api/v1/update/index.php at master · stau.space/aecc-db

stau.space / aecc-db
AECC database project.
aecc-db / api / v1 / update / index.php
at master 269 lines 8.1 kB view raw
  1<?php
  2print header('Content-Type: application/json');
  3include("../../../lib/header.php");
  4$_POST = json_decode(file_get_contents("php://input"), true);
  5
  6if (isset($_POST["t"])) {
  7	$type = validate_input($_POST["t"]);
  8	print match ($type) {
  9		"activity" => activity(),
 10		"activity_transaction" => activity_transaction(),
 11		"board_member" => board_member(),
 12		"member" => member(),
 13		"product" => product(),
 14		"transaction" => transaction(),
 15		default => header("HTTP/1.1 400 Incorrect table type")
 16	};
 17} else {
 18	print header("HTTP/1.1 400 Missing table type");
 19	print json_encode(err_msg(1));
 20}
 21
 22function activity() {
 23	include("../../../lib/db.php");
 24	$out = "";
 25	if (isset($_POST["a_id"]) && (isset($_POST["title"]) || isset($_POST["description"]) || isset($_POST["date"]))) {
 26		$s = "UPDATE activity SET ";
 27		$param_str = "";
 28		$params = array();
 29		$comma = "";
 30		if (isset($_POST["title"])) {
 31			$s .= "title = ?";
 32			$param_str .= "s";
 33			$params[] = validate_input($_POST["title"]);
 34			$comma = ", ";
 35		}
 36		if (isset($_POST["description"])) {
 37			$s .= $comma . "description = ?";
 38			$param_str .= "s";
 39			$params[] = validate_input($_POST["description"]);
 40			$comma = ", ";
 41		}
 42		if (isset($_POST["date"])) {
 43			$s .= $comma . "date = ? ";
 44			$param_str .= "s";
 45			$params[] = validate_input($_POST["date"]);
 46		}
 47		$s .= "WHERE a_id = ?;";
 48		$param_str .= "i";
 49		$a_id = validate_input($_POST["a_id"]);
 50		$params[] = $a_id;
 51		$stmt = $db -> prepare($s);
 52		$stmt -> bind_param($param_str, ...$params);
 53		if ($stmt -> execute()) {
 54			print header("HTTP/1.1 201 Succesfully updated activity");
 55			print header("Location: https://ada.uprrp.edu/~diego.estrada1/CCOM/4027/db/api/v1/read/?t=activity&a_id=${a_id}");
 56			$out .= json_encode(array("a_id" => $a_id));
 57		} else {
 58			print header("HTTP/1.1 500 Internal server error ocurred while updating activity");
 59		}
 60	} else {
 61		print header("HTTP/1.1 400 Missing a_id");
 62		$out = json_encode(err_msg(3));
 63	}
 64	$db->close();
 65	return $out;
 66}
 67
 68function board_member() {
 69	include("../../../lib/db.php");
 70	$out = "";
 71	if (isset($_POST["m_id"]) && (isset($_POST["position"]) || isset($_POST["year"]) || isset($_POST["role"]) || isset($_POST["password"]))) {
 72		$s = "UPDATE activity SET ";
 73		$param_str = "";
 74		$params = array();
 75		if (!isset($_POST["position"])) {
 76			$s .= "position = ?, ";
 77			$param_str = "s";
 78			$params[] = validate_input($_POST["position"]);
 79		}
 80		if (!isset($_POST["year"])) {
 81			$s .= "year = ?, ";
 82			$param_str = "i";
 83			$params[] = validate_input($_POST["year"]);
 84		}
 85		if (!isset($_POST["role"])) {
 86			$s .= "role = ? ";
 87			$param_str = "s";
 88			$params[] = validate_input($_POST["role"]);
 89		}
 90		if (!isset($_POST["password"])) {
 91			$s .= "password = ?, ";
 92			$param_str = "s";
 93			$params[] = validate_input($_POST["password"]);
 94		}
 95		$s .= "1 = 1 WHERE m_id = ?;";
 96		$param_str = "i";
 97		$params[] = validate_input($_POST["m_id"]);
 98		$stmt = $db -> prepare($s);
 99		$stmt -> bind_param($param_str, ...$params);
100		if ($stmt -> execute()) {
101			print header("HTTP/1.1 202 Succesfully updated board_member");
102			print header("Location: https://ada.uprrp.edu/~diego.estrada1/CCOM/4027/db/api/v1/read/?t=board_member&m_id=${m_id}");
103		} else {
104			print header("HTTP/1.1 500 Internal server error ocurred while updating board_member");
105		}
106	} else {
107		print header("HTTP/1.1 400 Missing m_id");
108		$out = json_encode(err_msg(3));
109	}
110	$db->close();
111	return $out;
112}
113
114function member() {
115	include("../../../lib/db.php");
116	$out = "";
117	if (isset($_POST["m_id"]) && (isset($_POST["name"]) || isset($_POST["second_name"]) || isset($_POST["last_name"]) || isset($_POST["second_last_name"]) || isset($_POST["email"]) || isset($_POST["phone_number"]) || isset($_POST["status"]))) {
118		$s = "UPDATE activity SET ";
119		$param_str = "";
120		$params = array();
121		if (!isset($_POST["name"])) {
122			$s .= "name = ?, ";
123			$param_str = "s";
124			$params[] = validate_input($_POST["name"]);
125		}
126		if (!isset($_POST["second_name"])) {
127			$s .= "second_name = ?, ";
128			$param_str = "s";
129			$params[] = validate_input($_POST["second_name"]);
130		}
131		if (!isset($_POST["last_name"])) {
132			$s .= "last_name = ?, ";
133			$param_str = "s";
134			$params[] = validate_input($_POST["last_name"]);
135		}
136		if (!isset($_POST["second_last_name"])) {
137			$s .= "second_last_name = ?, ";
138			$param_str = "s";
139			$params[] = validate_input($_POST["second_last_name"]);
140		}
141		if (!isset($_POST["email"])) {
142			$s .= "email = ? ";
143			$param_str = "s";
144			$params[] = validate_input($_POST["email"]);
145		}
146		if (!isset($_POST["phone_number"])) {
147			$s .= "phone_number = ?, ";
148			$param_str = "s";
149			$params[] = validate_input($_POST["phone_number"]);
150		}
151		if (!isset($_POST["status"])) {
152			$s .= "status = ?, ";
153			$param_str = "s";
154			$params[] = validate_input($_POST["status"]);
155		}
156		$s .= "1 = 1 WHERE m_id = ?;";
157		$param_str = "i";
158		$params[] = validate_input($_POST["m_id"]);
159		$stmt = $db -> prepare($s);
160		$stmt -> bind_param($param_str, ...$params);
161		if ($stmt -> execute()) {
162			print header("HTTP/1.1 202 Succesfully updated member");
163			print header("Location: https://ada.uprrp.edu/~diego.estrada1/CCOM/4027/db/api/v1/read/?t=member&m_id=${m_id}");
164		} else {
165			print header("HTTP/1.1 500 Internal server error ocurred while updating product");
166		}
167	} else {
168		print header("HTTP/1.1 400 Missing m_id");
169		$out = json_encode(err_msg(3));
170	}
171	$db->close();
172	return $out;
173}
174
175function product() {
176	include("../../../lib/db.php");
177	$out = "";
178	if (isset($_POST["p_id"]) && (isset($_POST["cents"]) || isset($_POST["description"]))) {
179		$s = "UPDATE product SET ";
180		$param_str = "";
181		$params = array();
182		$comma = "";
183		if (isset($_POST["cents"])) {
184			$s .= "cents = ?";
185			$param_str .= "i";
186			$params[] = validate_input($_POST["cents"]);
187			$comma = ", ";
188		}
189		if (isset($_POST["description"])) {
190			$s .= $comma . "description = ?";
191			$param_str .= "s";
192			$params[] = validate_input($_POST["description"]);
193		}
194
195		$s .= " WHERE p_id = ?;";
196		$param_str .= "i";
197		$p_id = validate_input($_POST["p_id"]);
198		$params[] = $p_id;
199		$stmt = $db -> prepare($s);
200		$stmt -> bind_param($param_str, ...$params);
201
202		if ($stmt -> execute()) {
203			print header("HTTP/1.1 201 Succesfully updated product");
204			$out .= json_encode(array("p_id" => $p_id));
205		} else {
206			print header("HTTP/1.1 500 Internal server error ocurred while updating product");
207		}
208	} else {
209		print header("HTTP/1.1 400 Missing p_id");
210		$out = json_encode(err_msg(3));
211	}
212	$db->close();
213
214	return $out;
215}
216
217function transaction() {
218	include("../../../lib/db.php");
219	$out = "";
220	if (isset($_POST["t_id"]) && (isset($_POST["type"]) || isset($_POST["date"]) || isset($_POST["quantity"]) || isset($_POST["p_id"]))) {
221		$s = "UPDATE transaction SET ";
222		$param_str = "";
223		$params = array();
224		$comma = "";
225		if (isset($_POST["type"])) {
226			$s .= "type = ?";
227			$param_str .= "s";
228			$params[] = validate_input($_POST["type"]);
229			$comma = ", ";
230		}
231		if (isset($_POST["date"])) {
232			$s .= $comma . "date = ?";
233			$param_str .= "s";
234			$params[] = validate_input($_POST["date"]);
235			$comma = ", ";
236		}
237		if (isset($_POST["quantity"])) {
238			$s .= $comma . "quantity = ?";
239			$param_str .= "i";
240			$params[] = validate_input($_POST["quantity"]);
241			$comma = ", ";
242		}
243		if (isset($_POST["p_id"])) {
244			$s .= $comma . "p_id = ?";
245			$param_str .= "i";
246			$params[] = validate_input($_POST["p_id"]);
247		}
248		$s .= " WHERE t_id = ?;";
249		$param_str .= "i";
250		$t_id = validate_input($_POST["t_id"]);
251		$params[] = $t_id;
252		$stmt = $db -> prepare($s);
253		$stmt -> bind_param($param_str, ...$params);
254		if ($stmt -> execute()) {
255			print header("HTTP/1.1 201 Succesfully updated transaction");
256			print header("Location: https://ada.uprrp.edu/~diego.estrada1/CCOM/4027/db/api/v1/read/?t=transaction&t_id=${t_id}");
257			$out .= json_encode(array("t_id" => $t_id));
258		} else {
259			print header("HTTP/1.1 500 Internal server error ocurred while updating transaction");
260		}
261	} else {
262		print header("HTTP/1.1 400 Missing t_id");
263		$out = json_encode(err_msg(3));
264	}
265	$db->close();
266	return $out;
267}
268
269?>