Без опису

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687
  1. <?php
  2. require_once 'config.php';
  3. require_once 'dbh.inc.php';
  4. require_once 'checkLogin.php';
  5. // EXAMPLE INPUT...
  6. // array(4) { ["id_experience"]=> string(1) "1" ["mil_title"]=> string(1) "t" ["mil_date"]=> string(10) "2222-02-22" ["newMilestone"]=> string(0) "" }
  7. if(isset($_POST['newMilestone'])) {
  8. /*** FETCH THE BASIC INFO OF THE NEW MILESTONE ***/
  9. $experienceID = mysqli_real_escape_string($connection, trim($_POST['id_experience']));
  10. $milestoneTitle = mysqli_real_escape_string($connection, trim($_POST['mil_title']));
  11. $milestoneDate = mysqli_real_escape_string($connection, trim($_POST['mil_date']));
  12. // Check that experienceID is not an empty string
  13. // And that experienceID is in the database
  14. if($experienceID === "") {
  15. http_response_code(400);
  16. echo json_encode(array("error" => "Please specify experience ID."));
  17. exit();
  18. } else if(mysqli_query($connection, "SELECT * FROM experience WHERE id = $experienceID;")->num_rows !== 1) {
  19. http_response_code(400);
  20. echo json_encode(array("error" => "Given experience ID ($experienceID) not in database."));
  21. exit();
  22. }
  23. // Check that milestoneTitle is not an empty string
  24. // And that it doesn't exceed 256 characters (database limit)
  25. if($milestoneTitle === "") {
  26. http_response_code(400);
  27. echo json_encode(array("error" => "Please specify milestone title."));
  28. exit();
  29. } else if(mb_strlen($milestoneTitle) > 256) {
  30. http_response_code(400);
  31. echo json_encode(array("error" => "Milestone title too long (max. is 256 characters)."));
  32. exit();
  33. }
  34. // Check that milestoneDate is not an empty string
  35. // And that milestoneDate is in appropriate format YYYY-MM-DD (e.g. 2222-02-22)
  36. // WARNING: only handling AST
  37. // HELP: https://www.codexworld.com/how-to/validate-date-input-string-in-php/
  38. function validDate($date) {
  39. $d = date_create_from_format("Y-m-d", $date);
  40. return $d && date_format($d, "Y-m-d") === $date;
  41. }
  42. if($milestoneDate === "") {
  43. http_response_code(400);
  44. echo json_encode(array("error" => "Please specify milestone date."));
  45. exit();
  46. } else if(!validDate($milestoneDate)) {
  47. http_response_code(400);
  48. echo json_encode(array("error" => "Milestone date ($milestoneDate) given in wrong format (use YYYY-MM-DD instead)."));
  49. exit();
  50. }
  51. /*** START OF DB QUERIES ***/
  52. // exit();
  53. // while(TRUE) {
  54. // exit();
  55. // }
  56. // exit();
  57. /*** IF IT GOT THROUGH VALIDATION, IT'S TOO LATE ***/
  58. $query = "INSERT INTO milestone (title, date, id_experience) VALUES ('".$milestoneTitle."','".$milestoneDate."','".$experienceID."');";
  59. if(!mysqli_query($connection, $query)) die("Error: Couldn't create milestone<br>".mysqli_error($connection));
  60. }
  61. ?>