Marle
/
webAdministracion


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139
							<?php 

	/* THIS SCRIPT UPDATES THE DATE OF A MILESTONE/MOMENT FROM A CALENDAR CHANGE OR MANUAL EDITION */

	require_once 'processes/config.php';
	require_once 'processes/dbh.inc.php';
	require_once 'processes/checkLogin.php';

	if(isset($_POST['experienceID'])) {
	
		
		$idAndType = mysqli_real_escape_string($connection, trim($_POST['id']));
		
		// Check that idAndType is not an empty string
		if($idAndType === "") {
			http_response_code(400);
			echo json_encode(array("error" => "Please specify event ID and type ('moment' or 'milestone') separated by a '-'."));
			exit();
		}
		
		
		$id = explode('-', $idAndType)[0];
		$type = explode('-', $idAndType)[1];
		
		// Check that type is moment or milestone
		if($type !== "moment" && $type !== "milestone") {
			http_response_code(400);
			echo json_encode(array("error" => "Please specify valid event type ('moment' or 'milestone')."));
			exit();
		}
		
		
		$experienceID = mysqli_real_escape_string($connection, trim($_POST['experienceID'])); // we don't really need it
		
		// Check that experienceID is not an empty string
		// And that experienceID is registered in the database
		if($experienceID === "") {
			http_response_code(400);
			echo json_encode(array("error" => "Please specify experience ID."));
			exit();
		} else if(!mysqli_query($connection, "SELECT * FROM experience WHERE id = $experienceID;")) {
			http_response_code(400);
			echo json_encode(array("error" => "Given experience ID ($experienceID) not in database."));
			exit();
		}
		
		
		$newStartDate = mysqli_real_escape_string($connection, trim($_POST['newStartDate']));
		
		// Check if maxVal is greater or equal to 2 (we decided it should be like that)
		// WARNING: for now, it only supports AST UNIX timestamps
		// REMINDERS:
			// is_numeric() ensures the string is a number
			// intval() returns truncates "starting numeric-like" numbers (e.g. 1234asdf is 1234)
			// intval() returns 0 if it detects "normal string" (e.g. asdf1234 is 0)
		if($newStartDate === "") {
			http_response_code(400);
			echo json_encode(array("error" => "Please specify new start date (in UNIX timestamp)."));
			exit();
		} else if(!is_numeric($newStartDate)) {
			http_response_code(400);
			echo json_encode(array("error" => "New start date has to be numeric (namely, a UNIX timestamp)."));
			exit();
		}
		
		
// 		$newEndDate = mysqli_real_escape_string($connection, trim($_POST['newEndDate'])); // we don't really need it since moments' and milestones' length are fixed
		
		
		// PROCESS DATE IN READABLE FORMAT
		// (WE EXPECT A UNIX TIMESTAMP i.e. A NUMBER)
		// (WE WANT IT LIKE: 2019-12-04 17:00:00)
		$date = date("Y-m-d H:i:s", (int)$newStartDate / 1000);


		if($type === 'moment') {
		
		
			// Check that moment ID isn't an empty string
			// And that moment ID is registered in database
			if($id === "") {
				http_response_code(400);
				echo json_encode(array("error" => "Please specify moment ID."));
				exit();
			} else if(!mysqli_query($connection, "SELECT * FROM subquestionnair WHERE id = $id")) {
				http_response_code(400);
				echo json_encode(array("error" => "Given moment ID ($id) not in database."));
				exit();
			}
		

			$queryMoment = 
			"UPDATE subquestionnair
			SET date_to_administer = '$date'
			WHERE id = $id";
	
			if(!mysqli_query($connection, $queryMoment)) {
				http_response_code(400);
				echo json_encode(array("error" => "Couldn't update moment date."));
			}
	
		} else if($type === 'milestone') {
	
	
			// Check that milestone ID isn't an empty string
			// And that milestone ID is registered in database
			if($id === "") {
				http_response_code(400);
				echo json_encode(array("error" => "Please specify milestone ID."));
				exit();
			} else if(!mysqli_query($connection, "SELECT * FROM milestone WHERE id = $id")) {
				http_response_code(400);
				echo json_encode(array("error" => "Given milestone ID ($id) not in database."));
				exit();
			}
			
	
			$queryMilestone = 
			"UPDATE milestone
			SET date = '$date'
			WHERE id = $id AND id_experience = $experienceID";
			
			if(!mysqli_query($connection, $queryMilestone)) {
				http_response_code(400);
				echo json_encode(array("error" => "Couldn't update milestone date."));
			}
	
		}
		
	}


?>