/**
* @url POST add-user-item
*/
protected function postAddUserItem($userId, $userCourseId, $courseItemId)
{
if ($userId == \TTO::getUserId() || \TTO::getRole() == 'admin') {
$statement = '
INSERT INTO user_course_item (userId, userCourseId, courseItemId, actionCount, status, level, seq)
SELECT :userId, :userCourseId, :courseItemId, actionCount, :status, level, seq
FROM view_course_item
WHERE courseItemId = :courseItemId
';
$bind = array('userId' => $userId, 'userCourseId' => $userCourseId, 'courseItemId' => $courseItemId, 'status' => 'start');
\TTOMail::createAndSendAdmin('A user add new item', json_encode($bind));
$itemCount = \Db::execute($statement, $bind);
$userCourseItemId = \Db::getLastInsertId();
$statement = '
INSERT INTO user_course_item_detail (userCourseItemId, itemDetailId, status)
SELECT :userCourseItemId, ID.itemDetailId, :status
FROM course_item AS CI
INNER JOIN item_detail AS ID
ON CI.itemId = ID.ItemId
WHERE courseItemId = :courseItemId
AND ID.isAction = 1
';
$bind = array('userCourseItemId' => $userCourseItemId, 'courseItemId' => $courseItemId, 'status' => 'start');
$itemDetailCount = \Db::execute($statement, $bind);
$response = new \stdClass();
$response->userCourseItemId = $userCourseItemId;
$response->itemCount = $itemCount;
$response->itemDetailCount = $itemDetailCount;
return $response;
} else {
throw new RestException(401, 'No Authorize or Invalid request !!!');
}
}
public function add()
{
$fields = $this->format_request();
$sql = "INSERT troops SET {$fields['sql_params']}\n ON DUPLICATE KEY UPDATE quantity = quantity + :quantity";
$req = Db::prepare($sql);
foreach ($fields['bind_params'] as $field) {
$req->bindParam($field['name'], $field['value'], $field['type']);
}
if ($req->execute()) {
return Db::getLastInsertId();
}
return false;
}
/**
* ajoute un item à la queue
* @param $unit_id
* @param $user_id
* @param $quantity
* @param $building_time
* @return array last added item
*/
public function add_to_queue($unit_id, $user_id, $quantity, $building_time)
{
$queue = $this->get_all_queues();
$position = count($queue);
if ($position < $this->get_queue_limit()) {
$sql = "INSERT INTO queue (unit_id, user_id, quantity, position, time_left) VALUES (:unit_id, {$user_id}, :quantity, {$position}, {$building_time} )";
$req = Db::prepare($sql);
$req->bindParam(':unit_id', $unit_id, PDO::PARAM_INT);
$req->bindParam(':quantity', $quantity, PDO::PARAM_INT);
$req->execute();
return ['id' => Db::getLastInsertId(), 'unit_id' => $unit_id, 'position' => $position, 'time_left' => $building_time, 'quantity' => $quantity];
}
return [];
}
/**
* @url POST register
* @url POST
*/
function postRegister($email, $password, $firstname, $lastname, $nickname, $phone, $birthdate, $school, $province, $level, $purpose, $avatarId)
{
//Hash password
$hash = password_hash($password, PASSWORD_DEFAULT);
$serial = sha1(uniqid());
$statement = "\n \t\tINSERT INTO user \n \t\t\t(email, role, hash, serial, firstname, lastname, nickname, phone, birthdate, school, province, level, purpose, avatarId)\n \t\tVALUE \n \t\t\t(:email, :role, :hash, :serial, :firstname, :lastname, :nickname, :phone, :birthdate, :school, :province, :level, :purpose, :avatarId)\n \t";
$bind = array('email' => $email, 'role' => 'student', 'hash' => $hash, 'serial' => $serial, 'firstname' => $firstname, 'lastname' => $lastname, 'nickname' => $nickname, 'phone' => $phone, 'birthdate' => $birthdate, 'school' => $school, 'province' => $province, 'level' => $level, 'purpose' => $purpose, 'avatarId' => $avatarId);
$count = \Db::execute($statement, $bind);
$userId = \Db::getLastInsertId();
\TTOMail::createAndSendAdmin('A new user registered', json_encode($bind));
\TTOMail::createAndSend(ADMINEMAIL, \TTO::getEmail(), 'You have registered to Too Tutor Online', 'Your serial number : ' + $serial);
$response = new \stdClass();
$response->count = $count;
$response->userId = $last_insert_id;
return $response;
}
/**
* @url POST
* @url POST /user/{userId}
*/
protected function addSection($courseId, $name, $description, $seq, $userId = null)
{
if (\TTO::getRole() == 'admin') {
$statement = '
INSERT INTO section (courseId, name, description, seq)
VALUES (:courseId, :name, :description, :seq)
';
$bind = array('courseId' => $courseId, 'name' => $name, 'description' => $description, 'seq' => $seq);
\Db::execute($statement, $bind);
$sectionId = \Db::getLastInsertId();
$statement = 'SELECT * FROM section WHERE sectionId = :sectionId';
$bind = array('sectionId' => $sectionId);
return \Db::getRow($statement, $bind);
} else {
throw new RestException(401, 'No Authorize or Invalid request !!!');
}
}
/** ajout d'un utilisateur à la base et auto login
* @param $pseudo String pseudo unique
* @param $pass String pass non encodé
* @return string
*/
public static function add_user($pseudo, $pass)
{
if (!self::exists_in_database('pseudo', $pseudo, 'users')) {
$sql = "INSERT INTO users (pseudo, pass, last_refresh) VALUES (:pseudo, :pass, NOW())";
$req = Db::prepare($sql);
$req->bindValue(':pseudo', trim($pseudo), PDO::PARAM_STR);
$req->bindValue(':pass', sha1(trim($pass)), PDO::PARAM_STR);
$req->execute();
$user_id = Db::getLastInsertId();
// on crée la ligne des modifiers en fonction
Db::exec("INSERT INTO modifiers SET user_id = {$user_id}");
$_SESSION['user'] = ['pseudo' => htmlentities($pseudo), 'id' => $user_id];
$url = 'Location:' . _ROOT_ . 'empire';
header("{$url}");
die;
}
return "un utilisateur porte déjà ce nom";
}
function createProject()
{
$name = strval($_GET['project']);
if (empty($name)) {
return response('error', 'Empty project name');
}
$exist = Db::getValue('SELECT count(id) from projects where name= ?', $name);
if ($exist) {
return response('error', 'Project name already exist');
}
// Insert project
$data = array('name' => $name, 'status' => 'active');
Db::execute('INSERT INTO projects(name, status) VALUES(:name, :status)', $data);
$insertId = Db::getLastInsertId();
if ($insertId) {
return response('success', $insertId);
}
return response('error', 'Something went wrong! please try again.');
}
/**
* @url POST newcourseitem
*/
protected function postNewCourseItem($courseId, array $itemList)
{
if (\TTO::getRole() == 'admin') {
foreach ($itemList as $item) {
$statement = '
INSERT INTO course_item (courseId, itemId)
VALUES (:courseId, :itemId)
';
$bind = array('courseId' => $courseId, 'itemId' => $item['itemId']);
$row_insert = \Db::execute($statement, $bind);
$itemDetailId = \Db::getLastInsertId();
}
$response = new \stdClass();
$response->insert_status = 'done';
return $response;
} else {
throw new RestException(401, 'No Authorize or Invalid request !!!');
}
}
/**
* @url POST
* @url POST /user/{userId}
*/
protected function postNewOrder($userId, $coin, $bonus, $amount)
{
if ($userId == \TTO::getUserId() || \TTO::getRole() == 'admin') {
$statement = "\n INSERT INTO `order` (userId, coin, bonus, amount, status, bankId)\n VALUE (:userId, :coin, :bonus, :amount, :status, :bankId)\n ";
$bind = array('userId' => $userId, 'coin' => $coin, 'bonus' => $bonus, 'amount' => $amount, 'status' => 'order', 'bankId' => 1);
$row_insert = \Db::execute($statement, $bind);
\TTOMail::createAndSendAdmin('A user ordered coin', json_encode($bind));
if ($row_insert > 0) {
$last_insert_id = \Db::getLastInsertId();
$statement = 'SELECT * FROM `order` WHERE orderId = :orderId';
$bind = array('orderId' => $last_insert_id);
return \Db::getRow($statement, $bind);
} else {
throw new RestException(500, 'New Order Error !!!');
}
} else {
throw new RestException(401, 'No Authorize or Invalid request !!!');
}
}
/**
* @url POST newcommentdetail
*/
protected function postNewCommentDetail($commentHeaderId, $userId, $message)
{
if ($commentHeaderId <= 0) {
$statement = '
INSERT INTO comment_header () VALUES ()
';
\Db::execute($statement);
$commentHeaderId = \Db::getLastInsertId();
}
$statement = '
INSERT INTO comment_detail (comment_header_id, userId, message)
VALUES (:commentHeaderId, :userId, :message)
';
$bind = array('commentHeaderId' => $commentHeaderId, 'userId' => $userId, 'message' => $message);
\TTOMail::createAndSendAdmin('A user comment on an item', json_encode($bind));
\Db::execute($statement, $bind);
$response = new \stdClass();
$response->commentHeaderId = $commentHeaderId;
return $response;
}
function createCard()
{
global $config;
$title = strval($_GET['title']);
$type_id = strval($_GET['card_type']);
$projectId = strval($_GET['project']);
if (empty($title)) {
return response('error', 'Empty card title not allowed');
}
// Insert card
try {
$data = array('body' => $title, 'project_id' => $projectId, 'card_type_id' => $type_id, 'status_id' => $config['defaultStatus'], 'create_date' => time());
Db::execute("INSERT INTO cards(body, project_id, status_id, card_type_id, create_date)\n VALUES(:body, :project_id, :status_id, :card_type_id, :create_date)", $data);
$insertId = Db::getLastInsertId();
if ($insertId) {
return response('success', $insertId);
}
} catch (Exception $e) {
return response('error', $e->getMessage());
}
}
public function add()
{
$fields = $this->format_request();
$sql = "INSERT INTO {$this->table} SET {$fields['sql_params']}";
$req = Db::prepare($sql);
foreach ($fields['bind_params'] as $field) {
$req->bindParam($field['name'], $field['value'], $field['type']);
}
if ($req->execute()) {
return $this->id = Db::getLastInsertId();
}
throw new Exception("L'insertion de l'objet n'as pas fonctionné");
}
/**
* @url POST newitemdetail
*/
protected function postNewItemDetail($itemId, $seq, $itemTypeId, $code, $content, $isAction, $showOption)
{
if (\TTO::getRole() == 'admin') {
$statement = '
INSERT INTO item_detail (itemId, seq, itemTypeId, code, content, isAction, showOption)
VALUES (:itemId, :seq, :itemTypeId, :code, :content, :isAction, :showOption)
';
$bind = array('itemId' => $itemId, 'seq' => $seq, 'itemTypeId' => $itemTypeId, 'code' => $code, 'content' => $content, 'isAction' => $isAction, 'showOption' => $showOption);
$row_insert = \Db::execute($statement, $bind);
$itemDetailId = \Db::getLastInsertId();
$response = new \stdClass();
$response->itemDetailId = $itemDetailId;
return $response;
} else {
throw new RestException(401, 'No Authorize or Invalid request !!!');
}
}
function addStatus()
{
unset($_GET['action']);
try {
Db::execute("INSERT INTO status_names(name, WIP, serial)\n VALUES(:name, :WIP, (select max(id) from status_names) + 1)", $_GET);
response('success', Db::getLastInsertId());
} catch (Exception $e) {
response('error', $e->getMessage());
}
}
/**
* @url POST
* @url POST user/{userId}
*/
protected function addTask($sectionId, $code, $content, $seq, $taskTypeId, $userId = null)
{
if (\TTO::getRole() == 'admin') {
$statement = '
INSERT INTO task (sectionId, code, content, seq, taskTypeId)
VALUES (:sectionId, :code, :content, :seq, :taskTypeId)
';
$bind = array('sectionId' => $sectionId, 'code' => $code, 'content' => $content, 'seq' => $seq, 'taskTypeId' => $taskTypeId);
\Db::execute($statement, $bind);
$taskId = \Db::getLastInsertId();
$statement = 'SELECT * FROM task WHERE taskId = :taskId';
$bind = array('taskId' => $taskId);
return \Db::getRow($statement, $bind);
} else {
throw new RestException(401, 'No Authorize or Invalid request !!!');
}
}
public function testGetLastInsertIdCallsPdo()
{
$this->mockPdo->expects($this->once())->method('lastInsertId');
$this->db->getLastInsertId();
}