Pretty much a skeleton of the project

.gitignore

@@ -12,3 +12,5 @@
 # Built Visual Studio Code Extensions
 *.vsix
 
+secrets/*
+!secrets/.htaccess

api.php

@@ -0,0 +1,211 @@
+<?php
+session_start();
+$mysqllogin = json_decode(file_get_contents("secrets/MysqlLogin.json"), false);
+$adminpwd = file_get_contents("secrets/AdminPwd");
+
+$mysqli = new mysqli('localhost', $mysqllogin->DBUser, $mysqllogin->DBPassword, $mysqllogin->DBName);
+
+$action = $_POST["action"];
+
+if($action == "login"){
+    $uname = $_POST["username"];
+    $pwd = $_POST["password"];
+    $stmt1 = $mysqli->prepare("Select Password, ID, FullName, Nickname, CanSeeFullNames, CanSeeOthersComments, IsAdmin From Users Where Username = %s;");
+        $stmt1->bind_param('s', $uname);
+        $stmt1->bind_result($pwdhash, $uid, $fullname, $nick, $fullnamepriv, $otherscommentspriv, $adminpriv);
+        $stmt1->execute();
+        $stmt1->store_result();
+        if ($stmt1->num_rows > 0){
+            while ($stmt1->fetch()){
+                if(password_verify($pwd, $pwdhash)){
+                    $_SESSION["username"] = $uname;
+                    $_SESSION["loggedin"] = 1;
+                    $_SESSION["userID"]  = $uid;
+                    $_SESSION["fullname"] = $fullname;
+                    $_SESSION["nickname"] = $nick;
+                }
+            }
+        }
+    return "Logged in";
+}
+
+if($action == "logout"){
+    session_destroy();
+    return "Logged out";
+}
+
+
+
+
+function processUserRelated($actionin, mysqli $mysqliconn){
+
+    if($actionin == "setnickname"){
+        $newNick = $_POST["newnick"];
+        $_SESSION["nickname"] = $newNick;
+        $stmt2 = $mysqliconn->prepare("Update Users Set Nickname=%s Where ID = %i;");
+        $stmt2->bind_param('si', $newNick, $_SESSION["userID"]);
+        $stmt2->execute();
+        $stmt2->store_result();
+    }
+
+    if($actionin == "setfullname"){
+        $newFull = $_POST["newFull"];
+        $_SESSION["fullname"] = $newNick;
+        $stmt3 = $mysqliconn->prepare("Update Users Set FullName=%s Where ID = %i;");
+        $stmt3->bind_param('si', $newFull, $_SESSION["userID"]);
+        $stmt3->execute();
+        $stmt3->store_result();
+    }
+
+    if($actionin == "setpassword"){
+        $oldPWD = $_POST["oldPWD"];
+        $newPWD = $_POST["newPWD"];
+        $stmt4 = $mysqliconn->prepare("Select Password From Users Where ID = %i AND Username = %s;");
+        $stmt4->bind_param('is', $_SESSION["userID"], $_SESSION["username"]);
+        $stmt4->bind_result($pwdhash);
+        $stmt4->execute();
+        $stmt4->store_result();
+        if ($stmt4->num_rows > 0){
+            while ($stmt4->fetch()){
+                if(password_verify($oldPWD, $pwdhash)){
+                    $stmt5 = $mysqliconn->prepare("Update Users Set Password=%s Where ID = %i;");
+                    $newPWDhash = password_hash($newPWD, PASSWORD_DEFAULT);
+                    $stmt5->bind_param('si', $newPWDhash, $_SESSION["userID"]);
+                    $stmt5->execute();
+                    $stmt5->store_result();
+                    return "Password changed";
+                }
+            }
+        }
+    }
+
+    if($actionin == "getallusers"){
+        
+    }
+
+    return 0;
+}
+
+
+function processCitationRelated($actionin, mysqli $mysqliconn){
+    
+    if($actionin == "getcitations"){
+        
+    }
+
+    if($actionin == "getrandomcitation"){
+        
+    }
+
+    if($actionin == "getcitationfulltextsearch"){
+        
+    }
+
+    if($actionin == "getcitationsbyuser"){
+        
+    }
+
+    if($actionin == "getcitationsbysource"){
+        
+    }
+
+    if($actionin == "getcitationsbytags"){
+        
+    }
+
+    if($actionin == "getcitationbyverse"){
+        
+    }
+
+    return 0;
+}
+
+
+function processTagsRelated($actionin, mysqli $mysqliconn){
+
+    if($actionin == "createtag"){
+
+    }
+
+    if($actionin == "getalltags"){
+
+    }
+
+    if($actionin == "gettagsbycollection"){
+        
+    }
+
+    return 0;
+}
+
+function processSourcesRelated($actionin, mysqli $mysqliconn){
+
+    if($actionin == "createsource"){
+        
+    }
+
+    if($actionin == "getallsources"){
+
+    }
+
+    if($actionin == "getallsourcesbycreator"){
+
+    }
+
+    return 0;
+}
+
+function processCommentRelated($actionin, mysqli $mysqliconn){
+
+    if($actionin == "createcomment"){
+        
+    }
+
+    if($actionin == "getallcommentsbycreator"){
+        
+    }
+
+    if($actionin == "getcommentsbycitationlatestversion"){
+        
+    }
+
+    if($actionin == "getcommentsbycitationallversions"){
+        
+    }
+
+    return 0;
+}
+
+if($_SESSION["loggedin"] == 1){
+
+    $citationreturn = processCitationRelated($action, $mysqli);
+    if($citationreturn != 0){
+        return $citationreturn;
+    }
+
+    $commentreturn = processCommentRelated($action, $mysqli);
+    if($commentreturn != 0){
+        return $commentreturn;
+    }
+    
+    $tagsreturn = processTagsRelated($action, $mysqli);
+    if($tagsreturn != 0){
+        return $tagsreturn;
+    }
+
+    $sourcereturn = processSourcesRelated($action, $mysqli);
+    if($sourcereturn != 0){
+        return $sourcereturn;
+    }
+
+    $userreturn = processUserRelated($action, $mysqli);
+    if($userreturn != 0){
+        return $userreturn;
+    }
+}
+else{
+    return "Not logged in";
+}
+
+
+?>

index.html

@@ -0,0 +1,14 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <link rel="stylesheet" href="pico.css">
+    <script src="jquery.js"></script>
+    <script async src="https://umami.brn.systems/script.js" data-website-id="e2529314-2b16-472d-a7cd-9ea44f6b6133"></script>
+    <title>Citations</title>
+</head>
+<body>
+    
+</body>
+</html>