Added joinProject function in register_participants.inc.php, and added the api for it at /api/project/join

2011-02-18 19:19:56 +00:00 · 2011-02-18 19:19:56 +00:00 · e6dfe1c476
commit e6dfe1c476
parent c1d248dbd3
3 changed files with 52 additions and 4 deletions
--- a/api.php
+++ b/api.php
@ -39,7 +39,6 @@ $ret=array();

 $logPath = get_logpath();
 $fout = fopen("$logPath/api.log", "a");
-$t = date("Y-m-d H:i:s");
 fwrite($fout, " --- request at " . date("Y-m-d H:i:s") . " ---\n");
 fwrite($fout, "\$_GET = \n" . print_r($_GET, true) . "\n");
 fwrite($fout, "\$_POST = \n" . print_r($_POST, true) . "\n");
@ -971,8 +970,18 @@ switch($request[0]) {
 			*/
 			case 'join':
 				// this should let somone join a specific registration (think "team")
+				if(!(array_key_exists('registrations_id', $_POST) && array_key_exists('email', $_POST))){
 					$ret['status'] = "error";
-				$ret['error'] = $_GET['request'] . " functionality not yet implemented";
+					$ret['error'] = "Missing required parameters";
+					break;
+				}
+				$result = joinProject($_POST['registrations_id'], $_POST['email']);
+				if($result == "ok"){
+					$ret['status'] = "ok";
+				}else{
+					$ret['status'] = "error";
+					$ret['error'] = $result;
+				}
 			break;

 			/*	APIDOC: project/remove
--- a/register_participants.inc.php
+++ b/register_participants.inc.php
@ -702,12 +702,43 @@ function addProject($registrations_id){
 	//now query the one we just inserted
 	$q = mysql_query("SELECT * FROM projects WHERE registrations_id='$registrations_id' AND conferences_id='{$conference['id']}'");
 	if(mysql_error()) {
-		$returnval = "register_participants.inc.php::addProject -> " . $returnval;
+		$returnval = "register_participants.inc.php::addProject -> " . mysql_error();
 	}else{
 		$returnval = mysql_fetch_assoc($q);
 	}
 	return $returnval;
 }

+// join an existing project
+// perhaps a bit of a misnomer as it's actually the registration that's being joined, but meh.
+// return 'ok' on success, error message on failure
+function joinProject($registrations_id, $email){
+	$uid = $_SESSION['users_id'];
+	if(getRegistrationsId($uid) !== null){
+		return 'register_participants.inc.php::joinProject -> you are already registered for a project';
+	}
+
+	// let's avoid an SQL naughtiness
+	$email = mysql_real_escape_string($email);
+	$registrations_id = intval($registrations_id);
+
+	$query = mysql_query("SELECT COUNT(*) as tally FROM registrations WHERE email = '$email' AND num = $registrations_id");
+	if(mysql_error()){
+		return "register_participants.inc.php::joinProject -> " . mysql_error();
+	}
+	$result = mysql_fetch_assoc($query);
+	if($result['tally'] != 1){
+		return "register_participants.inc.php::joinProject -> invalid email or registration id";
+	}
+
+	// ok, if we've made it this far, they've correctly added the info that we verify with.  Go ahead
+	// and add them to the registration
+	$result = mysql_query("UPDATE users SET registrations_id = $registrations_id WHERE id = $uid");
+	if(mysql_error()){
+		return "register_participants.inc.php::joinProject -> " . mysql_error();
+	}
+
+	return 'ok';
+}

 ?>
--- a/testapi.php
+++ b/testapi.php
@ -106,6 +106,14 @@ email address: <input type="text" name="email"></input><br/>
 <input type="submit" value="Create Account"></input>
 </form>

+<h2>Project related commands</h2>
+<h3>Join a project</h3>
+<form method = "post" action = "api/project/join">
+<label>project e-mail address:<input type="text" name="email"></input></label><br/>
+<label>registration id:<input type="text" name="registrations_id"></input></label><br/>
+<input type="submit" value="Join"></input>
+</form>
+
 <h2>Teacher Specific Commands</h2>
 <a href="api/scienceolympics/teams/list">Science Olympic Teams List</a><br />