暂无描述

updateMoment.php 2.5KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182
  1. <?php
  2. require_once 'config.php';
  3. require_once 'dbh.inc.php';
  4. require_once 'checkLogin.php';
  5. // EXAMPLE INPUT...
  6. // array(4) { ["momentID"]=> string(3) "137" ["newTitle"]=> string(18) "saludos de saludos" ["newDescription"]=> string(18) "saludos de saludos" ["updateMoment"]=> string(0) "" }
  7. if(isset($_POST['updateMoment'])) {
  8. $momentID = mysqli_real_escape_string($connection, trim($_POST['momentID']));
  9. // Check that moment ID is not empty string
  10. // And that it's registered in the database
  11. if($momentID === "") {
  12. http_response_code(400);
  13. echo json_encode(array("error" => "Please specify moment ID."));
  14. exit();
  15. } else if(mysqli_query($connection, "SELECT * FROM subquestionnair WHERE id = '$momentID';")->num_rows !== 1) {
  16. http_response_code(400);
  17. echo json_encode(array("error" => "Given moment ID ($momentID) not in database."));
  18. exit();
  19. }
  20. // UPDATE TITLE
  21. if(isset($_POST['newTitle'])) {
  22. $newTitle = mysqli_real_escape_string($connection, trim($_POST['newTitle']));
  23. // Check that moment title is not empty
  24. // And that it's less than 60 characters in length (database limit)
  25. if($newTitle === "") {
  26. http_response_code(400);
  27. echo json_encode(array("error" => "Please specify title."));
  28. exit();
  29. } else if(mb_strlen($newTitle) > 60) {
  30. http_response_code(400);
  31. echo json_encode(array("error" => "Title too long (max. is 60 characters)."));
  32. exit();
  33. }
  34. $query = "UPDATE `subquestionnair` SET `title` = '$newTitle' WHERE `id` = '$momentID';";
  35. $result = mysqli_query($connection, $query) or die("Error: ".mysqli_error($connection));
  36. }
  37. // UPDATE DESCRIPTION
  38. if(isset($_POST['newDescription'])) {
  39. $newDescription = mysqli_real_escape_string($connection, trim($_POST['newDescription']));
  40. // Check that moment description is not empty
  41. // And that it's less than 100 characters in length (database limit)
  42. if($newDescription === "") {
  43. http_response_code(400);
  44. echo json_encode(array("error" => "Please specify description."));
  45. exit();
  46. } else if(mb_strlen($newDescription) > 100) {
  47. http_response_code(400);
  48. echo json_encode(array("error" => "Description too long (max. is 100 characters)."));
  49. exit();
  50. }
  51. $query = "UPDATE `subquestionnair` SET `description` = '$newDescription' WHERE `id` = '$momentID';";
  52. $result = mysqli_query($connection, $query) or die("Error: ".mysqli_error($connection));
  53. }
  54. }