This repository was archived by the owner on May 20, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathadminedit.php
More file actions
94 lines (79 loc) · 2.91 KB
/
adminedit.php
File metadata and controls
94 lines (79 loc) · 2.91 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
<?php
session_start();
if(!isset($_SESSION['user_id']) || !isset($_GET['type'])) {
die("Not authorized");
}
require_once("lib/database/DBController.php");
// Switch to the correct type
switch($_GET['type']) {
case "questions":
// If operation is delete - delete the entry
$id = htmlentities($_POST['id']);
if($_POST['oper'] == "del") {
$q = DBController::get()->getQuestionById($id);
$q->delete();
break;
}
$category = htmlentities($_POST['category']);
$text = htmlentities($_POST['text']);
$correct_answer = htmlentities($_POST['correct_answer']);
$wrong_answer1 = htmlentities($_POST['wrong_answer1']);
$wrong_answer2 = htmlentities($_POST['wrong_answer2']);
$wrong_answer3 = htmlentities($_POST['wrong_answer3']);
$category_obj = DBController::get()->getCategoryByName($category);
if($category_obj == null) {
$category_id = DBController::get()->createCategory($category)->id;
} else {
$category_id = $category_obj->id;
}
// If operation is add - add a new entry otherwise modify an existing one
if($_POST['oper'] == "add") {
$q = DBController::get()->createQuestion($category_id, $text, $correct_answer, $wrong_answer1, $wrong_answer2, $wrong_answer3);
} else if($_POST['oper'] == "edit") {
$q = DBController::get()->getQuestionById($id);
$q->category_id = $category_id;
$q->text = $text;
$q->correct_answer = $correct_answer;
$q->wrong_answer1 = $wrong_answer1;
$q->wrong_answer2 = $wrong_answer2;
$q->wrong_answer3 = $wrong_answer3;
$q->save();
}
break;
case "categories":
$id = htmlentities($_POST['id']);
// If operation is delete - delete the entry
if($_POST['oper'] == "del") {
$c = DBController::get()->getCategoryById($id);
$c->delete();
break;
}
$name = htmlentities($_POST['name']);
// If operation is add - add a new entry otherwise modify an existing one
if($_POST['oper'] == "add") {
$c = DBController::get()->createCategory($name);
} else if($_POST['oper'] == "edit") {
$c = DBController::get()->getCategoryById($id);
$c->name = $name;
$c->save();
}
break;
case "highscore":
$id = htmlentities($_POST['id']);
// If operation is delete - delete the entry
if($_POST['oper'] == "del") {
$c = DBController::get()->getHighscoreById($id);
$c->delete();
break;
}
break;
// unimplemented
case "users":
if($_POST['oper'] == "add") {
$username = htmlentities($_POST['username']);
$password = htmlentities($_POST['password']);
$u = DBController::get()->createUsers($username, $password);
}
break;
}
?>