| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 |
- <?php
-
- require_once 'config.php';
- require_once 'dbh.inc.php';
- require_once 'checkLogin.php';
-
- // EXAMPLE INPUT...
- // array(4) { ["id_experience"]=> string(1) "1" ["mil_title"]=> string(1) "t" ["mil_date"]=> string(10) "2222-02-22" ["newMilestone"]=> string(0) "" }
-
- if(isset($_POST['newMilestone'])) {
-
-
- /*** FETCH THE BASIC INFO OF THE NEW MILESTONE ***/
- $experienceID = mysqli_real_escape_string($connection, trim($_POST['id_experience']));
- $milestoneTitle = mysqli_real_escape_string($connection, trim($_POST['mil_title']));
- $milestoneDate = mysqli_real_escape_string($connection, trim($_POST['mil_date']));
-
-
- // Check that experienceID is not an empty string
- // And that experienceID is in the database
- if($experienceID === "") {
- http_response_code(400);
- echo json_encode(array("error" => "Please specify experience ID."));
- exit();
- } else if(mysqli_query($connection, "SELECT * FROM experience WHERE id = $experienceID;")->num_rows !== 1) {
- http_response_code(400);
- echo json_encode(array("error" => "Given experience ID ($experienceID) not in database."));
- exit();
- }
-
- // Check that milestoneTitle is not an empty string
- // And that it doesn't exceed 256 characters (database limit)
- if($milestoneTitle === "") {
- http_response_code(400);
- echo json_encode(array("error" => "Please specify milestone title."));
- exit();
- } else if(mb_strlen($milestoneTitle) > 256) {
- http_response_code(400);
- echo json_encode(array("error" => "Milestone title too long (max. is 256 characters)."));
- exit();
- }
-
- // Check that milestoneDate is not an empty string
- // And that milestoneDate is in appropriate format YYYY-MM-DD (e.g. 2222-02-22)
- // WARNING: only handling AST
- // HELP: https://www.codexworld.com/how-to/validate-date-input-string-in-php/
-
- function validDate($date) {
- $d = date_create_from_format("Y-m-d", $date);
- return $d && date_format($d, "Y-m-d") === $date;
- }
-
- if($milestoneDate === "") {
- http_response_code(400);
- echo json_encode(array("error" => "Please specify milestone date."));
- exit();
- } else if(!validDate($milestoneDate)) {
- http_response_code(400);
- echo json_encode(array("error" => "Milestone date ($milestoneDate) given in wrong format (use YYYY-MM-DD instead)."));
- exit();
- }
-
-
-
-
- /*** START OF DB QUERIES ***/
- // exit();
- // while(TRUE) {
- // exit();
- // }
- // exit();
- /*** IF IT GOT THROUGH VALIDATION, IT'S TOO LATE ***/
-
-
-
-
-
- $query = "INSERT INTO milestone (title, date, id_experience) VALUES ('".$milestoneTitle."','".$milestoneDate."','".$experienceID."');";
- if(!mysqli_query($connection, $query)) die("Error: Couldn't create milestone<br>".mysqli_error($connection));
-
-
-
-
-
- }
-
- ?>
|
