . "/db_config.php");
+include_once($_SERVER['DOCUMENT_ROOT'] . "/includes/utils.php");
+
+$token = get_bearer_token();
+
+if (is_null($token)) {
+    header('Content-Type: application/json');
+    http_response_code(412);
+    echo '{"success":"false","message":"No token provided","username":"","email": ""}';
+    return;
+}
+
+// Input validation and sanitization
+$token = $mysqli->real_escape_string($token);
+
+// Prepare and bind
+$stmt = $mysqli->prepare("SELECT * FROM users WHERE token = ?");
+$stmt->bind_param("s", $token);
+
+// Execute statement
+$stmt->execute();
+
+// Get result
+$result = $stmt->get_result();
+
+$response = array();
+
+if ($result->num_rows > 0) {
+    $row = $result->fetch_assoc();
+
+    $response['success'] = "true";
+    $response['message'] = "Success";
+    $response['username'] = $row['username'];
+    $response['email'] = $row['email'];
+} else {
+    $response['success'] = "false";
+    $response['message'] = 'Invalid token.';
+    $response['username'] = "";
+    $response['email'] = "";
+}
+
+// Close connections
+$stmt->close();
+$mysqli->close();
+
+// Return JSON response
+header('Content-Type: application/json');
+echo '{"success":' . $response['success'] . ', "message":"' . $response['message'] . '", "username":"' . $response['username'] . '", "email":"' . $response['email'] . '"}';