/** * update the "user_settings" table with changes to $a_settings * @$s_type The "type" column of the "user_settings" table, typically "server" * @$a_settings The settings to be updated, as an array(columnName=>values, ...) */ public function update_settings($s_type, $a_settings) { global $maindb; global $mysqli; if ($this->check_is_guest()) { return json_encode(array(new command("error", "settings can\\'t be saved as a guest"))); } $query_string = 'SELECT `id` FROM `[database]`.`user_settings` WHERE ' . array_to_where_clause($a_settings) . ' AND `user_id`=\'[user_id]\' AND `type`=\'[type]\''; $query_vars = array("database" => $maindb, "user_id" => $this->id, "type" => $s_type, "table" => "user_settings"); $a_exists = db_query($query_string, $query_vars); if (count($a_exists) > 0) { return json_encode(array(new command("print success", "Settings already saved"))); } create_row_if_not_existing($query_vars); $a_current = db_query("SELECT * FROM `[database]`.`[table]` WHERE `user_id`='[user_id]' AND `type`='server'", $query_vars); $query_string = 'UPDATE `[database]`.`[table]` SET ' . array_to_update_clause($a_settings) . ' WHERE `user_id`=\'[user_id]\' AND `type`=\'[type]\''; db_query($query_string, array_merge($a_settings, $query_vars)); if ($mysqli->affected_rows == 0) { return json_encode(array(new command("print failure", "Failed to save settings"))); } else { $this->updateSpecialSettings($a_settings, $a_current[0]); return json_encode(array(new command("print success", "Settings saved successfully. Next time you log in these settings will take effect."))); } }
function share_custom_class($sem, $year, $crn, $accesses, $username) { // get some common values global $global_user; global $maindb; $semester = get_real_semester($sem, $year); $year = get_real_year($sem, $year); $accesses = "r{$accesses}"; // check for permissions if (!user_has_custom_access($global_user, $accesses, $crn, $year, $semester)) { return json_encode(array(new command("failure", "Error: you don't have permission to share this class like that."))); } // check that the class and user exist $a_query = db_query("SELECT `id` FROM `{$maindb}`.`students` WHERE `username`='[username]' AND `disabled`='0'", array("username" => $username)); if ($a_query === FALSE || count($a_query) == 0) { return json_encode(array(new command("failure", "Error: can't find that banwebplus username to share with."))); } $i_user_id = (int) $a_query[0]['id']; $a_user_accesses = get_user_accesses($crn, $semester, $year); if ($a_user_accesses == NULL) { return json_encode(array(new command("failure", "Error: can't find that class to share."))); } // compute the new user accesses $s_access_to_assign = $accesses; // if the assignee already has access and the access is being modified if (isset($a_user_accesses[$i_user_id])) { // the current user doesn't have write access if (strpos($a_user_accesses[(int) $global_user->get_id()], "w") === FALSE) { // the assignee does have write access if (strpos($a_user_accesses[$i_user_id], "w") !== FALSE) { // trying to grant share access if (strpos($accesses, "x") !== FALSE) { $s_access_to_assign = "rwx"; } else { $s_access_to_assign = "rw"; } } } } $s_access_to_assign = "{$s_access_to_assign}|{$i_user_id}"; $a_user_accesses[$i_user_id] = $s_access_to_assign; $s_all_accesses = implode(",", $a_user_accesses); $s_all_accesses .= ","; // share the class $a_where_vars = array("subject" => "CUSTOM", "crn" => $crn, "semester" => $semester, "year" => $year); $s_where_clause = array_to_where_clause($a_where_vars); $a_update_vars = array("user_ids_with_access" => $s_all_accesses); $s_update_clause = array_to_update_clause($a_update_vars); $a_query = db_query("UPDATE `{$maindb}`.`classes` SET {$s_update_clause} WHERE {$s_where_clause}", array_merge($a_update_vars, $a_where_vars)); if ($a_query == FALSE) { return json_encode(array(new command("failure", "Failed to update database."))); } return json_encode(array(new command("success", ""))); }
function saveData($s_semester, $s_year, $a_data_to_save, $a_keys, $s_primary_key, $s_table, $exclude_comparison_columns = NULL, $a_searchby = NULL) { global $maindb; global $mysqli; // compiles the keys $s_keylist = "`" . implode("`,`", $a_keys) . "`"; $a_exclude_comparison_columns = array(); if ($exclude_comparison_columns !== NULL && count($exclude_comparison_columns) > 0) { foreach ($exclude_comparison_columns as $k => $v) { $a_exclude_comparison_columns[$v] = 0; } } // load existing data from the database // loads them each as an "primary_key"=>array("key"=>value, ...) $a_searchby = $a_searchby === NULL ? array() : $a_searchby; $a_searchby = array_merge(array("semester" => $s_semester, "year" => $s_year), $a_searchby); if ($s_table == "classes") { $a_searchby = array_merge(array("user_ids_with_access" => ""), $a_searchby); } $s_where_clause = array_to_where_clause($a_searchby); $db_data_loaded = db_query("SELECT {$s_keylist} FROM `{$maindb}`.`{$s_table}` WHERE {$s_where_clause} ORDER BY `{$s_primary_key}`", $a_searchby); $s_where_clause = $s_where_clause == "" ? "" : "AND {$s_where_clause}"; $db_data = array(); foreach ($db_data_loaded as $db_row) { $db_data[$db_row[$s_primary_key]] = $db_row; } // determine what data has not already been saved, // and which should be removed $data_to_add = array(); $data_to_remove = array(); $data_to_change = array(); foreach ($a_data_to_save as $k => $a_row) { $primary_value = $a_row[$s_primary_key]; // decided if it should be changed or inserted $row_exists = FALSE; if (isset($db_data[$primary_value])) { $row_exists = TRUE; // build the comparison for updating if (count($a_exclude_comparison_columns) == 0) { $s_db_row = implode(",", $db_data[$primary_value]); $s_tosave_row = implode(",", $a_row); } else { $a_row1 = array_diff_key($db_data[$primary_value], $a_exclude_comparison_columns); $a_row2 = array_diff_key($a_row, $a_exclude_comparison_columns); $s_db_row = implode(",", $a_row1); $s_tosave_row = implode(",", $a_row2); } // compare for updates if ($s_db_row != $s_tosave_row) { $data_to_change[$primary_value] = $a_row; } } if (!$row_exists) { // should be added $data_to_add[$primary_value] = $a_row; } else { unset($db_data[$primary_value]); } unset($a_data_to_save[$primary_value]); } foreach ($db_data as $primary_value => $a_db_row) { // delete everything else $data_to_remove[$primary_value] = $primary_value; unset($db_data[$primary_value]); } echo "update: " . count($data_to_change) . "\ndelete: " . count($data_to_remove) . "\ninsert: " . count($data_to_add) . "\n"; // change, then remove, then add foreach ($data_to_change as $a_row) { $s_update_clause = array_to_update_clause($a_row); $success = db_query("UPDATE `{$maindb}`.`{$s_table}` SET {$s_update_clause} WHERE `{$s_primary_key}`='[{$s_primary_key}]' {$s_where_clause}", array_merge($a_searchby, $a_row)); if ($success === FALSE) { echo $mysqli->error() . "\n"; } } foreach ($data_to_remove as $primary_value) { $success = db_query("DELETE FROM `{$maindb}`.`{$s_table}` WHERE `{$s_primary_key}`='[{$s_primary_key}]' {$s_where_clause}", array_merge($a_searchby, array("{$s_primary_key}" => $primary_value))); if ($success === FALSE) { echo $mysqli->error() . "\n"; } } foreach ($data_to_add as $a_row) { $a_row = array_merge($a_row, array("year" => $s_year, "semester" => $s_semester)); $s_insert_clause = array_to_insert_clause($a_row); $success = db_query("INSERT INTO `{$maindb}`.`{$s_table}` {$s_insert_clause}", $a_row); if ($success === FALSE) { echo $mysqli->error() . "\n"; } } }
function create_row_if_not_existing($a_vars, $b_print_queries = FALSE) { // get the database, table, and properties $database = $a_vars['database']; $table = $a_vars['table']; $a_properties = $a_vars; foreach ($a_properties as $k => $v) { if (in_array($k, array('database', 'table'))) { unset($a_properties[$k]); } } if (count($a_properties) == 0) { return FALSE; } // get the where and set strings $s_where = array_to_where_clause($a_properties); $s_set = array_to_set_clause($a_properties); // check if it exists $s_query_string = "SELECT `id` FROM `[database]`.`[table]` WHERE {$s_where}"; $a_query_vars = array("database" => $database, "table" => $table); $a_result = db_query($s_query_string, $a_query_vars, $b_print_queries); if ($a_result !== NULL) { if (count($a_result) == 0) { $s_query_string = "INSERT INTO `[database]`.`[table]` {$s_set}"; $a_query_vars = array_merge($a_properties, array("database" => $database, "table" => $table)); $a_result = db_query($s_query_string, $a_query_vars, $b_print_queries); return TRUE; } } return FALSE; }