113 lines
4.3 KiB
PHP
113 lines
4.3 KiB
PHP
<?php
|
|
require_once '../../includes/connect_endpoint.php';
|
|
session_start();
|
|
function validate($value) {
|
|
$value = trim($value);
|
|
$value = stripslashes($value);
|
|
$value = htmlspecialchars($value);
|
|
$value = htmlentities($value);
|
|
return $value;
|
|
}
|
|
if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] === true) {
|
|
if (isset($_GET['action']) && $_GET['action'] == "add") {
|
|
$householdName = "Member";
|
|
$sqlInsert = "INSERT INTO household (name) VALUES (:name)";
|
|
$stmtInsert = $db->prepare($sqlInsert);
|
|
$stmtInsert->bindParam(':name', $householdName, SQLITE3_TEXT);
|
|
$resultInsert = $stmtInsert->execute();
|
|
|
|
if ($resultInsert) {
|
|
$householdId = $db->lastInsertRowID();
|
|
$response = [
|
|
"success" => true,
|
|
"householdId" => $householdId,
|
|
];
|
|
echo json_encode($response);
|
|
} else {
|
|
$response = [
|
|
"success" => false,
|
|
"errorMessage" => translate('failed_add_household', $i18n)
|
|
];
|
|
echo json_encode($response);
|
|
}
|
|
} else if (isset($_GET['action']) && $_GET['action'] == "edit") {
|
|
if (isset($_GET['memberId']) && $_GET['memberId'] != "" && isset($_GET['name']) && $_GET['name'] != "") {
|
|
$memberId = $_GET['memberId'];
|
|
$name = validate($_GET['name']);
|
|
$sql = "UPDATE household SET name = :name WHERE id = :memberId";
|
|
$stmt = $db->prepare($sql);
|
|
$stmt->bindParam(':name', $name, SQLITE3_TEXT);
|
|
$stmt->bindParam(':memberId', $memberId, SQLITE3_INTEGER);
|
|
$result = $stmt->execute();
|
|
|
|
if ($result) {
|
|
$response = [
|
|
"success" => true,
|
|
"message" => translate('member_saved', $i18n)
|
|
];
|
|
echo json_encode($response);
|
|
} else {
|
|
$response = [
|
|
"success" => false,
|
|
"errorMessage" => translate('failed_edit_household', $i18n)
|
|
];
|
|
echo json_encode($response);
|
|
}
|
|
} else {
|
|
$response = [
|
|
"success" => false,
|
|
"errorMessage" => translate('fill_all_fields', $i18n)
|
|
];
|
|
echo json_encode($response);
|
|
}
|
|
} else if (isset($_GET['action']) && $_GET['action'] == "delete") {
|
|
if (isset($_GET['memberId']) && $_GET['memberId'] != "" && $_GET['memberId'] != 1) {
|
|
$memberId = $_GET['memberId'];
|
|
$checkMember = "SELECT COUNT(*) FROM subscriptions WHERE payer_user_id = :memberId";
|
|
$checkStmt = $db->prepare($checkMember);
|
|
$checkStmt->bindParam(':memberId', $memberId, SQLITE3_INTEGER);
|
|
$checkResult = $checkStmt->execute();
|
|
$row = $checkResult->fetchArray();
|
|
$count = $row[0];
|
|
|
|
if ($count > 0) {
|
|
$response = [
|
|
"success" => false,
|
|
"errorMessage" => translate('household_in_use', $i18n)
|
|
];
|
|
echo json_encode($response);
|
|
} else {
|
|
$sql = "DELETE FROM household WHERE id = :memberId";
|
|
$stmt = $db->prepare($sql);
|
|
$stmt->bindParam(':memberId', $memberId, SQLITE3_INTEGER);
|
|
$result = $stmt->execute();
|
|
if ($result) {
|
|
$response = [
|
|
"success" => true,
|
|
"message" => translate('member_removed', $i18n)
|
|
];
|
|
echo json_encode($response);
|
|
} else {
|
|
$response = [
|
|
"success" => false,
|
|
"errorMessage" => translate('failed_remove_household', $i18n)
|
|
];
|
|
echo json_encode($response);
|
|
}
|
|
}
|
|
} else {
|
|
$response = [
|
|
"success" => false,
|
|
"errorMessage" => translate('failed_remove_household', $i18n)
|
|
];
|
|
echo json_encode($response);
|
|
}
|
|
} else {
|
|
echo translate('error', $i18n);
|
|
}
|
|
} else {
|
|
echo translate('error', $i18n);
|
|
}
|
|
|
|
?>
|