Commit 33b364a7 authored by Stephane Crozat's avatar Stephane Crozat

Empêchement de l'inscription à une nouvelle Api une semaine S1 si validation...

Empêchement de l'inscription à une nouvelle Api une semaine S1 si validation antérieure d'une Api cette même semaine S1, par URL
parent 7cda02e4
...@@ -66,7 +66,7 @@ else { ...@@ -66,7 +66,7 @@ else {
if (isset($_GET['api']) && $admin->isActive()) { if (isset($_GET['api']) && $admin->isActive()) {
if (isset($_GET['action'])) { if (isset($_GET['action'])) {
if ($_GET['action']=='sub') { if ($_GET['action']=='sub') {
$db->subToApi($_SESSION['utclogin'], $_GET['api']); $db->subToApi($admin, $_SESSION['utclogin'], $_GET['api']);
} }
elseif ($_GET['action']=='unsub') { elseif ($_GET['action']=='unsub') {
$db->unsubToApi($_SESSION['utclogin'], $_GET['api']); $db->unsubToApi($_SESSION['utclogin'], $_GET['api']);
......
...@@ -38,18 +38,37 @@ class DB { ...@@ -38,18 +38,37 @@ class DB {
return $res; return $res;
} }
public function subToApi($utclogin, $api) { public function subToApi($admin, $utclogin, $api) {
$today = date('Ymd'); // Case 1 : Student had not yet subscribe to this Api and no other Api is validated same week, insertion expected to work
$sql = 'INSERT INTO subscribe(utclogin, api, subdate) VALUES (:utclogin, :api, :today)'; // Case 2 : Student had already subscribe to this Api, key constraint will prevent from adding new record, so, if subscription has been unvalidated it will remain so AND is_available test will block inserting before previous rule anyway
// Case 3 : Student had not subscribe to this Api, but another Api has been validated same week, insertion expected to fail (test with is_avaiblable)
$sql = 'SELECT is_available(:utclogin, week, year) AS is_available
FROM vapi
WHERE semester=:semester AND year=:year AND id=:api' ;
$st = $this->conn->prepare($sql); $st = $this->conn->prepare($sql);
$st->bindValue(':utclogin',$utclogin,PDO::PARAM_STR);
$st->bindValue(':api',$api,PDO::PARAM_INT); $st->bindValue(':api',$api,PDO::PARAM_INT);
$st->bindValue(':today',$today,PDO::PARAM_STR); $st->bindValue(':semester',$admin->activeSemester(),PDO::PARAM_STR);
$res = $st->execute(); $st->bindValue(':year',$admin->activeYear(),PDO::PARAM_INT);
return $res; $st->bindValue(':utclogin',$utclogin,PDO::PARAM_STR);
$st->execute();
$res = $st->fetch(PDO::FETCH_ASSOC);
if ($res['is_available']) {
$today = date('Ymd');
$sql = 'INSERT INTO subscribe(utclogin, api, subdate) VALUES (:utclogin, :api, :today)';
$st = $this->conn->prepare($sql);
$st->bindValue(':utclogin',$utclogin,PDO::PARAM_STR);
$st->bindValue(':api',$api,PDO::PARAM_INT);
$st->bindValue(':today',$today,PDO::PARAM_STR);
$res = $st->execute();
return $res;
}
else {
return null;
}
} }
public function unsubToApi($utclogin, $api) { public function unsubToApi($utclogin, $api) {
#TODO add superpower to unsubscribe if admin
/** Testing validation IS NULL prevent from unsubscribing to validated Api **/ /** Testing validation IS NULL prevent from unsubscribing to validated Api **/
$sql = 'DELETE FROM subscribe WHERE utclogin=:utclogin AND api=:api AND validation IS NULL'; $sql = 'DELETE FROM subscribe WHERE utclogin=:utclogin AND api=:api AND validation IS NULL';
$st = $this->conn->prepare($sql); $st = $this->conn->prepare($sql);
......
...@@ -7,6 +7,7 @@ CREATE OR REPLACE FUNCTION unaccent_string(TEXT) RETURNS TEXT AS $$ ...@@ -7,6 +7,7 @@ CREATE OR REPLACE FUNCTION unaccent_string(TEXT) RETURNS TEXT AS $$
$$ LANGUAGE SQL; $$ LANGUAGE SQL;
CREATE OR REPLACE FUNCTION is_available(TEXT, TEXT, TEXT) RETURNS BOOLEAN AS $$ CREATE OR REPLACE FUNCTION is_available(TEXT, TEXT, TEXT) RETURNS BOOLEAN AS $$
/* Returns True if student has no api validated for same week and year */
DECLARE DECLARE
student ALIAS FOR $1; student ALIAS FOR $1;
w ALIAS FOR $2; w ALIAS FOR $2;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment