<?php
/**
 * /subs/subjects_backend.php
 * @version 1.1
 * @desc backend for subjects
 * @author Fándly Gergő Zoltán (fandlygergo@gmail.hu, systemtest.tk)
 * @copy 2017 Fándly Gergő Zoltán
 * License:
    Result Manager for managing results of students in bilingual school systems.
    Copyright (C) 2017  Fándly Gergő Zoltán

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <https://www.gnu.org/licenses/>.
 **/

try{
    
    if(isset($_GET['list'])){
        $filter="WHERE id<>0";
        $filter_array=array();
        if(isset($_POST['filter'])){
            if(isset($_POST['f_search'])){
                $filter.=" and (name_1 LIKE ? or name_2 LIKE ?)";
                array_push($filter_array, "%".$_POST['f_search']."%", "%".$_POST['f_search']."%");
            }
        }
        
        $sql=$db->prepare("SELECT id, name_1, name_2 FROM subjects ".$filter." ORDER BY name_1 ASC, name_2 ASC");
        $sql->execute($filter_array);
        
        //print list
        echo "
        <table class=\"table\">
            <thead>
                <tr>
                    <th>".$lang['id']."</th>
                    <th>".$lang['name_1']."</th>
                    <th>".$lang['name_2']."</th>
                    ".($_SESSION['accesslevel']>=3?"<th>".$lang['tools']."</th>":"")."
                </tr>
            </thead>
            <tbody>
        ";
        while($row=$sql->fetch(PDO::FETCH_ASSOC)){
            echo "
            <tr>
                <td>".$row['id']."</td>
                <td>".$row['name_1']."</td>
                <td>".$row['name_2']."</td>
                ".($_SESSION['accesslevel']>=3?"<td>
                    <button type=\"button\" onclick=\"subjectsEdit(".$row['id'].")\">".$lang['edit']."</button>
                    <button type=\"button\" onclick=\"subjectsDelete(".$row['id'].", this)\">".$lang['delete']."</button>
                </td>":"")."
            </tr>
            ";
        }
    }
    
    if(isset($_POST['new'])){
        $sql=$db->prepare("SELECT count(id) AS count FROM subjects WHERE name_1=:name_1 or name_2=:name_2");
        $sql->execute(array(":name_1"=>$_POST['name_1'], ":name_2" =>$_POST['name_2']));
        $res=$sql->fetch(PDO::FETCH_ASSOC);
        
        if($res['count']>0){
            functions::setError(7);
        }
        else{
            $sql=$db->prepare("INSERT INTO subjects (name_1, name_2) VALUES (:name_1, :name_2)");
            $sql->execute(array(":name_1"=>$_POST['name_1'], ":name_2"=>$_POST['name_2']));
            $res=$sql->rowCount();
            if($res>0){
                functions::setMessage(3);
            }
            else{
                functions::setError(4);
            }
        }
    }
    
    if(isset($_POST['delete'])){
        $sql=$db->prepare("DELETE FROM subjects WHERE id=:id");
        $sql->execute(array(":id"=>$_POST['delete']));
        $res=$sql->rowCount();
        if($res>0){
            functions::setMessage(4);
        }
        else{
            functions::setError(4);
        }
    }
    
    if(isset($_GET['getdata'])){
        $sql=$db->prepare("SELECT COUNT(id) AS count, id, name_1, name_2 FROM subjects WHERE id=:id");
        $sql->execute(array(":id"=>$_GET['getdata']));
        $res=$sql->fetch(PDO::FETCH_ASSOC);
        if($res['count']<1){
            functions::setError(6);
        }
        else{
            echo json_encode($res);
        }
    }
    
    if(isset($_POST['edit'])){
        $sql=$db->prepare("SELECT COUNT(id) AS count FROM subjects WHERE id=:id");
        $sql->execute(array(":id"=>$_POST['edit']));
        $res=$sql->fetch(PDO::FETCH_ASSOC);
        
        if($res['count']<1){
            functions::setError(6);
        }
        else{
            $sql=$db->prepare("UPDATE subjects SET name_1=:name_1, name_2=:name_2 WHERE id=:id");
            $sql->execute(array(":name_1"=>$_POST['name_1'], ":name_2"=>$_POST['name_2'], ":id"=>$_POST['edit']));
            $res=$sql->rowCount();
            if($res>0){
                functions::setMessage(5);
            }
            else{
                functions::setError(4);
            }
        }
    }
    
}
catch(Exception $e){
    functions::setError(500);
    error_log($e);
}