<?php /** * /subs/subjects_backend.php * @version 1.1 * @desc backend for subjects * @author Fándly Gergő Zoltán (fandlygergo@gmail.hu, systemtest.tk) * @copy 2017 Fándly Gergő Zoltán * License: Result Manager for managing results of students in bilingual school systems. Copyright (C) 2017 Fándly Gergő Zoltán This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. **/ try{ if(isset($_GET['list'])){ $filter="WHERE id<>0"; $filter_array=array(); if(isset($_POST['filter'])){ if(isset($_POST['f_search'])){ $filter.=" and (name_1 LIKE ? or name_2 LIKE ?)"; array_push($filter_array, "%".$_POST['f_search']."%", "%".$_POST['f_search']."%"); } } $sql=$db->prepare("SELECT id, name_1, name_2 FROM subjects ".$filter." ORDER BY name_1 ASC, name_2 ASC"); $sql->execute($filter_array); //print list echo " <table class=\"table\"> <thead> <tr> <th>".$lang['id']."</th> <th>".$lang['name_1']."</th> <th>".$lang['name_2']."</th> ".($_SESSION['accesslevel']>=3?"<th>".$lang['tools']."</th>":"")." </tr> </thead> <tbody> "; while($row=$sql->fetch(PDO::FETCH_ASSOC)){ echo " <tr> <td>".$row['id']."</td> <td>".$row['name_1']."</td> <td>".$row['name_2']."</td> ".($_SESSION['accesslevel']>=3?"<td> <button type=\"button\" onclick=\"subjectsEdit(".$row['id'].")\">".$lang['edit']."</button> <button type=\"button\" onclick=\"subjectsDelete(".$row['id'].", this)\">".$lang['delete']."</button> </td>":"")." </tr> "; } } if(isset($_POST['new'])){ $sql=$db->prepare("SELECT count(id) AS count FROM subjects WHERE name_1=:name_1 or name_2=:name_2"); $sql->execute(array(":name_1"=>$_POST['name_1'], ":name_2" =>$_POST['name_2'])); $res=$sql->fetch(PDO::FETCH_ASSOC); if($res['count']>0){ functions::setError(7); } else{ $sql=$db->prepare("INSERT INTO subjects (name_1, name_2) VALUES (:name_1, :name_2)"); $sql->execute(array(":name_1"=>$_POST['name_1'], ":name_2"=>$_POST['name_2'])); $res=$sql->rowCount(); if($res>0){ functions::setMessage(3); } else{ functions::setError(4); } } } if(isset($_POST['delete'])){ $sql=$db->prepare("DELETE FROM subjects WHERE id=:id"); $sql->execute(array(":id"=>$_POST['delete'])); $res=$sql->rowCount(); if($res>0){ functions::setMessage(4); } else{ functions::setError(4); } } if(isset($_GET['getdata'])){ $sql=$db->prepare("SELECT COUNT(id) AS count, id, name_1, name_2 FROM subjects WHERE id=:id"); $sql->execute(array(":id"=>$_GET['getdata'])); $res=$sql->fetch(PDO::FETCH_ASSOC); if($res['count']<1){ functions::setError(6); } else{ echo json_encode($res); } } if(isset($_POST['edit'])){ $sql=$db->prepare("SELECT COUNT(id) AS count FROM subjects WHERE id=:id"); $sql->execute(array(":id"=>$_POST['edit'])); $res=$sql->fetch(PDO::FETCH_ASSOC); if($res['count']<1){ functions::setError(6); } else{ $sql=$db->prepare("UPDATE subjects SET name_1=:name_1, name_2=:name_2 WHERE id=:id"); $sql->execute(array(":name_1"=>$_POST['name_1'], ":name_2"=>$_POST['name_2'], ":id"=>$_POST['edit'])); $res=$sql->rowCount(); if($res>0){ functions::setMessage(5); } else{ functions::setError(4); } } } } catch(Exception $e){ functions::setError(500); error_log($e); }