li-dance-backoffice/backend/api/enroll/set.php

<?php
  header("Access-Control-Allow-Origin: *");
  header("Content-Type: application/json; charset=UTF-8");
  header("Access-Control-Allow-Methods: POST");
  header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");

	require_once('../../utils/config.php');
	require_once('../../utils/db.php');
	require_once('../../utils/tools.php');
	
  $authorization = $_SERVER["HTTP_AUTHORIZATION"];
  if(strcmp($authorization, INTERNAL_API_KEY) !== 0) {
    echo 'STOP TRYING TO STEAL MY DATA!';
    exit;
  }
 
  $method = $_SERVER['REQUEST_METHOD'];
  if ('POST' === $method) {
    parse_str(file_get_contents('php://input'), $_POST);
  }
 
	$connection = connect();

  $sid = intval($_POST["sid"]);
  $enrollments = json_decode($_POST["enrollments"]);

  if (!is_array($enrollments)) {
    die('No array provided');
  }


  if ($sid == -1) {
    $result = mysqli_query($connection, "SELECT MAX(sid) as maxid FROM li_students");
    if($result->num_rows !== 0) {
  	  $row = mysqli_fetch_object($result);
      $sid = $row->maxid;
    }
  }

  $querystr = "DELETE FROM li_enroll WHERE sid={$sid}";
  mysqli_query($connection, $querystr);

  foreach ($enrollments as $enrollment) {
  
    $cid = intval($enrollment->cid);
    $begin = escape($connection, $enrollment->begin);
    $end = escape($connection, $enrollment->end);
      
    if(empty($end)) { $end = '2100-01-01'; }
   
    $querystr = "INSERT INTO li_enroll VALUES({$cid}, {$sid}, '{$begin}', '{$end}')";
    mysqli_query($connection, $querystr);
  }
  
  echo json_encode('{ "result": "true" }');
?>
Add backend to repo 2024-03-04 16:07:16 +01:00			`<?php`
			`header("Access-Control-Allow-Origin: *");`
			`header("Content-Type: application/json; charset=UTF-8");`
			`header("Access-Control-Allow-Methods: POST");`
			`header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");`

			`require_once('../../utils/config.php');`
			`require_once('../../utils/db.php');`
			`require_once('../../utils/tools.php');`

Add authorization header Add api key protection for all endpoints Add registration list view 2024-05-04 02:41:04 +02:00			`$authorization = $_SERVER["HTTP_AUTHORIZATION"];`
Add registration and confirmation emails Fix minor bugs in registration 2024-05-20 18:13:17 +02:00			`if(strcmp($authorization, INTERNAL_API_KEY) !== 0) {`
Add authorization header Add api key protection for all endpoints Add registration list view 2024-05-04 02:41:04 +02:00			`echo 'STOP TRYING TO STEAL MY DATA!';`
			`exit;`
			`}`

Add backend to repo 2024-03-04 16:07:16 +01:00			`$method = $_SERVER['REQUEST_METHOD'];`
			`if ('POST' === $method) {`
			`parse_str(file_get_contents('php://input'), $_POST);`
			`}`

			`$connection = connect();`

			`$sid = intval($_POST["sid"]);`
			`$enrollments = json_decode($_POST["enrollments"]);`

			`if (!is_array($enrollments)) {`
			`die('No array provided');`
			`}`


			`if ($sid == -1) {`
			`$result = mysqli_query($connection, "SELECT MAX(sid) as maxid FROM li_students");`
			`if($result->num_rows !== 0) {`
			`$row = mysqli_fetch_object($result);`
			`$sid = $row->maxid;`
			`}`
			`}`

			`$querystr = "DELETE FROM li_enroll WHERE sid={$sid}";`
			`mysqli_query($connection, $querystr);`

			`foreach ($enrollments as $enrollment) {`

			`$cid = intval($enrollment->cid);`
			`$begin = escape($connection, $enrollment->begin);`
			`$end = escape($connection, $enrollment->end);`

			`if(empty($end)) { $end = '2100-01-01'; }`

			`$querystr = "INSERT INTO li_enroll VALUES({$cid}, {$sid}, '{$begin}', '{$end}')";`
			`mysqli_query($connection, $querystr);`
			`}`

			`echo json_encode('{ "result": "true" }');`
			`?>`