56 lines
1.6 KiB
PHP
56 lines
1.6 KiB
PHP
<?php
|
|
header("Access-Control-Allow-Origin: *");
|
|
header("Content-Type: application/json; charset=UTF-8");
|
|
header("Access-Control-Allow-Methods: POST");
|
|
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
|
|
|
|
require_once('../../utils/config.php');
|
|
require_once('../../utils/db.php');
|
|
require_once('../../utils/tools.php');
|
|
|
|
$authorization = $_SERVER["HTTP_AUTHORIZATION"];
|
|
if(strcmp($authorization, INTERNAL_API_KEY) !== 0) {
|
|
echo 'STOP TRYING TO STEAL MY DATA!';
|
|
exit;
|
|
}
|
|
|
|
$method = $_SERVER['REQUEST_METHOD'];
|
|
if ('POST' === $method) {
|
|
parse_str(file_get_contents('php://input'), $_POST);
|
|
}
|
|
|
|
$connection = connect();
|
|
|
|
$sid = intval($_POST["sid"]);
|
|
$enrollments = json_decode($_POST["enrollments"]);
|
|
|
|
if (!is_array($enrollments)) {
|
|
die('No array provided');
|
|
}
|
|
|
|
|
|
if ($sid == -1) {
|
|
$result = mysqli_query($connection, "SELECT MAX(sid) as maxid FROM li_students");
|
|
if($result->num_rows !== 0) {
|
|
$row = mysqli_fetch_object($result);
|
|
$sid = $row->maxid;
|
|
}
|
|
}
|
|
|
|
$querystr = "DELETE FROM li_enroll WHERE sid={$sid}";
|
|
mysqli_query($connection, $querystr);
|
|
|
|
foreach ($enrollments as $enrollment) {
|
|
|
|
$cid = intval($enrollment->cid);
|
|
$begin = escape($connection, $enrollment->begin);
|
|
$end = escape($connection, $enrollment->end);
|
|
|
|
if(empty($end)) { $end = '2100-01-01'; }
|
|
|
|
$querystr = "INSERT INTO li_enroll VALUES({$cid}, {$sid}, '{$begin}', '{$end}')";
|
|
mysqli_query($connection, $querystr);
|
|
}
|
|
|
|
echo json_encode('{ "result": "true" }');
|
|
?>
|