Commit 33b364a7 authored by Stephane Crozat's avatar Stephane Crozat

Empêchement de l'inscription à une nouvelle Api une semaine S1 si validation...

Empêchement de l'inscription à une nouvelle Api une semaine S1 si validation antérieure d'une Api cette même semaine S1, par URL
parent 7cda02e4
......@@ -66,7 +66,7 @@ else {
if (isset($_GET['api']) && $admin->isActive()) {
if (isset($_GET['action'])) {
if ($_GET['action']=='sub') {
$db->subToApi($_SESSION['utclogin'], $_GET['api']);
$db->subToApi($admin, $_SESSION['utclogin'], $_GET['api']);
}
elseif ($_GET['action']=='unsub') {
$db->unsubToApi($_SESSION['utclogin'], $_GET['api']);
......
......@@ -38,18 +38,37 @@ class DB {
return $res;
}
public function subToApi($utclogin, $api) {
$today = date('Ymd');
$sql = 'INSERT INTO subscribe(utclogin, api, subdate) VALUES (:utclogin, :api, :today)';
public function subToApi($admin, $utclogin, $api) {
// Case 1 : Student had not yet subscribe to this Api and no other Api is validated same week, insertion expected to work
// Case 2 : Student had already subscribe to this Api, key constraint will prevent from adding new record, so, if subscription has been unvalidated it will remain so AND is_available test will block inserting before previous rule anyway
// Case 3 : Student had not subscribe to this Api, but another Api has been validated same week, insertion expected to fail (test with is_avaiblable)
$sql = 'SELECT is_available(:utclogin, week, year) AS is_available
FROM vapi
WHERE semester=:semester AND year=:year AND id=:api' ;
$st = $this->conn->prepare($sql);
$st->bindValue(':utclogin',$utclogin,PDO::PARAM_STR);
$st->bindValue(':api',$api,PDO::PARAM_INT);
$st->bindValue(':today',$today,PDO::PARAM_STR);
$res = $st->execute();
return $res;
$st->bindValue(':semester',$admin->activeSemester(),PDO::PARAM_STR);
$st->bindValue(':year',$admin->activeYear(),PDO::PARAM_INT);
$st->bindValue(':utclogin',$utclogin,PDO::PARAM_STR);
$st->execute();
$res = $st->fetch(PDO::FETCH_ASSOC);
if ($res['is_available']) {
$today = date('Ymd');
$sql = 'INSERT INTO subscribe(utclogin, api, subdate) VALUES (:utclogin, :api, :today)';
$st = $this->conn->prepare($sql);
$st->bindValue(':utclogin',$utclogin,PDO::PARAM_STR);
$st->bindValue(':api',$api,PDO::PARAM_INT);
$st->bindValue(':today',$today,PDO::PARAM_STR);
$res = $st->execute();
return $res;
}
else {
return null;
}
}
public function unsubToApi($utclogin, $api) {
#TODO add superpower to unsubscribe if admin
/** Testing validation IS NULL prevent from unsubscribing to validated Api **/
$sql = 'DELETE FROM subscribe WHERE utclogin=:utclogin AND api=:api AND validation IS NULL';
$st = $this->conn->prepare($sql);
......
......@@ -7,6 +7,7 @@ CREATE OR REPLACE FUNCTION unaccent_string(TEXT) RETURNS TEXT AS $$
$$ LANGUAGE SQL;
CREATE OR REPLACE FUNCTION is_available(TEXT, TEXT, TEXT) RETURNS BOOLEAN AS $$
/* Returns True if student has no api validated for same week and year */
DECLARE
student ALIAS FOR $1;
w ALIAS FOR $2;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment