forked from science-ation/science-ation
dd api for managing science olympics teams
This commit is contained in:
james
parent
de564f3c55
commit
d01a3088b7
71
api.php
71
api.php
@ -98,6 +98,8 @@ switch($request[0]) {
|
||||
unset($_SESSION['accounts_id']);
|
||||
unset($_SESSION['superuser']);
|
||||
unset($_SESSION['roles']);
|
||||
unset($_SESSION['users_id']);
|
||||
unset($_SESSION['name']);
|
||||
$ret['status']="ok";
|
||||
}
|
||||
break;
|
||||
@ -119,13 +121,26 @@ switch($request[0]) {
|
||||
}
|
||||
|
||||
break;
|
||||
case "so":
|
||||
api_user_auth_required('teacher');
|
||||
case "scienceolympics":
|
||||
$chk=api_user_auth_required('teacher');
|
||||
if($chk['status']!="ok") {
|
||||
$ret['status']="error";
|
||||
$ret['error']=$chk['error'];
|
||||
break;
|
||||
}
|
||||
$u=user_load($_SESSION['users_id']);
|
||||
if(!$u['schools_id']) {
|
||||
$ret['status']="error";
|
||||
$ret['error']='Your teacher account is not attached to any school';
|
||||
break;
|
||||
}
|
||||
$school_id=$u['schools_id'];
|
||||
|
||||
require_once("so_teams.inc.php");
|
||||
switch($request[1]) {
|
||||
case "teams":
|
||||
switch($request[2]) {
|
||||
case "list":
|
||||
$u=user_load($_SESSION['users_id']);
|
||||
$q=mysql_query("SELECT id,name FROM so_teams WHERE schools_id='{$u['schools_id']}' AND conferences_id='{$conference['id']}'");
|
||||
$ret['status']='ok';
|
||||
$teams=array();
|
||||
@ -135,27 +150,59 @@ switch($request[0]) {
|
||||
$ret['teams']=$teams;
|
||||
break;
|
||||
case "add":
|
||||
$ret['status']='error';
|
||||
$ret['error']='not implemented yet';
|
||||
if($_POST['teamname']) {
|
||||
if(so_team_add($school_id,$conference['id'],$_POST['teamname'])) {
|
||||
$ret['status']="ok";
|
||||
}
|
||||
else {
|
||||
$ret['status']='error';
|
||||
$ret['error']='could not add team';
|
||||
}
|
||||
} else {
|
||||
$ret['status']='error';
|
||||
$ret['error']='teamname (varchar 64) is required';
|
||||
}
|
||||
break;
|
||||
case "edit":
|
||||
$ret['status']='error';
|
||||
$ret['error']='not implemented yet';
|
||||
if($_POST['id'] && $_POST['teamname']) {
|
||||
if(so_team_edit($school_id,$_POST['id'],$_POST['teamname'])) {
|
||||
$ret['status']="ok";
|
||||
}
|
||||
else {
|
||||
$ret['status']='error';
|
||||
$ret['error']='could not edit team';
|
||||
}
|
||||
}
|
||||
else {
|
||||
$ret['status']='error';
|
||||
$ret['error']='id (integer), teamname (varchar 64) are required';
|
||||
}
|
||||
break;
|
||||
case "remove";
|
||||
$ret['status']='error';
|
||||
$ret['error']='not implemented yet';
|
||||
case "delete";
|
||||
if($_POST['id']) {
|
||||
if(so_team_delete($school_id,$_POST['id'])) {
|
||||
$ret['status']="ok";
|
||||
}
|
||||
else {
|
||||
$ret['status']='error';
|
||||
$ret['error']='could not delete team';
|
||||
}
|
||||
} else {
|
||||
$ret['status']='error';
|
||||
$ret['error']='id (integer) is required';
|
||||
}
|
||||
|
||||
break;
|
||||
default:
|
||||
$ret['status']="error";
|
||||
$ret['error']="invalid so/teams command ({$request[2]})";
|
||||
$ret['error']="invalid scienceolympics/teams command ({$request[2]})";
|
||||
break;
|
||||
|
||||
}
|
||||
break;
|
||||
default:
|
||||
$ret['status']="error";
|
||||
$ret['error']="invalid so command ({$request[1]})";
|
||||
$ret['error']="invalid scienceolympics command ({$request[1]})";
|
||||
break;
|
||||
}
|
||||
break;
|
||||
|
||||
@ -1,17 +1,18 @@
|
||||
<?php
|
||||
require_once('common.inc.php');
|
||||
require_once('user.inc.php');
|
||||
require_once("so_teams.inc.php");
|
||||
|
||||
if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'] && $conference['type'] == 'scienceolympics'){
|
||||
switch($_GET['action']){
|
||||
case 'saveNew':
|
||||
$teamName = mysql_real_escape_string($_POST['teamname']);
|
||||
$query = 'INSERT INTO so_teams (schools_id, conferences_id, name) VALUES (' . $_SESSION['schoolid'] . ', ' . $conference['id'] . ', "' . $teamName . '")';
|
||||
$success = mysql_query($query);
|
||||
$success = so_team_add($_SESSION['schoolid'], $conference['id'], $teamName);
|
||||
draw_page();
|
||||
break;
|
||||
case 'save':
|
||||
$success = false;
|
||||
$teamId = mysql_real_escape_string($_POST['teamId']);
|
||||
$teamId = intval($_POST['teamId']);
|
||||
$teamName = mysql_real_escape_string($_POST['teamname']);
|
||||
// a quick check to make sure the team being updated does indeed belong
|
||||
// to this school
|
||||
@ -20,10 +21,7 @@ if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'] && $conference['type']
|
||||
if($testResults['tally'] == 1){
|
||||
// ok, the team belongs to the school that this session belongs to. We can
|
||||
// can go ahead and save the changes.
|
||||
$query = 'UPDATE so_teams SET name="' . $teamName . '" ';
|
||||
$query .= 'WHERE schools_id=' . $_SESSION['schoolid'] . ' ';
|
||||
$query .= 'AND id=' . $teamId;
|
||||
$success = mysql_query($query);
|
||||
$success=so_team_edit($_SESSION['schoolid'],$teamId,$teamName);
|
||||
}
|
||||
if($success){
|
||||
happy_("Team successfully updated");
|
||||
@ -44,12 +42,7 @@ if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'] && $conference['type']
|
||||
if($testResults['tally'] == 1){
|
||||
// ok, the team belongs to the school that this session belongs to. We can
|
||||
// can go ahead and save the changes.
|
||||
$query = 'DELETE FROM so_teams ';
|
||||
$query .= 'WHERE schools_id=' . $_SESSION['schoolid'] . ' ';
|
||||
$query .= 'AND id=' . $teamId;
|
||||
if(mysql_query($query)){
|
||||
$success = true;
|
||||
}
|
||||
$success=so_team_delete($_SESSION['schoolid'],$teamId);
|
||||
}
|
||||
if($success){
|
||||
happy_("Team successfully deleted");
|
||||
|
||||
31
so_teams.inc.php
Normal file
31
so_teams.inc.php
Normal file
@ -0,0 +1,31 @@
|
||||
<?
|
||||
function so_team_add($schools_id, $conferences_id, $name) {
|
||||
$schools_id=intval($schools_id);
|
||||
$query = "INSERT INTO so_teams (schools_id, conferences_id, name) VALUES (
|
||||
".$schools_id.",
|
||||
".$conference['id'].",
|
||||
".mysql_real_escape_string($name)."'";
|
||||
|
||||
return mysql_query($query);
|
||||
}
|
||||
|
||||
function so_team_edit($schools_id, $team_id, $name) {
|
||||
$schools_id=intval($schools_id);
|
||||
$team_id=intval($team_id);
|
||||
$query = "UPDATE so_teams SET name='".mysql_real_escape_string($name)."'
|
||||
WHERE schools_id='".$schools_id."'
|
||||
AND id='".$team_id."'";
|
||||
return mysql_query($query);
|
||||
}
|
||||
|
||||
|
||||
function so_team_delete($schools_id,$team_id) {
|
||||
$schools_id=intval($schools_id);
|
||||
$team_id=intval($team_id);
|
||||
$query = "DELETE FROM so_teams WHERE schools_id='".$schools_id."'. AND id=".$team_id."'";
|
||||
return mysql_query($query);
|
||||
}
|
||||
|
||||
|
||||
|
||||
?>
|
||||
Loading…
Reference in New Issue
Block a user