diff --git a/html/api/add_exercise_to_workout.php b/html/api/add_exercise_to_workout.php
new file mode 100644
index 0000000..6e99eec
--- /dev/null
+++ b/html/api/add_exercise_to_workout.php
@@ -0,0 +1,29 @@
+prepare($sql);
+ $stmt->bindParam(1, $_GET['token']);
+ if ($stmt->execute()){
+ if ($stmt->rowCount() == 1){
+ if(isset($_POST['workout']) and isset($_POST['exercise']) and isset($_POST['amount']) and isset($_POST['sets'])){
+ $sql = "INSERT INTO `exercises_in_workout`(`workout_routine`, `workout_type`, `amount`, `sets`) VALUES (?,?,?,?)";
+ $stmt = $pdo->prepare($sql);
+ $stmt->bindParam(1, $_POST['workout']);
+ $stmt->bindParam(2, $_POST['exercise']);
+ $stmt->bindParam(3, $_POST['amount']);
+ $stmt->bindParam(4, $_POST['sets']);
+ if ($stmt->execute()){
+ echo 'success';
+ }else{
+ var_dump($stmt->errorInfo());
+ }
+ }else{
+ echo "missing parameters";
+ }
+ }else{
+ echo 'login failed';
+ }
+ }
+}
\ No newline at end of file
diff --git a/html/api/new_workout.php b/html/api/new_workout.php
new file mode 100644
index 0000000..6088880
--- /dev/null
+++ b/html/api/new_workout.php
@@ -0,0 +1,29 @@
+prepare($sql);
+ $stmt->bindParam(1, $_GET['token']);
+ if ($stmt->execute()){
+ if ($stmt->rowCount() == 1){
+ $sql = "select user from tokens where token=?";
+ $stmt = $pdo->prepare($sql);
+ $stmt->bindParam(1, $_GET['token']);
+ if ($stmt->execute()){
+ $uid = $stmt->fetchAll(PDO::FETCH_ASSOC)[0]['user'];
+ if (isset($_POST['name'])){
+ $sql = "INSERT INTO `workout_routines`(`creator`, `title`, `public`) VALUES (?,?,0)";
+ $stmt = $pdo->prepare($sql);
+ $stmt->bindParam(1, $uid);
+ $stmt->bindParam(2, $_POST['name']);
+ if ($stmt->execute()){
+ echo 'sucess';
+ }else{
+ var_dump($stmt->errorInfo());
+ }
+ }
+ }
+ }
+ }
+}
\ No newline at end of file