public static function createGuess($firstName, $lastName, $mail, $weight) { // Make sure the name is valid if (!AccountUtils::isValidName($firstName) || !AccountUtils::isValidName($firstName)) { throw new Exception('The name is invalid.'); } // Make sure the mail is valid if (!AccountUtils::isValidMail($mail)) { throw new Exception('The mail is invalid.'); } // TODO: Validate the weight! // Get the session ID $sessionId = getSessionKey(); // Determine the creation date time $dateTime = DateTime::now(); // Get the guess IP $ip = IpUtils::getClientIp(); // Prepare a query for the picture being added $statement = Database::getPDO()->prepare('INSERT INTO ' . static::getDatabaseTableName() . ' (guess_session_id, guess_first_name, guess_last_name, guess_mail, guess_weight, guess_datetime, guess_ip) ' . 'VALUES (:session_id, :first_name, :last_name, :mail, :weight, :guess_datetime, :ip)'); $statement->bindValue(':session_id', $sessionId, PDO::PARAM_STR); $statement->bindValue(':first_name', $firstName, PDO::PARAM_STR); $statement->bindValue(':last_name', $lastName, PDO::PARAM_STR); $statement->bindValue(':mail', $mail, PDO::PARAM_STR); $statement->bindValue(':weight', $weight, PDO::PARAM_STR); // TODO: Use the UTC/GMT timezone! $statement->bindValue(':guess_datetime', $dateTime->toString(), PDO::PARAM_STR); $statement->bindValue(':ip', $ip, PDO::PARAM_STR); // Execute the prepared query if (!$statement->execute()) { throw new Exception('Failed to query the database.'); } // Get and return the guess instance return new Guess(Database::getPDO()->lastInsertId()); }
<?php use app\guess\GuessManager; use app\util\AccountUtils; // Initialize the ajax scripts require_once 'ajaxinit.php'; // Make sure all parameters are set if (!isset($_GET['guess_first_name']) || !isset($_GET['guess_last_name']) || !isset($_GET['guess_mail']) || !isset($_GET['guess_weight'])) { returnError("Received invalid data. Some parameters are missing."); } // Get all parameters $firstName = $_GET['guess_first_name']; $lastName = $_GET['guess_last_name']; $mail = $_GET['guess_mail']; $weight = $_GET['guess_weight']; // Make sure the full name is valid if (!AccountUtils::isValidName($firstName) || !AccountUtils::isValidName($lastName)) { returnError("Ongeldige naam."); } // Make sure the mail is valid if (!AccountUtils::isValidMail($mail)) { returnError("Ongeldig E-mail adres."); } // TODO: Make sure the guessed value is valid! if (!GuessManager::hasClientGuessesLeft()) { returnError("Maximum aantal schattingen overschreden."); } // Add the guess $guess = GuessManager::createGuess($firstName, $lastName, $mail, $weight); // Return the result with JSON returnJson(array('result' => 'success'));