Без опису

removeQuestionFromMoment.php 2.4KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869
  1. <?php
  2. require_once 'config.php';
  3. require_once 'dbh.inc.php';
  4. require_once 'checkLogin.php';
  5. // EXAMPLE INPUT...
  6. // array(3) { ["momentID"]=> string(3) "137" ["questionID"]=> string(3) "266" ["removeQuestionFromMoment"]=> string(0) "" }
  7. if(isset($_POST['removeQuestionFromMoment'])) {
  8. $momentID = mysqli_real_escape_string($connection, trim($_POST['momentID']));
  9. $questionID = mysqli_real_escape_string($connection, trim($_POST['questionID']));
  10. // Check that moment ID is not empty string
  11. // And that it's registered in the database
  12. if($momentID === "") {
  13. http_response_code(400);
  14. echo json_encode(array("error" => "Please specify moment ID."));
  15. exit();
  16. } else if(mysqli_query($connection, "SELECT * FROM subquestionnair WHERE id = '$momentID';")->num_rows !== 1) {
  17. http_response_code(400);
  18. echo json_encode(array("error" => "Given moment ID ($momentID) not in database."));
  19. exit();
  20. }
  21. // Check that question ID is not empty string
  22. // And that it's registered in the database
  23. // And that it belongs to the Questionnaire the Moment belongs to
  24. if($questionID === "") {
  25. http_response_code(400);
  26. echo json_encode(array("error" => "Please specify question ID."));
  27. exit();
  28. } else if(mysqli_query($connection, "SELECT * FROM question WHERE id = '$questionID';")->num_rows !== 1) {
  29. http_response_code(400);
  30. echo json_encode(array("error" => "Given question ID ($questionID) not in database."));
  31. exit();
  32. } else if(mysqli_query($connection, "SELECT * FROM question WHERE id = '$questionID' AND id IN (SELECT id_question FROM questionnair_question WHERE id_questionnair = (SELECT id_questionnair FROM subquestionnair WHERE id = '$momentID'));")->num_rows !== 1) {
  33. http_response_code(400);
  34. echo json_encode(array("error" => "Given question ID ($questionID) is outside the Moment's corresponding Questionnair's scope."));
  35. exit();
  36. }
  37. // Check that the moment hasn't been answered yet
  38. if(mysqli_query($connection, "SELECT * FROM student_subquestionnair WHERE id_subquestionnair = '$momentID';")->num_rows !== 0) {
  39. http_response_code(400);
  40. echo json_encode(array("error" => "Moment already active, deletion denied."));
  41. exit();
  42. }
  43. // Remove question from moment
  44. $query = "DELETE FROM subquestionnair_question WHERE id_subquestionnair = '$momentID' AND id_question = '$questionID';";
  45. $result = mysqli_query($connection, $query) or die("Error: ".mysqli_error($connection));
  46. }