aboutsummaryrefslogtreecommitdiff
path: root/edit.php
blob: 713a7a515cdb84aa5fb2e7a8f55b6bf232de924c (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
<?php
session_start();

function clear_input($data) {
  $data = trim($data);
  $data = stripslashes($data);
  $data = htmlspecialchars($data);
  return $data;
}

if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_SESSION['admin']) && $_SESSION['admin'] == true) {
	try {
		$user = "yota_admin";
		$password = "quaequaquagh6ahwoh6Chahx1EiFooGh";
		$database = "yota_call_db";
		$conn = new PDO("mysql:host=localhost;dbname=$database", $user, $password);
		$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
	} catch (PDOException $e) {
		echo "Error: " . $e->getMessage();
	}

	try {
		$recvData = json_decode(file_get_contents("php://input"));
		$recvData.id = clear_input($recvData.id);
		$recvData.approved = clear_input($recvData.approved);
		$recvData.specialCall = clear_input($recvData.specialCall);
		$recvData.fromTime = clear_input($recvData.fromTime);
		$recvData.toTime = clear_input($recvData.toTime);
		$recvData.frequencies = clear_input($recvData.frequencies);
		$recvData.modes = clear_input($recvData.modes);
		$recvData.operatorCall = clear_input($recvData.operatorCall);
		$recvData.operatorName = clear_input($recvData.operatorName);
		$recvData.operatorEmail = clear_input($recvData.operatorEmail);
		$recvData.operatorPhone = clear_input($recvData.operatorPhone);
		$recvData.qso = clear_input($recvData.qso);
	} catch {
		die("Can't decode JSON!");
	}

	try {
		if ($recvData->action == "update") {
			$sql = "UPDATE activities SET 
				approved=:approved, 
				specialCall=:specialCall, 
				fromTime=:fromTime, 
				toTime=:toTime, 
				frequencies=:frequencies, 
				modes=:modes, 
				operatorCall=:operatorCall, 
				operatorName=:operatorName, 
				operatorEmail=:operatorEmail, 
				operatorPhone=:operatorPhone, 
				qso=:qso 
				WHERE id=:id";

      $stmt = $conn->prepare($sql);
      $stmt->bindParam(':approved', 			$recvData.approved);
      $stmt->bindParam(':specialCall', 		$recvData.specialCall);
      $stmt->bindParam(':fromTime', 			$recvData.fromTime);
      $stmt->bindParam(':toTime', 				$recvData.toTime);
      $stmt->bindParam(':frequencies', 		$recvData.frequencies);
      $stmt->bindParam(':modes', 					$recvData.modes);
      $stmt->bindParam(':operatorCall', 	$recvData.operatorCall);
      $stmt->bindParam(':operatorName', 	$recvData.operatorName);
      $stmt->bindParam(':operatorEmail', 	$recvData.operatorEmail);
      $stmt->bindParam(':operatorPhone', 	$recvData.operatorPhone);
      $stmt->bindParam(':qso', 						$recvData.qso);
      $stmt->execute();

			$sendData->action=$recvData.action;
			echo json_encode($sendData);

		} else if ($recvData->action == "restore") {

			$stmt = $conn->prepare("SELECT * FROM activities WHERE id=:id");
			$stmt->bindParam(':id', $recvData.id);
			$stmt->execute();
			$row = $stmt->fetch();

			$sendData->action=$recvData->action;
			$sendData->id=$row.id;
			$sendData->approved=$row.approved;
			$sendData->specialCall=$row.specialCall;
			$sendData->fromTime=$row.fromTime;
			$sendData->toTime=$row.toTime;
			$sendData->frequencies=$row.frequencies;
			$sendData->modes=$row.modes;
			$sendData->operatorCall=$row.operatorCall;
			$sendData->operatorName=$row.operatorName;
			$sendData->operatorEmail=$row.operatorEmail;
			$sendData->operatorPhone=$row.operatorPhone;
			$sendData->qso=$row.qso;

			echo json_encode($sendData);

		} else if ($recvData->action == "delete") {
			$stmt = $conn->prepare("DELETE FROM activities WHERE id=:id");
			$stmt->bindParam(':id', $recvData.id);
			$stmt->execute();

			$sendData->action=$recvData.action;
			echo json_encode($sendData);
		}
	} catch ( Exception $e ) {
		if ( $e instanceof PDOException )
			echo "Error: " . $e->getMessage();
		else
			echo "Error in action handling!";
	}
}