user creation

index.php

 function check_api_key()
 {
   if (!check_api_key_())
-    error(401, "Bad API Key");
+    error(401, "Bad API key");
 }
 
 function main()
   else if ($path === "/user/login" && $m_post)
     user_login();
   else
-    error(501, "Not Implemented");
+    error(501, "Not implemented");
 }
 
 check_api_key();

user.php

 <?php
+require_once "sql.php";
+require_once "utils.php";
+
+function hash_password($password)
+{
+  return md5($password);
+}
+
 function user_create()
 {
+  $username = get_post("username");
+  $password = get_post("password");
+  if (strlen($username) < 3)
+    error(422, "Username too short");
+  if (database_exec("SELECT id FROM users WHERE `username` = :username",
+    array(":username" => $username))->fetch() !== false)
+    error(409, "Username already exists");
+  database_exec("INSERT INTO users (`username`, `password`) ".
+    "VALUES(:username, :password)", array(":username" => $username,
+    ":password" => hash_password($password)));
+  user_login($username);
 }
 
-function user_login()
+function user_login($username = false )
 {
+  if ($username === false)
+  {
+    $username = get_post("username");
+    $password = get_post("password");
+  }
 }
 ?>

utils.php

   die(json_encode(array("code" => intval($code), "message" => $message)));
 }
 
-function error_missing()
+function get_post($key, $is_error = true)
 {
-  error(400, "Missing Parameter");
+  if (isset($_POST[$key]))
+    return $_POST[$key];
+  else if ($is_error)
+    error(400, "Missing parameters");
+  else
+    return false;
 }
+
 ?>