コード例 #1
0
ファイル: program.php プロジェクト: RogerGee/abet1
                $assess = ABETAssessment::create('', $row['id'], null, $critId);
                $assess->add_general_content();
            }
            return array(OKAY, json_encode($row));
        });
        http_response_code($code);
        echo $json;
    }
} else {
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
        // verify fields
        static $fields = array('id', 'name', 'abbrv', 'semester', 'year', 'description');
        $a = array_map(function ($x) {
            if (!array_key_exists($x, $_POST)) {
                return null;
            }
            return !is_null($_POST[$x]) && $_POST[$x] !== '';
        }, $fields);
        if (($key = array_search(false, $a, false)) !== false) {
            if (is_null($a[$key])) {
                page_fail_with_reason(BAD_REQUEST, "missing field name");
            }
            page_fail_on_field(BAD_REQUEST, $fields[$key], 'value must have non-zero length');
        }
        // update the specified element
        $query = new Query(new QueryBuilder(UPDATE_QUERY, array('table' => 'program', 'updates' => array('name' => "s:{$_POST['name']}", 'abbrv' => "s:{$_POST['abbrv']}", 'semester' => "s:{$_POST['semester']}", 'year' => "i:{$_POST['year']}", 'description' => "s:{$_POST['description']}"), 'where' => 'id = ?', 'where-params' => array("i:{$_POST['id']}"), 'limit' => 1)));
        echo "{\"success\":true}";
    } else {
        page_fail(BAD_REQUEST);
    }
}
コード例 #2
0
ファイル: content.php プロジェクト: RogerGee/abet1
function create_file($gcId)
{
    // we must change the file permissions to rw-r--r-- so that mySQL can
    // read the uploaded file; this allows 'others' to read the file (beware!)
    chmod($_FILES['file']['tmp_name'], 0644);
    // perform update/select operations within a transaction
    list($code, $message) = Query::perform_transaction(function (&$rollback) use($gcId) {
        global $DATETIME_FORMAT;
        // create new file_upload entity
        $insert = new Query(new QueryBuilder(INSERT_QUERY, array('table' => 'file_upload', 'fields' => array('file_name', 'file_contents', 'file_comment', 'file_created', 'fk_author', 'fk_content_set'), 'values' => array(array("s:{$_FILES['file']['name']}", "l:LOAD_FILE('{$_FILES['file']['tmp_name']}')", "s:", "l:NOW()", "i:{$_SESSION['id']}", "i:{$gcId}")))));
        if (!$insert->validate_update()) {
            $rollback = true;
            return array(SERVER_ERROR, "failed to insert file_upload");
        }
        // select the newly created row from the DB, along with some info about the user
        $row = (new Query(new QueryBuilder(SELECT_QUERY, array('tables' => array('file_upload' => array('id', 'file_name', 'file_comment'), 1 => "DATE_FORMAT(file_created,'{$DATETIME_FORMAT}') file_created", 'userprofile' => array('first_name', 'last_name')), 'joins' => 'INNER JOIN userprofile ON userprofile.id = file_upload.fk_author', 'where' => 'file_upload.id = LAST_INSERT_ID()'))))->get_row_assoc();
        if (is_null($row)) {
            $rollback = true;
            return array(SERVER_ERROR, "could not retrieve inserted row");
        }
        // format the data for the client
        //   id, file_name, file_comment (empty), file_created, author (string)
        $entity = new stdClass();
        $entity->id = $row['id'];
        $entity->file_name = $row['file_name'];
        $entity->file_comment = $row['file_comment'];
        $entity->file_created = $row['file_created'];
        $entity->author = "{$row['first_name']} {$row['last_name']}";
        return array(OKAY, json_encode($entity));
    });
    if ($code != OKAY) {
        page_fail_with_reason($code, $message);
    }
    return $message;
}