webAdministracion/processes/updateExperience.php

<?php

	require_once 'config.php';
	require_once 'dbh.inc.php';
	require_once 'checkLogin.php';

	// IF USER ENTERS PAGE AFTER 'Save Changes' BUTTON HAS BEEN PRESSED (FROM viewExperience.php), EDIT EXPERIENCE BASIC INFO FROM DATABASE
	// ELSE (IF USER ENTERED THIS PAGE WITHOUT SUBMITING A FORM) REDIRECT TO home.php
	if(isset($_POST['updateExperience'])) {
		

		$id = mysqli_real_escape_string($connection, trim($_POST['id']));
		$newTitle = mysqli_real_escape_string($connection, trim($_POST['newTitle']));
		$newDescription = mysqli_real_escape_string($connection, trim($_POST['newDescription']));
		$newType = mysqli_real_escape_string($connection, trim($_POST['newType']));
		$newStart = mysqli_real_escape_string($connection, trim($_POST['newStart']));
		$newEnd = mysqli_real_escape_string($connection, trim($_POST['newEnd']));
		
		
		
		// INSPECT EXPERIENCE ID
		// Check that experience ID is not empty string
		// And that it's registered in the database
		if($id === "") {
			http_response_code(400);
			echo json_encode(array("error" => "Please specify experience ID."));
			exit();
		} else if(mysqli_query($connection, "SELECT * FROM experience WHERE id = '$id';")->num_rows !== 1) {
			http_response_code(400);
			echo json_encode(array("error" => "Given experience ID ($id) not in database."));
			exit();
		}
		
		
		
		// INSPECT TITLE
		// Check that experience title is not empty
		// And that it's less than 60 characters in length (database limit)
		if($newTitle === "") {
			http_response_code(400);
			echo json_encode(array("error" => "Please specify title."));
			exit();
		} else if(mb_strlen($newTitle) > 60) {
			http_response_code(400);
			echo json_encode(array("error" => "Title too long (max. is 60 characters)."));
			exit();
		}
            

		
		// INSPECT DESCRIPTION
		// Check that experience title is not empty
		// And that it's less than 60 characters in length (database limit)
		if($newDescription === "") {
			http_response_code(400);
			echo json_encode(array("error" => "Please specify description."));
			exit();
		} else if(mb_strlen($newDescription) > 100) {
			http_response_code(400);
			echo json_encode(array("error" => "Description too long (max. is 100 characters)."));
			exit();
		}
			

            

		
		// INSPECT TYPE
		// Check that experience type is not empty
		// And that it's either Test, CBRE or URE
		if($newType === "") {
			http_response_code(400);
			echo json_encode(array("error" => "Please specify type."));
			exit();
		} else if($newType !== 'Course-Based Research Experience' AND $newType !== 'Undergraduate Research Experience' AND $newType !== 'Test') {
			http_response_code(400);
			echo json_encode(array("error" => "Invalid type ($newType)."));
			exit();
		}
		
		
		
		
		
		
		function validDate($date) {
			$d = date_create_from_format("Y-m-d", $date);
			return $d && date_format($d, "Y-m-d") === $date;
		}
		
		
		
		
		// INSPECT START DATE
		// Check that startDate is not an empty string
		// And that startDate is in appropriate format YYYY-MM-DD (e.g. 2222-02-22)
		// WARNING: only handling AST
		// HELP: https://www.codexworld.com/how-to/validate-date-input-string-in-php/
// 		if($newStart === "") {
// 			http_response_code(400);
// 			echo json_encode(array("error" => "Please specify experience's start date."));
// 			exit();
// 		} else if(!validDate($newStart)) {
// 			http_response_code(400);
// 			echo json_encode(array("error" => "Experience's start date ($newStart) given in wrong format (use YYYY-MM-DD instead)."));
// 			exit();
// 		}


		// INSPECT END DATE
		// Check that endDate is not an empty string
		// And that endDate is in appropriate format YYYY-MM-DD (e.g. 2222-02-22)
		// WARNING: only handling AST
		// HELP: https://www.codexworld.com/how-to/validate-date-input-string-in-php/
		if($newEnd === "") {
			http_response_code(400);
			echo json_encode(array("error" => "Please specify experience's end date."));
			exit();
		} else if(!validDate($newEnd)) {
			http_response_code(400);
			echo json_encode(array("error" => "Experience's end date ($newEnd) given in wrong format (use YYYY-MM-DD instead)."));
			exit();
		}
		
		
		// Calculate duration in seconds
		$duration_seconds = strtotime($newEnd) - strtotime($newStart);
		
		
		// Check that endDate occurs after the startDate
		if($duration_seconds <= 0) {
			http_response_code(400);
			echo json_encode(array("error" => "Experience's end date ($newEnd) must occur at least a day after the start date ($newStart)."));
			exit();
		}
		
		
		// Change seconds to weeks and round up
		$duration_weeks = round($duration_seconds / 604800); // 60 * 60 * 24 * 7
		
		
		
		// UPDATE TITLE, DESCRIPTION, TYPE, END DATE & DURATION
		$newDuration = mysqli_real_escape_string($connection, trim($duration_weeks));
		$query = "UPDATE `experience`
				  SET `title` = '$newTitle',
				  	  `description` = '$newDescription',
				  	  `type` = '$newType',
				  	  `end_date` = '$newEnd',
				  	  `duration_weeks` = '$newDuration'
				  WHERE `id` = '$id';";
		$result = mysqli_query($connection, $query) or die("Error: ".mysqli_error($connection));
		
		
		
		
		
		// UPDATE START DATE
// 		$query = "UPDATE `experience` SET `start_date` = '$newStart' WHERE `id` = '$id';";
// 		$result = mysqli_query($connection, $query) or die("Error: ".mysqli_error($connection));

		
		
		
		
		
	}