harsh
/
ethics-canvas
разклонено от ADAPT/ethics-canvas


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253
							<?php
    /* Receives the email of the user, the name of the canvas and the date

        and stores it in the database with a randomly-generated canvas_id,

        that is returned.                                                */
    
    session_start();
    $params = array();
    parse_str($_POST['save_canvas'], $params);
    
    if(!array_key_exists('email_save_canvas', $params) OR
       !array_key_exists('name_save_canvas', $params) OR
       !array_key_exists('date_save_canvas', $params)) {
        echo 400; // Missing parameters
    }
    
    else {
        if(isset($_SESSION['canvas_id'])) {
            // Canvas already exists. Return canvas_id to overwrite JSON file.
            echo $_SESSION['canvas_id'];
        }
        else { // New canvas in the database
            // Retrieve user credentials
            $email = $params['email_save_canvas'];
            $canvas_name = $params['name_save_canvas'];
            $date = $params['date_save_canvas'];
            $canvas_id = $params['id_save_canvas'];
            
            require_once('../../php/db_utils.php');
            $conn = db_connect(); // Connect to the database
            
            // Check if the username already exists
            if(!($result = mysqli_query($conn, "SELECT name FROM user WHERE username = '$email'"))) {
                echo 400; // Wrong query
            }
            else if(mysqli_num_rows($result) != 1) { // User not registered or duplicated
                echo 401;
            }
            else {
                // User registered
                // Save this canvas
                
                if(!mysqli_query($conn, "INSERT INTO canvas (canvas_id, user_id, canvas_name, canvas_date) VALUES ('$canvas_id', '$email', '$canvas_name', '$date')")) {
                    echo 400; // Wrong query
                    echo " #Wrong query :/ ";
                }
                else { // Return canvas_id and save it in the current session
                    $_SESSION['canvas_id'] = $canvas_id;
                    echo $canvas_id;
                }
            }
        }
    }
?>