$assess = ABETAssessment::create('', $row['id'], null, $critId);
$assess->add_general_content();
}
return array(OKAY, json_encode($row));
});
http_response_code($code);
echo $json;
}
} else {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// verify fields
static $fields = array('id', 'name', 'abbrv', 'semester', 'year', 'description');
$a = array_map(function ($x) {
if (!array_key_exists($x, $_POST)) {
return null;
}
return !is_null($_POST[$x]) && $_POST[$x] !== '';
}, $fields);
if (($key = array_search(false, $a, false)) !== false) {
if (is_null($a[$key])) {
page_fail_with_reason(BAD_REQUEST, "missing field name");
}
page_fail_on_field(BAD_REQUEST, $fields[$key], 'value must have non-zero length');
}
// update the specified element
$query = new Query(new QueryBuilder(UPDATE_QUERY, array('table' => 'program', 'updates' => array('name' => "s:{$_POST['name']}", 'abbrv' => "s:{$_POST['abbrv']}", 'semester' => "s:{$_POST['semester']}", 'year' => "i:{$_POST['year']}", 'description' => "s:{$_POST['description']}"), 'where' => 'id = ?', 'where-params' => array("i:{$_POST['id']}"), 'limit' => 1)));
echo "{\"success\":true}";
} else {
page_fail(BAD_REQUEST);
}
}
function create_file($gcId)
{
// we must change the file permissions to rw-r--r-- so that mySQL can
// read the uploaded file; this allows 'others' to read the file (beware!)
chmod($_FILES['file']['tmp_name'], 0644);
// perform update/select operations within a transaction
list($code, $message) = Query::perform_transaction(function (&$rollback) use($gcId) {
global $DATETIME_FORMAT;
// create new file_upload entity
$insert = new Query(new QueryBuilder(INSERT_QUERY, array('table' => 'file_upload', 'fields' => array('file_name', 'file_contents', 'file_comment', 'file_created', 'fk_author', 'fk_content_set'), 'values' => array(array("s:{$_FILES['file']['name']}", "l:LOAD_FILE('{$_FILES['file']['tmp_name']}')", "s:", "l:NOW()", "i:{$_SESSION['id']}", "i:{$gcId}")))));
if (!$insert->validate_update()) {
$rollback = true;
return array(SERVER_ERROR, "failed to insert file_upload");
}
// select the newly created row from the DB, along with some info about the user
$row = (new Query(new QueryBuilder(SELECT_QUERY, array('tables' => array('file_upload' => array('id', 'file_name', 'file_comment'), 1 => "DATE_FORMAT(file_created,'{$DATETIME_FORMAT}') file_created", 'userprofile' => array('first_name', 'last_name')), 'joins' => 'INNER JOIN userprofile ON userprofile.id = file_upload.fk_author', 'where' => 'file_upload.id = LAST_INSERT_ID()'))))->get_row_assoc();
if (is_null($row)) {
$rollback = true;
return array(SERVER_ERROR, "could not retrieve inserted row");
}
// format the data for the client
// id, file_name, file_comment (empty), file_created, author (string)
$entity = new stdClass();
$entity->id = $row['id'];
$entity->file_name = $row['file_name'];
$entity->file_comment = $row['file_comment'];
$entity->file_created = $row['file_created'];
$entity->author = "{$row['first_name']} {$row['last_name']}";
return array(OKAY, json_encode($entity));
});
if ($code != OKAY) {
page_fail_with_reason($code, $message);
}
return $message;
}
