-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmodQuestion.php
More file actions
112 lines (108 loc) · 2.75 KB
/
modQuestion.php
File metadata and controls
112 lines (108 loc) · 2.75 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
<?php
require 'dbConnect.php';
require 'validation.php';
$emailAddress;
$userID;
if (!isset($_REQUEST['userID']))
{
header("Status: 412 Precondition Failed");
die("Error");
}
$userID = $_REQUEST['userID'];
$con = makeSQLI();
if($con === false)
{
header("Status: 412 Precondition Failed");
die("Error");
}
if (isset($_GET['add']))
{
if(isset($_REQUEST['question'])
&& isset($_REQUEST['type'])
&& isset($_REQUEST['positive']))
{
$question = $_REQUEST['question'];
$type = $_REQUEST['type'];
$positive = $_REQUEST['positive'];
$sql = "INSERT INTO tb_user_questions (`fk_user_id`, `question` ,`type` ,`positive`)
VALUES (?, ?, ?, ?)";
if(!($stmt = $con->prepare($sql)))
{
header("Status: 412 Precondition Failed");
die("Error: " . $con->error);
}
$stmt->bind_param('isss', $userID, $question, $type, $positive);
if(!$stmt->execute())
{
header('', true, 409);
die("Error dup: " . $con->error);
}
//header('', true, 201);
header("Status: 201 Created");
echo $con->insert_id;
}
else
{
header("Status: 412 Precondition Failed");
die("Error with data.");
}
}
else if (isset($_GET['update']))
{
if (isset($_REQUEST['questionID'])
&& isset($_REQUEST['question'])
&& isset($_REQUEST['type'])
&& isset($_REQUEST['positive']))
{
$qID = $_REQUEST['questionID'];
$cleanQ = $con->escape_string($_REQUEST['question']);
$type = $_REQUEST['type'];
$positive = $_REQUEST['positive'];
$sql = "UPDATE tb_user_questions SET question = '". $cleanQ ."'
, type = '".$type."', positive = '". $positive ."'
WHERE fk_user_id = " . $userID .
" AND id = " . $qID;
if(!$result = $con->query($sql))
{
header("Status: 412 Precondition Failed");
die("Error: " . $con->error);
}
header("Status: 202 Accepted");
//echo $con->insert_id;
}
else
{
header("Status: 412 Precondition Failed");
die("Error with data.");
}
}
else if (isset($_GET['delete']))
{
if (isset($_REQUEST['questionID'])
&& isset($_REQUEST['question'])
&& isset($_REQUEST['type'])
&& isset($_REQUEST['positive']))
{
$qID = $_REQUEST['questionID'];
$cleanQ = $con->escape_string($_REQUEST['question']);
$type = $_REQUEST['type'];
$positive = $_REQUEST['positive'];
$sql = "DELETE FROM tb_user_questions WHERE question = '". $cleanQ .
"' AND type = '".$type."' AND positive = '". $positive .
"' AND fk_user_id = " . $userID .
" AND id = " . $qID;
if(!$result = $con->query($sql))
{
header("Status: 412 Precondition Failed");
die("Error: " . $con->error);
}
header("Status: 202 Accepted");
//echo $con->insert_id;
}
else
{
header("Status: 412 Precondition Failed");
die("Error with data.");
}
}
?>