function handle_api(MyDB $db, $post)
{
if (!array_key_exists('action', $post)) {
die("Error: no api action given");
}
if (!array_key_exists('clean_acom_name', $post)) {
// no accommodation name given
die("Error: no api accommodation name given");
}
$acom = $db->getAccommodationFromCleanName($post['clean_acom_name']);
if ($acom === false) {
die("Error: invalid accommodation " . $post['clean_acom_name']);
}
$token_acom = $db->getAccommodationFromToken(@$_COOKIE[Inventeerio::COOKIE_NAME]);
if (!$token_acom || $token_acom['accom_id'] !== $acom['accom_id']) {
setcookie(Inventeerio::COOKIE_NAME, null, -1, '/');
// remove cookie, so the message won't come again
die("Error: invalid acom_token - Login again? (" . @$_COOKIE[Inventeerio::COOKIE_NAME] . ")");
}
if ($post['action'] == 'add') {
if (!array_key_exists('item_id', $post)) {
// no accommodation name given
die("Error: no api item given");
}
if ($post['item_id'] == -1) {
// CREATE new item
if (!array_key_exists('item_name', $post)) {
// no accommodation name given
die("Error: no item name given");
}
$new_name = $post['item_name'];
if (strlen($new_name) > 50) {
// max length
die("Error: name too long");
}
$item_id = $db->createItem($new_name);
if ($item_id == -1) {
die("Error: create item failed");
}
} else {
$item = $db->getItemFromId($post['item_id']);
if (!$item) {
die("Error: invalid api item " . $post['item_id']);
}
$item_id = $item['item_id'];
}
//TODO: handle duplicates
$new_id = $db->addRequest($acom['accom_id'], $item_id);
if ($new_id >= 0) {
echo "success[{$new_id}]";
} else {
die("Error: insert failed");
}
} else {
if ($post['action'] == 'delete') {
if (!array_key_exists('request_id', $post)) {
// no accommodation name given
die("Error: no api request_id given");
}
$item = $db->getItemFromId($post['request_id']);
if (!$item) {
die("Error: invalid api request_id " . $post['request_id']);
}
if ($db->removeRequest($post['request_id']) > 0) {
echo "success";
} else {
die("Error: delete failed");
}
} else {
die("Error: unknown api action " . $post['action']);
}
}
}
