<?php
/* THIS SCRIPT UPDATES THE DATE OF A MILESTONE/MOMENT FROM A CALENDAR CHANGE OR MANUAL EDITION */
require_once 'processes/config.php';
require_once 'processes/dbh.inc.php';
require_once 'processes/checkLogin.php';
if(isset($_POST['experienceID'])) {
$idAndType = mysqli_real_escape_string($connection, trim($_POST['id']));
// Check that idAndType is not an empty string
if($idAndType === "") {
http_response_code(400);
echo json_encode(array("error" => "Please specify event ID and type ('moment' or 'milestone') separated by a '-'."));
exit();
}
$id = explode('-', $idAndType)[0];
$type = explode('-', $idAndType)[1];
// Check that type is moment or milestone
if($type !== "moment" && $type !== "milestone") {
http_response_code(400);
echo json_encode(array("error" => "Please specify valid event type ('moment' or 'milestone')."));
exit();
}
$experienceID = mysqli_real_escape_string($connection, trim($_POST['experienceID'])); // we don't really need it
// Check that experienceID is not an empty string
// And that experienceID is registered in the database
if($experienceID === "") {
http_response_code(400);
echo json_encode(array("error" => "Please specify experience ID."));
exit();
} else if(!mysqli_query($connection, "SELECT * FROM experience WHERE id = $experienceID;")) {
http_response_code(400);
echo json_encode(array("error" => "Given experience ID ($experienceID) not in database."));
exit();
}
$newStartDate = mysqli_real_escape_string($connection, trim($_POST['newStartDate']));
// Check if maxVal is greater or equal to 2 (we decided it should be like that)
// WARNING: for now, it only supports AST UNIX timestamps
// REMINDERS:
// is_numeric() ensures the string is a number
// intval() returns truncates "starting numeric-like" numbers (e.g. 1234asdf is 1234)
// intval() returns 0 if it detects "normal string" (e.g. asdf1234 is 0)
if($newStartDate === "") {
http_response_code(400);
echo json_encode(array("error" => "Please specify new start date (in UNIX timestamp)."));
exit();
} else if(!is_numeric($newStartDate)) {
http_response_code(400);
echo json_encode(array("error" => "New start date has to be numeric (namely, a UNIX timestamp)."));
exit();
}
// $newEndDate = mysqli_real_escape_string($connection, trim($_POST['newEndDate'])); // we don't really need it since moments' and milestones' length are fixed
// PROCESS DATE IN READABLE FORMAT
// (WE EXPECT A UNIX TIMESTAMP i.e. A NUMBER)
// (WE WANT IT LIKE: 2019-12-04 17:00:00)
$date = date("Y-m-d H:i:s", (int)$newStartDate / 1000);
if($type === 'moment') {
// Check that moment ID isn't an empty string
// And that moment ID is registered in database
if($id === "") {
http_response_code(400);
echo json_encode(array("error" => "Please specify moment ID."));
exit();
} else if(!mysqli_query($connection, "SELECT * FROM subquestionnair WHERE id = $id")) {
http_response_code(400);
echo json_encode(array("error" => "Given moment ID ($id) not in database."));
exit();
}
$queryMoment =
"UPDATE subquestionnair
SET date_to_administer = '$date'
WHERE id = $id";
if(!mysqli_query($connection, $queryMoment)) {
http_response_code(400);
echo json_encode(array("error" => "Couldn't update moment date."));
}
} else if($type === 'milestone') {
// Check that milestone ID isn't an empty string
// And that milestone ID is registered in database
if($id === "") {
http_response_code(400);
echo json_encode(array("error" => "Please specify milestone ID."));
exit();
} else if(!mysqli_query($connection, "SELECT * FROM milestone WHERE id = $id")) {
http_response_code(400);
echo json_encode(array("error" => "Given milestone ID ($id) not in database."));
exit();
}
$queryMilestone =
"UPDATE milestone
SET date = '$date'
WHERE id = $id AND id_experience = $experienceID";
if(!mysqli_query($connection, $queryMilestone)) {
http_response_code(400);
echo json_encode(array("error" => "Couldn't update milestone date."));
}
}
}
?>