philip/winded
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit: Flutter app + PHP/MySQL backend on Hostinger

Browse Source 
Replaces Firebase with a self-hosted PHP/MySQL API served from
winded.prymsolutions.com. Includes full backend (schema, auth, events,
teams, brackets, suggestions, stats, media, file upload) and updated
Flutter repositories and domain models.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Philly
2026-05-14 20:13:57 -07:00
commit b239ae3e5f
208 changed files with 19187 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/api/auth/login.php
+38
View File
@@ -0,0 +1,38 @@
<?php
require_once __DIR__ . '/../config/helpers.php';
cors();
if ($_SERVER['REQUEST_METHOD'] !== 'POST') json_err('Method not allowed', 405);
$b = body();
$email = trim($b['email'] ?? '');
$password = $b['password'] ?? '';
if ($email === '' || $password === '') json_err('Email and password required');
$db = db();
$stmt = $db->prepare('SELECT * FROM users WHERE email = ?');
$stmt->execute([$email]);
$row = $stmt->fetch();
if (!$row || !password_verify($password, $row['password_hash'])) {
json_err('Invalid email or password', 401);
}
$role = resolve_role($row['email'], $row['role']);
$token = JWT::encode(['uid' => $row['id'], 'email' => $row['email'], 'role' => $role]);
json_ok([
'token' => $token,
'user' => [
'id' => $row['id'],
'email' => $row['email'],
'display_name' => $row['display_name'],
'role' => $role,
'bio' => $row['bio'],
'photo_url' => $row['photo_url'],
'position' => $row['position'],
'team_id' => $row['team_id'],
'created_at' => $row['created_at'],
],
]);
server/api/auth/me.php
+43
View File
@@ -0,0 +1,43 @@
<?php
require_once __DIR__ . '/../config/helpers.php';
cors();
if ($_SERVER['REQUEST_METHOD'] === 'PUT') {
$payload = require_auth();
$uid = $payload['uid'];
$b = body();
$fields = [];
$params = [];
foreach (['display_name', 'bio', 'photo_url', 'position'] as $f) {
if (array_key_exists($f, $b)) {
$fields[] = "$f = ?";
$params[] = $b[$f];
}
}
if (empty($fields)) json_err('Nothing to update');
$params[] = $uid;
db()->prepare('UPDATE users SET ' . implode(', ', $fields) . ' WHERE id = ?')
->execute($params);
}
$payload = require_auth();
$stmt = db()->prepare('SELECT * FROM users WHERE id = ?');
$stmt->execute([$payload['uid']]);
$row = $stmt->fetch();
if (!$row) json_err('User not found', 404);
$role = resolve_role($row['email'], $row['role']);
json_ok([
'id' => $row['id'],
'email' => $row['email'],
'display_name' => $row['display_name'],
'role' => $role,
'bio' => $row['bio'],
'photo_url' => $row['photo_url'],
'position' => $row['position'],
'team_id' => $row['team_id'],
'created_at' => $row['created_at'],
]);
server/api/auth/register.php
+44
View File
@@ -0,0 +1,44 @@
<?php
require_once __DIR__ . '/../config/helpers.php';
cors();
if ($_SERVER['REQUEST_METHOD'] !== 'POST') json_err('Method not allowed', 405);
$b = body();
$email = trim($b['email'] ?? '');
$password = $b['password'] ?? '';
$displayName = trim($b['display_name'] ?? '');
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) json_err('Invalid email');
if (strlen($password) < 6) json_err('Password must be at least 6 characters');
$db = db();
$stmt = $db->prepare('SELECT id FROM users WHERE email = ?');
$stmt->execute([$email]);
if ($stmt->fetch()) json_err('Email already registered', 409);
$id = uuid();
$hash = password_hash($password, PASSWORD_BCRYPT);
$role = resolve_role($email, 'player');
$db->prepare(
'INSERT INTO users (id, email, password_hash, display_name, role) VALUES (?, ?, ?, ?, ?)'
)->execute([$id, $email, $hash, $displayName, $role]);
$token = JWT::encode(['uid' => $id, 'email' => $email, 'role' => $role]);
json_ok([
'token' => $token,
'user' => [
'id' => $id,
'email' => $email,
'display_name' => $displayName,
'role' => $role,
'bio' => '',
'photo_url' => null,
'position' => null,
'team_id' => null,
'created_at' => date('c'),
],
], 201);