Ei kuvausta

special4.php 4.2KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139
  1. <?php
  2. /* THIS SCRIPT UPDATES THE DATE OF A MILESTONE/MOMENT FROM A CALENDAR CHANGE OR MANUAL EDITION */
  3. require_once 'processes/config.php';
  4. require_once 'processes/dbh.inc.php';
  5. require_once 'processes/checkLogin.php';
  6. if(isset($_POST['experienceID'])) {
  7. $idAndType = mysqli_real_escape_string($connection, trim($_POST['id']));
  8. // Check that idAndType is not an empty string
  9. if($idAndType === "") {
  10. http_response_code(400);
  11. echo json_encode(array("error" => "Please specify event ID and type ('moment' or 'milestone') separated by a '-'."));
  12. exit();
  13. }
  14. $id = explode('-', $idAndType)[0];
  15. $type = explode('-', $idAndType)[1];
  16. // Check that type is moment or milestone
  17. if($type !== "moment" && $type !== "milestone") {
  18. http_response_code(400);
  19. echo json_encode(array("error" => "Please specify valid event type ('moment' or 'milestone')."));
  20. exit();
  21. }
  22. $experienceID = mysqli_real_escape_string($connection, trim($_POST['experienceID'])); // we don't really need it
  23. // Check that experienceID is not an empty string
  24. // And that experienceID is registered in the database
  25. if($experienceID === "") {
  26. http_response_code(400);
  27. echo json_encode(array("error" => "Please specify experience ID."));
  28. exit();
  29. } else if(!mysqli_query($connection, "SELECT * FROM experience WHERE id = $experienceID;")) {
  30. http_response_code(400);
  31. echo json_encode(array("error" => "Given experience ID ($experienceID) not in database."));
  32. exit();
  33. }
  34. $newStartDate = mysqli_real_escape_string($connection, trim($_POST['newStartDate']));
  35. // Check if maxVal is greater or equal to 2 (we decided it should be like that)
  36. // WARNING: for now, it only supports AST UNIX timestamps
  37. // REMINDERS:
  38. // is_numeric() ensures the string is a number
  39. // intval() returns truncates "starting numeric-like" numbers (e.g. 1234asdf is 1234)
  40. // intval() returns 0 if it detects "normal string" (e.g. asdf1234 is 0)
  41. if($newStartDate === "") {
  42. http_response_code(400);
  43. echo json_encode(array("error" => "Please specify new start date (in UNIX timestamp)."));
  44. exit();
  45. } else if(!is_numeric($newStartDate)) {
  46. http_response_code(400);
  47. echo json_encode(array("error" => "New start date has to be numeric (namely, a UNIX timestamp)."));
  48. exit();
  49. }
  50. // $newEndDate = mysqli_real_escape_string($connection, trim($_POST['newEndDate'])); // we don't really need it since moments' and milestones' length are fixed
  51. // PROCESS DATE IN READABLE FORMAT
  52. // (WE EXPECT A UNIX TIMESTAMP i.e. A NUMBER)
  53. // (WE WANT IT LIKE: 2019-12-04 17:00:00)
  54. $date = date("Y-m-d H:i:s", (int)$newStartDate / 1000);
  55. if($type === 'moment') {
  56. // Check that moment ID isn't an empty string
  57. // And that moment ID is registered in database
  58. if($id === "") {
  59. http_response_code(400);
  60. echo json_encode(array("error" => "Please specify moment ID."));
  61. exit();
  62. } else if(!mysqli_query($connection, "SELECT * FROM subquestionnair WHERE id = $id")) {
  63. http_response_code(400);
  64. echo json_encode(array("error" => "Given moment ID ($id) not in database."));
  65. exit();
  66. }
  67. $queryMoment =
  68. "UPDATE subquestionnair
  69. SET date_to_administer = '$date'
  70. WHERE id = $id";
  71. if(!mysqli_query($connection, $queryMoment)) {
  72. http_response_code(400);
  73. echo json_encode(array("error" => "Couldn't update moment date."));
  74. }
  75. } else if($type === 'milestone') {
  76. // Check that milestone ID isn't an empty string
  77. // And that milestone ID is registered in database
  78. if($id === "") {
  79. http_response_code(400);
  80. echo json_encode(array("error" => "Please specify milestone ID."));
  81. exit();
  82. } else if(!mysqli_query($connection, "SELECT * FROM milestone WHERE id = $id")) {
  83. http_response_code(400);
  84. echo json_encode(array("error" => "Given milestone ID ($id) not in database."));
  85. exit();
  86. }
  87. $queryMilestone =
  88. "UPDATE milestone
  89. SET date = '$date'
  90. WHERE id = $id AND id_experience = $experienceID";
  91. if(!mysqli_query($connection, $queryMilestone)) {
  92. http_response_code(400);
  93. echo json_encode(array("error" => "Couldn't update milestone date."));
  94. }
  95. }
  96. }
  97. ?>