Updates the name and notes field for a give object in a set.
Accepts POST data.
$_POST['obj_id'] -- The ID number of the object
$_POST['set_id'] -- The ID number of the set containing the object
$_POST['objectName'] -- The new object name
$_POST['objectDesc'] -- The new object notes (legacy name = description)
*/
require_once "../../libs/env.php";
require_once "../../libs/utils.php";
$response = array();
$response['error'] = False;
$response['msg'] = array();
// If the right POST params are not present, do nothing
if (isset($_POST['objectName']) && isset($_POST['objectDesc']) && isset($_POST['set_id']) && isset($_POST['obj_id'])) {
$_POST['objectNameobjectName'] = cleanFormData($_POST['objectName']);
$_POST['objectDesc'] = cleanFormDataAllowHTML($_POST['objectDesc']);
// Query DB
$sql = "UPDATE set_objs SET notes = " . $db->quote($_POST['objectDesc'], 'text') . ", name = " . $db->quote($_POST['objectName'], 'text') . " WHERE set_id = " . $db->quote($_POST['set_id'], 'integer') . " AND obj_id = " . $db->quote($_POST['obj_id'], 'integer') . " LIMIT 1";
$res =& $db->exec($sql);
if (PEAR::isError($res)) {
$response['error'] = True;
array_push($response['msg'], $res->getMessage());
} else {
$response['objectName'] = $_POST['objectName'];
$response['objectDesc'] = $_POST['objectDesc'];
}
} else {
$response['error'] = True;
array_push($response['msg'], "Invalid params in the post vars.");
}
// print JSON
/*
Updates the title and description fields for a given set.
Accepts POST data.
$_POST['set_id'] -- The ID number of the set to be updated
$_POST['setTitle'] -- The new set name
$_POST['setDesc'] -- The new set description
$_POST['policy'] -- The new set policy
*/
require_once "../../libs/env.php";
require_once "../../libs/utils.php";
$response = array("success" => false, "msg" => "Did not receive the right vars", "setTitle" => "", "setDesc" => "", "policy" => "");
// If the right POST params are not present, do nothing
if (isset($_POST['setTitle']) && isset($_POST['setDesc']) && isset($_POST['set_id']) && isset($_POST['policy'])) {
$_POST['setTitle'] = cleanFormData($_POST['setTitle']);
$_POST['setDesc'] = cleanFormDataAllowHTML($_POST['setDesc']);
if (!($_POST['policy'] == "public" || $_POST['policy'] == "private")) {
$_POST['policy'] = "private";
}
// Query DB
$sql = "UPDATE sets SET description = " . $db->quote($_POST['setDesc'], 'text') . ", name = " . $db->quote($_POST['setTitle'], 'text') . ", policy = " . $db->quote($_POST['policy'], 'text') . " WHERE id = " . $db->quote($_POST['set_id'], 'integer') . " LIMIT 1";
$res =& $db->exec($sql);
if (PEAR::isError($res)) {
$response['success'] = false;
$response['msg'] = "Error updating database.";
} else {
$response['success'] = true;
$response['msg'] = "Set successfully updated.";
$response['setTitle'] = $_POST['setTitle'];
$response['setDesc'] = $_POST['setDesc'];
$response['policy'] = $_POST['policy'];
