"Please specify event ID and type ('moment' or 'milestone') separated by a '-'.")); exit(); } $id = explode('-', $idAndType)[0]; $type = explode('-', $idAndType)[1]; // Check that type is moment or milestone if($type !== "moment" && $type !== "milestone") { http_response_code(400); echo json_encode(array("error" => "Please specify valid event type ('moment' or 'milestone').")); exit(); } $experienceID = mysqli_real_escape_string($connection, trim($_POST['experienceID'])); // we don't really need it // Check that experienceID is not an empty string // And that experienceID is registered in the database if($experienceID === "") { http_response_code(400); echo json_encode(array("error" => "Please specify experience ID.")); exit(); } else if(!mysqli_query($connection, "SELECT * FROM experience WHERE id = $experienceID;")) { http_response_code(400); echo json_encode(array("error" => "Given experience ID ($experienceID) not in database.")); exit(); } $newStartDate = mysqli_real_escape_string($connection, trim($_POST['newStartDate'])); // Check if maxVal is greater or equal to 2 (we decided it should be like that) // WARNING: for now, it only supports AST UNIX timestamps // REMINDERS: // is_numeric() ensures the string is a number // intval() returns truncates "starting numeric-like" numbers (e.g. 1234asdf is 1234) // intval() returns 0 if it detects "normal string" (e.g. asdf1234 is 0) if($newStartDate === "") { http_response_code(400); echo json_encode(array("error" => "Please specify new start date (in UNIX timestamp).")); exit(); } else if(!is_numeric($newStartDate)) { http_response_code(400); echo json_encode(array("error" => "New start date has to be numeric (namely, a UNIX timestamp).")); exit(); } // $newEndDate = mysqli_real_escape_string($connection, trim($_POST['newEndDate'])); // we don't really need it since moments' and milestones' length are fixed // PROCESS DATE IN READABLE FORMAT // (WE EXPECT A UNIX TIMESTAMP i.e. A NUMBER) // (WE WANT IT LIKE: 2019-12-04 17:00:00) $date = date("Y-m-d H:i:s", (int)$newStartDate / 1000); if($type === 'moment') { // Check that moment ID isn't an empty string // And that moment ID is registered in database if($id === "") { http_response_code(400); echo json_encode(array("error" => "Please specify moment ID.")); exit(); } else if(!mysqli_query($connection, "SELECT * FROM subquestionnair WHERE id = $id")) { http_response_code(400); echo json_encode(array("error" => "Given moment ID ($id) not in database.")); exit(); } $queryMoment = "UPDATE subquestionnair SET date_to_administer = '$date' WHERE id = $id"; if(!mysqli_query($connection, $queryMoment)) { http_response_code(400); echo json_encode(array("error" => "Couldn't update moment date.")); } } else if($type === 'milestone') { // Check that milestone ID isn't an empty string // And that milestone ID is registered in database if($id === "") { http_response_code(400); echo json_encode(array("error" => "Please specify milestone ID.")); exit(); } else if(!mysqli_query($connection, "SELECT * FROM milestone WHERE id = $id")) { http_response_code(400); echo json_encode(array("error" => "Given milestone ID ($id) not in database.")); exit(); } $queryMilestone = "UPDATE milestone SET date = '$date' WHERE id = $id AND id_experience = $experienceID"; if(!mysqli_query($connection, $queryMilestone)) { http_response_code(400); echo json_encode(array("error" => "Couldn't update milestone date.")); } } } ?>