Skip to main content

Overview

The Users API provides endpoints for creating, updating, searching, and deleting user accounts. All endpoints require authentication via session. Password hashing uses PHP’s password_hash() function with PASSWORD_DEFAULT.

Create User

curl -X POST https://your-domain.com/ajax/nuevo_usuario.php \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -H "Cookie: PHPSESSID=your-session-id" \
  -d "firstname=John" \
  -d "lastname=Doe" \
  -d "user_name=johndoe" \
  -d "user_email=john@example.com" \
  -d "user_password_new=SecurePass123" \
  -d "user_password_repeat=SecurePass123"
firstname
string
required
User’s first name (up to 20 characters)
lastname
string
required
User’s last name (up to 20 characters)
user_name
string
required
Username (2-64 alphanumeric characters, must be unique)
user_email
string
required
User’s email address (up to 64 characters, must be unique and valid format)
user_password_new
string
required
New password (minimum 6 characters)
user_password_repeat
string
required
Password confirmation (must match user_password_new)
success
html
Returns HTML alert with message: “La cuenta ha sido creada con éxito.”
error
html
Returns HTML alert with error message if:
  • Any required field is empty
  • Password is less than 6 characters
  • Passwords don’t match
  • Username is not 2-64 alphanumeric characters
  • Email format is invalid
  • Username or email already exists in the system
Requires PHP 5.5.0+ or uses password compatibility library for older PHP versions. Passwords are hashed using password_hash() before storage.

Update User

curl -X POST https://your-domain.com/ajax/editar_usuario.php \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -H "Cookie: PHPSESSID=your-session-id" \
  -d "mod_id=5" \
  -d "firstname2=John" \
  -d "lastname2=Smith" \
  -d "user_name2=johnsmith" \
  -d "user_email2=john.smith@example.com"
mod_id
integer
required
User ID to update
firstname2
string
required
Updated first name
lastname2
string
required
Updated last name
user_name2
string
required
Updated username (2-64 alphanumeric characters)
user_email2
string
required
Updated email address (valid email format, up to 64 characters)
success
html
Returns HTML alert with message: “La cuenta ha sido modificada con éxito.”
error
html
Returns HTML alert with error message if validation fails
This endpoint does NOT update the password. Use the “Update Password” endpoint to change passwords.

Update Password

curl -X POST https://your-domain.com/ajax/editar_password.php \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -H "Cookie: PHPSESSID=your-session-id" \
  -d "user_id_mod=5" \
  -d "user_password_new3=NewSecurePass456" \
  -d "user_password_repeat3=NewSecurePass456"
user_id_mod
integer
required
User ID whose password will be updated
user_password_new3
string
required
New password
user_password_repeat3
string
required
Password confirmation (must match user_password_new3)
success
html
Returns HTML alert with message: “contraseña ha sido modificada con éxito.”
error
html
Returns HTML alert with error message if:
  • User ID is empty
  • Password fields are empty
  • Passwords don’t match
The password is hashed using password_hash() with PASSWORD_DEFAULT before being stored in the database.

Update Profile Settings

curl -X POST https://your-domain.com/ajax/editar_perfil.php \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -H "Cookie: PHPSESSID=your-session-id" \
  -d "nombre_empresa=Acme Corporation" \
  -d "telefono=555-0123" \
  -d "email=info@acme.com" \
  -d "impuesto=13" \
  -d "moneda=$" \
  -d "direccion=123 Main St" \
  -d "ciudad=New York" \
  -d "estado=NY" \
  -d "codigo_postal=10001"
nombre_empresa
string
required
Company name (up to 150 characters)
telefono
string
required
Company phone number (up to 20 characters)
email
string
required
Company email address (up to 64 characters)
impuesto
integer
required
Tax/IVA percentage (e.g., 13 for 13%)
moneda
string
required
Currency symbol (up to 6 characters, e.g., ”$”, ”€”)
direccion
string
required
Company address (up to 255 characters)
ciudad
string
required
City (up to 100 characters)
estado
string
State/province (up to 100 characters)
codigo_postal
string
Postal/ZIP code (up to 100 characters)
success
html
Returns HTML alert with message: “Datos han sido actualizados satisfactoriamente.”
error
html
Returns HTML alert with error message if any required field is empty
This endpoint updates the company profile settings (stored in the perfil table with id_perfil=1). These settings are used system-wide for invoice generation and display.

Search Users

curl -X GET "https://your-domain.com/ajax/buscar_usuarios.php?action=ajax&q=john&page=1" \
  -H "Cookie: PHPSESSID=your-session-id"
action
string
required
Must be set to "ajax" to trigger search
q
string
Search term to filter users by first name or last name. Leave empty to return all users.
page
integer
Page number for pagination (default: 1, 10 results per page)
html_table
html
Returns HTML table with user data including:
  • user_id - User ID
  • firstname + lastname - Full name
  • user_name - Username
  • user_email - Email address
  • date_added - Date added (formatted as d/m/Y)
  • Action buttons for edit, change password, and delete

Delete User

curl -X GET "https://your-domain.com/ajax/buscar_usuarios.php?id=5" \
  -H "Cookie: PHPSESSID=your-session-id"
id
integer
required
User ID to delete
success
html
Returns success alert if user is deleted successfully
error
html
Returns error alert if:
  • Attempting to delete user ID 1 (admin user)
  • Database error occurs
The admin user (user_id = 1) cannot be deleted and will return an error if deletion is attempted.

Build docs developers (and LLMs) love

Get started for freeTalk to us