lucasjoaquim
/
api_lixeira_temporaria


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384
							<?php

namespace Controllers;

use Libs\ResponseLib;
use Models\CprPreregistrationModel;
use Psr\Http\Message\ServerRequestInterface;
use Respect\Validation\Validator as v;

class CprPreregistrationController
{
    public function __invoke(ServerRequestInterface $request)
    {
        $body = json_decode((string) $request->getBody(), true) ?? [];

        // Extract and trim inputs
        $name = isset($body['name']) ? trim((string)$body['name']) : '';
        $contactNumber = isset($body['contact_number']) ? trim((string)$body['contact_number']) : '';
        $email = isset($body['email']) ? trim((string)$body['email']) : '';
        $productType = isset($body['product_type']) ? trim((string)$body['product_type']) : '';
        $internalControlNumber = isset($body['internal_control_number']) ? trim((string)$body['internal_control_number']) : '';
        $productQuantityRaw = $body['product_quantity'] ?? null;
        $propertyName = isset($body['property_name']) ? trim((string)$body['property_name']) : '';
        $propertyLocation = isset($body['property_location']) ? trim((string)$body['property_location']) : '';

        // Define validation rules
        $rules = [
            'name' => v::stringType()->notEmpty()->length(2, 120),
            // Accept digits, spaces, plus, dash, parentheses
            'contact_number' => v::stringType()->notEmpty()->regex('/^[0-9+()\\s-]{8,25}$/'),
            'email' => v::email()->notEmpty(),
            'product_type' => v::stringType()->notEmpty()->alnum(" -_/.,")->length(1, 100),
            'internal_control_number' => v::stringType()->notEmpty()->alnum("-_/.")->length(1, 100),
            // Accept numeric strings convertible to int
            'product_quantity' => v::stringType()->notEmpty()->alnum("-_/.")->length(1, 100),
            'property_name' => v::stringType()->notEmpty()->alnum(" -_/.,")->length(1, 150),
            'property_location' => v::stringType()->notEmpty()->alnum(" -_/.,")->length(1, 200),
        ];

        $inputs = [
            'name' => $name,
            'contact_number' => $contactNumber,
            'email' => $email,
            'product_type' => $productType,
            'internal_control_number' => $internalControlNumber,
            'product_quantity' => $productQuantityRaw,
            'property_name' => $propertyName,
            'property_location' => $propertyLocation,
        ];

        $errors = [];
        foreach ($inputs as $field => $value) {
            try {
                $rules[$field]->assert($value);
            } catch (\Throwable $e) {
                $errors[$field] = $e->getMessage();
            }
        }

        if (!empty($errors)) {
            return ResponseLib::sendFail("Validation failed", ['errors' => $errors], "E_VALIDATE")->withStatus(400);
        }

        // Safe casting after validation
        $productQuantity = (int)$productQuantityRaw;

        try {
            $model = new CprPreregistrationModel();
            $saved = $model->insert(
                $name,
                $contactNumber,
                $email,
                $productType,
                $internalControlNumber,
                $productQuantity,
                $propertyName,
                $propertyLocation
            );
            return ResponseLib::sendOk($saved, "S_CREATED");
        } catch (\Throwable $e) {
            return ResponseLib::sendFail("Database error: " . $e->getMessage(), [], "E_DB")->withStatus(500);
        }
    }
}