2024-03-04 16:07:16 +01:00
|
|
|
<?php
|
|
|
|
header("Access-Control-Allow-Origin: *");
|
|
|
|
header("Content-Type: application/json; charset=UTF-8");
|
|
|
|
header("Access-Control-Allow-Methods: POST");
|
|
|
|
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
|
|
|
|
|
|
|
|
require_once('../../utils/config.php');
|
|
|
|
require_once('../../utils/db.php');
|
|
|
|
require_once('../../utils/strings.php');
|
|
|
|
|
2024-05-04 02:41:04 +02:00
|
|
|
$authorization = $_SERVER["HTTP_AUTHORIZATION"];
|
|
|
|
if(strcmp($authorization, API_KEY) !== 0) {
|
|
|
|
echo 'STOP TRYING TO STEAL MY DATA!';
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
2024-03-04 16:07:16 +01:00
|
|
|
$method = $_SERVER['REQUEST_METHOD'];
|
|
|
|
if ('POST' === $method) {
|
|
|
|
parse_str(file_get_contents('php://input'), $_POST);
|
|
|
|
}
|
|
|
|
|
|
|
|
$connection = connect();
|
|
|
|
|
|
|
|
$date = mysqli_real_escape_string($connection, $_POST["date"]);
|
|
|
|
$time = mysqli_real_escape_string($connection, $_POST["time"]);
|
|
|
|
|
|
|
|
$dow = (new DateTime($date))->format('w');
|
|
|
|
|
|
|
|
$querystr = "SELECT * FROM li_plan, li_courses
|
|
|
|
WHERE li_plan.cid=li_courses.cid
|
|
|
|
AND li_plan.day={$dow}
|
|
|
|
AND li_plan.begin < '{$time}'
|
|
|
|
AND li_plan.end > '{$time}'";
|
|
|
|
|
|
|
|
$result = mysqli_query($connection, $querystr);
|
|
|
|
if($result->num_rows !== 0) {
|
|
|
|
while ($row = mysqli_fetch_object($result)) {
|
|
|
|
|
|
|
|
$begin = new DateTime($row->begin);
|
|
|
|
$end = new DateTime($row->end);
|
|
|
|
|
|
|
|
$returnValue = (object) [
|
|
|
|
'cid' => $row->cid,
|
|
|
|
'name' => $row->name . ' ' . $row->description,
|
|
|
|
'date' => $date,
|
|
|
|
'begin' => $begin->format('H:i'),
|
|
|
|
'end' => $end->format('H:i'),
|
|
|
|
'students' => array()
|
|
|
|
];
|
|
|
|
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
$querystr = "SELECT *, 1 AS visited FROM li_enroll, li_students
|
|
|
|
WHERE li_enroll.sid = li_students.sid
|
|
|
|
AND li_enroll.cid = {$returnValue->cid}
|
|
|
|
AND li_enroll.begin <= '{$date}'
|
|
|
|
AND li_enroll.end >= '{$date}'
|
|
|
|
AND EXISTS(SELECT * FROM li_visits
|
|
|
|
WHERE li_visits.sid = li_enroll.sid
|
|
|
|
AND li_visits.cid = li_enroll.cid
|
|
|
|
AND li_visits.date = '{$date}')
|
|
|
|
UNION
|
|
|
|
SELECT *, 0 AS visited FROM li_enroll, li_students
|
|
|
|
WHERE li_enroll.sid = li_students.sid
|
|
|
|
AND li_enroll.cid = {$returnValue->cid}
|
|
|
|
AND li_enroll.begin <= '{$date}'
|
|
|
|
AND li_enroll.end >= '{$date}'
|
|
|
|
AND NOT EXISTS(SELECT * FROM li_visits
|
|
|
|
WHERE li_visits.sid = li_enroll.sid
|
|
|
|
AND li_visits.cid = li_enroll.cid
|
|
|
|
AND li_visits.date = '{$date}')
|
|
|
|
ORDER BY lastname, firstname";
|
|
|
|
|
|
|
|
$result2 = mysqli_query($connection, $querystr);
|
|
|
|
if($result2->num_rows !== 0) {
|
|
|
|
while ($row = mysqli_fetch_object($result2)) {
|
|
|
|
$student = (object) [
|
|
|
|
'sid' => $row->sid,
|
|
|
|
'firstname' => $row->firstname,
|
|
|
|
'lastname' => $row->lastname,
|
|
|
|
'visited' => $row->visited
|
|
|
|
];
|
|
|
|
|
|
|
|
array_push($returnValue->students, $student);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
mysqli_free_result($result);
|
|
|
|
|
|
|
|
echo json_encode($returnValue);
|
|
|
|
?>
|