conn = $db; } private function isExist() { $query = "SELECT * FROM " . $this->table . " WHERE cid='" . $this->cid . "'"; $stmt = $this->conn->prepare($query); $stmt->execute(); $num = $stmt->rowCount(); if ($num > 0) { return true; } return false; } private function sanitizeInputs() { $this->name = sanitize($this->name); $this->email = sanitize($this->email); $this->mobile = sanitize($this->mobile); $this->country = sanitize($this->country); $this->address = sanitize($this->address); } public function list() { $query = "SELECT * FROM $this->table"; $stmt = $this->conn->prepare($query); $stmt->execute(); return $stmt; } public function read() { $query = "SELECT * FROM " . $this->table . " WHERE cid='" . $this->cid . "'"; $stmt = $this->conn->prepare($query); $stmt->execute(); return $stmt; } public function create() { $this->sanitizeInputs(); if ($this->isExist()) { return 409; } $query = "INSERT INTO $this->table (cid, name, poc, email, mobile, address, country) VALUES (:cid, :name, :poc, :email, :mobile, :address, :country)"; $stmt = $this->conn->prepare($query); $this->cid = uniqid(); $stmt->bindParam(":cid", $this->cid); $stmt->bindParam(":name", $this->name); $stmt->bindParam(":poc", $this->poc); $stmt->bindParam(":email", $this->email); $stmt->bindParam(":mobile", $this->mobile); $stmt->bindParam(":country", $this->country); $stmt->bindParam(":address", $this->address); if ($stmt->execute()) { return 200; } return 500; } public function edit() { $this->sanitizeInputs(); if (!$this->isExist()) { return 404; } $query = "UPDATE $this->table SET name=:name, poc=:poc, email=:email, mobile=:mobile, address=:address, country=:country WHERE cid='" . $this->cid . "'"; $stmt = $this->conn->prepare($query); $stmt->bindParam(":name", $this->name); $stmt->bindParam(":poc", $this->poc); $stmt->bindParam(":email", $this->email); $stmt->bindParam(":mobile", $this->mobile); $stmt->bindParam(":country", $this->country); $stmt->bindParam(":address", $this->address); if ($stmt->execute()) { return 204; } return 500; } }