Marle
/
webAdministracion
Tarkkaile 1
Äänestä 0
Fork 0
Koodi Ongelmat 0 Pull-pyynnöt 0 Julkaisut 0 Wiki Activity
Ei kuvausta
2 Commitit
1 Haara
Puu: 8452fc02c6
webAdministracion/processes/insertMilestone.php

insertMilestone.php 2.7KB
Historia Raaka

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687 
  1. <?php 

  2. 

  3. 	require_once 'config.php';

  4. 	require_once 'dbh.inc.php';

  5. 	require_once 'checkLogin.php';	

  6. 

  7. 	// EXAMPLE INPUT...

  8. 	// array(4) { ["id_experience"]=> string(1) "1" ["mil_title"]=> string(1) "t" ["mil_date"]=> string(10) "2222-02-22" ["newMilestone"]=> string(0) "" }

  9. 

  10. 	if(isset($_POST['newMilestone'])) {

  11. 

  12. 

  13. 		/*** FETCH THE BASIC INFO OF THE NEW MILESTONE ***/

  14. 		$experienceID = mysqli_real_escape_string($connection, trim($_POST['id_experience']));

  15. 		$milestoneTitle = mysqli_real_escape_string($connection, trim($_POST['mil_title']));

  16. 		$milestoneDate = mysqli_real_escape_string($connection, trim($_POST['mil_date']));

  17. 		

  18. 		

  19. 		// Check that experienceID is not an empty string

  20. 		// And that experienceID is in the database

  21. 		if($experienceID === "") {

  22. 			http_response_code(400);

  23. 			echo json_encode(array("error" => "Please specify experience ID."));

  24. 			exit();

  25. 		} else if(mysqli_query($connection, "SELECT * FROM experience WHERE id = $experienceID;")->num_rows !== 1) {

  26. 			http_response_code(400);

  27. 			echo json_encode(array("error" => "Given experience ID ($experienceID) not in database."));

  28. 			exit();

  29. 		}

  30. 		

  31. 		// Check that milestoneTitle is not an empty string

  32. 		// And that it doesn't exceed 256 characters (database limit)

  33. 		if($milestoneTitle === "") {

  34. 			http_response_code(400);

  35. 			echo json_encode(array("error" => "Please specify milestone title."));

  36. 			exit();

  37. 		} else if(mb_strlen($milestoneTitle) > 256) {

  38. 			http_response_code(400);

  39. 			echo json_encode(array("error" => "Milestone title too long (max. is 256 characters)."));

  40. 			exit();

  41. 		}

  42. 		

  43. 		// Check that milestoneDate is not an empty string

  44. 		// And that milestoneDate is in appropriate format YYYY-MM-DD (e.g. 2222-02-22)

  45. 		// WARNING: only handling AST

  46. 		// HELP: https://www.codexworld.com/how-to/validate-date-input-string-in-php/

  47. 		

  48. 		function validDate($date) {

  49. 			$d = date_create_from_format("Y-m-d", $date);

  50. 			return $d && date_format($d, "Y-m-d") === $date;

  51. 		}

  52. 		

  53. 		if($milestoneDate === "") {

  54. 			http_response_code(400);

  55. 			echo json_encode(array("error" => "Please specify milestone date."));

  56. 			exit();

  57. 		} else if(!validDate($milestoneDate)) {

  58. 			http_response_code(400);

  59. 			echo json_encode(array("error" => "Milestone date ($milestoneDate) given in wrong format (use YYYY-MM-DD instead)."));

  60. 			exit();

  61. 		}

  62. 

  63. 

  64. 

  65. 

  66. 		/*** START OF DB QUERIES ***/

  67. // 		exit();

  68. // 		while(TRUE) {

  69. // 			exit();

  70. // 		}

  71. // 		exit();	

  72. 		/*** IF IT GOT THROUGH VALIDATION, IT'S TOO LATE ***/

  73. 

  74. 

  75. 

  76. 

  77. 

  78. 		$query = "INSERT INTO milestone (title, date, id_experience) VALUES ('".$milestoneTitle."','".$milestoneDate."','".$experienceID."');";

  79. 		if(!mysqli_query($connection, $query)) die("Error: Couldn't create milestone<br>".mysqli_error($connection));

  80. 

  81. 

  82. 

  83. 

  84. 

  85. 	}

  86. 

  87. ?>