//Sanitize and trim other fields $scheduleCrewId = filter_input(INPUT_GET, "scheduleCrewId", FILTER_VALIDATE_INT); $scheduleStartDate = filter_input(INPUT_GET, "scheduleStartDate", FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES); //Handle REST calls if ($method === "GET") { //Set XSRF cookie setXsrfCookie("/"); //Get Schedule based on given field if (empty($id) === false) { $schedule = Schedule::getScheduleByScheduleId($pdo, $id); if ($schedule !== null) { $reply->data = $schedule; } } else { if (empty($scheduleAddress1) === false) { $schedule = Schedule::getScheduleByScheduleCrewId($pdo, $id); if ($schedule !== null) { $reply->data = $schedule; } } else { $schedules = Schedule::getAllSchedules($pdo); if ($schedules !== null) { $reply->data = $schedules; } } } } // block non-admin users from doing admin-only tasks if (Access::isAdminLoggedIn() === true) { if ($method === "PUT" || $method === "POST") { verifyXsrf();
public function testGetScheduleByScheduleCrewId() { //count the number of rows and save it for later $numRows = $this->getConnection()->getRowCount("schedule"); //create a new Schedule and insert it into mySQL $schedule = new Schedule(null, $this->crew->getCrewId(), $this->VALID_SCHEDULESTARTDATE); $schedule->insert($this->getPDO()); $this->AssertEquals($numRows + 1, $this->getConnection()->getRowCount("schedule")); //grab the data from mySQL and enforce the fields match our expectations $pdoSchedules = Schedule::getScheduleByScheduleCrewId($this->getPDO(), $schedule->getScheduleCrewId()); //grab the result from the array and validate it foreach ($pdoSchedules as $pdoSchedule) { if ($pdoSchedule->getScheduleCrewId() === $schedule->getScheduleCrewId()) { $this->assertEquals($pdoSchedule->getScheduleCrewId(), $this->crew->getCrewId()); $this->assertEquals($pdoSchedule->getScheduleStartDate(), $schedule->getScheduleStartDate()); } } }