function updateOrder($channel) { check_channel_privileges($channel['id'], AUTHOR); global $mysqli; $query = "UPDATE Channels SET viewIndex=? WHERE id=?"; /* Prepared statement, stage 1: prepare */ if (!($stmt = $mysqli->prepare($query))) { echo "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } $i = 0; $id = 0; /* Prepared statement, stage 2: bind and execute */ if (!$stmt->bind_param("ii", $i, $id)) { echo "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } foreach ($channel['channels'] as $subchannel) { $id = $subchannel['id']; if (!$stmt->execute()) { echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } $i++; } $stmt->close(); $query = "UPDATE ChannelUnits SET viewIndex=? WHERE channelId=? AND unitId=?"; /* Prepared statement, stage 1: prepare */ if (!($stmt = $mysqli->prepare($query))) { echo "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } $i = 0; $id = 0; $channelId = $channel['id']; /* Prepared statement, stage 2: bind and execute */ if (!$stmt->bind_param("iii", $i, $channelId, $id)) { echo "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } foreach ($channel['units'] as $unit) { $id = $unit['id']; if (!$stmt->execute()) { echo "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } $i++; } $stmt->close(); return $channel; }
function updateUnitParent($unit) { if (!isset($unit['parent']) || !isset($unit['id']) || !isset($unit['oldParent'])) { malformed_request('Missing parent, oldParent or id'); } check_channel_privileges($unit['parent'], AUTHOR); check_channel_privileges($unit['oldParent'], AUTHOR); deleteUnitFromChannel($unit['id'], $unit['oldParent']); addUnitToChannel($unit['id'], $unit['parent']); }