lukas.uptmoor/webgis-lohne
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

adapted comments and votes handlers

Browse Source
This commit is contained in:
patrickzerhusen
2026-05-07 14:48:39 +02:00
parent 486d00ae88
commit fc1df1effb
1 changed files with 125 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

154
public/api/contributions.php
View File

@@ -356,8 +356,8 @@ function handle_delete($input) {
// --------------------------------------------------------------------- // ---------------------------------------------------------------------
// VOTE: Likes or Dislikes a Contribution // VOTE: Likes or Dislikes Contributions or Tasks
// Required: contribution_id, voter_name, vote_type // Required: contribution_id or task_id, voter_name, vote_type
// Database Trigger automatically updates Likes and Dislikes Count // Database Trigger automatically updates Likes and Dislikes Count
// UNIQUE Constraint prevents duplicate Votes per Voter. // UNIQUE Constraint prevents duplicate Votes per Voter.
// --------------------------------------------------------------------- // ---------------------------------------------------------------------
@@ -365,7 +365,7 @@ function handle_vote($input) {
$pdo = get_db(); $pdo = get_db();
// Validates Input // Validates Input
$missing = validate_required($input, ['contribution_id', 'voter_name', 'vote_type']); $missing = validate_required($input, ['voter_name', 'vote_type']);
if (!empty($missing)) { if (!empty($missing)) {
error_response('Missing Fields: ' . implode(', ', $missing)); error_response('Missing Fields: ' . implode(', ', $missing));
} }
@@ -376,13 +376,6 @@ function handle_vote($input) {
error_response('Invalid vote_type. Must be: ' . implode(', ', $valid_vote_types)); error_response('Invalid vote_type. Must be: ' . implode(', ', $valid_vote_types));
} }
// Checks if Contribution exists
$stmt = $pdo->prepare("SELECT contribution_id FROM contributions WHERE contribution_id = :id");
$stmt->execute([':id' => $input['contribution_id']]);
if (!$stmt->fetch()) {
error_response('Contribution not found.', 404);
}
// Prepared SQL Statement // Prepared SQL Statement
try { try {
// Checks if Voter already voted on this Contribution // Checks if Voter already voted on this Contribution
@@ -391,11 +384,39 @@ function handle_vote($input) {
error_response('Browser ID required for Voting.'); error_response('Browser ID required for Voting.');
} }
// Determines Vote Type
$is_task = isset($input['task_id']) && $input['task_id'] !== '';
if ($is_task) {
// Checks for Tasks
$stmt = $pdo->prepare("SELECT task_id FROM tasks WHERE task_id = :id");
$stmt->execute([':id' => $input['task_id']]);
if (!$stmt->fetch()) {
error_response('Task not found.', 404);
}
// Checks if Browser already voted on Task
$stmt = $pdo->prepare(" $stmt = $pdo->prepare("
SELECT vote_id, vote_type FROM votes SELECT vote_id, vote_type FROM votes
WHERE contribution_id = :cid AND browser_id = :bid WHERE task_id = :id AND browser_id = :bid
"); ");
$stmt->execute([':cid' => $input['contribution_id'], ':bid' => $browser_id]); $stmt->execute([':id' => $input['task_id'], ':bid' => $browser_id]);
} else {
// Checks for Contributions
$stmt = $pdo->prepare("SELECT contribution_id FROM contributions WHERE contribution_id = :id");
$stmt->execute([':id' => $input['contribution_id']]);
if (!$stmt->fetch()) {
error_response('Contribution not found.', 404);
}
// Checks if Browser already voted on Contribution
$stmt = $pdo->prepare("
SELECT vote_id, vote_type FROM votes
WHERE contribution_id = :id AND browser_id = :bid
");
$stmt->execute([':id' => $input['contribution_id'], ':bid' => $browser_id]);
}
$existing = $stmt->fetch(); $existing = $stmt->fetch();
if ($existing) { if ($existing) {
@@ -405,36 +426,48 @@ function handle_vote($input) {
$stmt->execute([':vid' => $existing['vote_id']]); $stmt->execute([':vid' => $existing['vote_id']]);
json_response(['message' => 'Vote removed.', 'action' => 'removed']); json_response(['message' => 'Vote removed.', 'action' => 'removed']);
} else { } else {
// Different Vote Type — Switches Vote // Different Vote Type — Removes old Vote before Inserting new one
$stmt = $pdo->prepare("DELETE FROM votes WHERE vote_id = :vid"); $stmt = $pdo->prepare("DELETE FROM votes WHERE vote_id = :vid");
$stmt->execute([':vid' => $existing['vote_id']]); $stmt->execute([':vid' => $existing['vote_id']]);
$this_insert = true;
$stmt = $pdo->prepare("
INSERT INTO votes (contribution_id, voter_name, vote_type, browser_id)
VALUES (:cid, :voter, :vtype, :bid)
");
$stmt->execute([
':cid' => $input['contribution_id'],
':voter' => $input['voter_name'],
':vtype' => $input['vote_type'],
':bid' => $browser_id
]);
json_response(['message' => 'Vote changed.', 'action' => 'changed'], 200);
} }
} else { } else {
// No existing Vote — Inserts Vote // No existing Vote — Inserts Vote
$this_insert = true;
}
if (!empty($this_insert)) {
if ($is_task) {
$stmt = $pdo->prepare(" $stmt = $pdo->prepare("
INSERT INTO votes (contribution_id, voter_name, vote_type, browser_id) INSERT INTO votes (task_id, voter_name, vote_type, browser_id)
VALUES (:cid, :voter, :vtype, :bid) VALUES (:id, :voter, :vtype, :bid)
"); ");
$stmt->execute([ $stmt->execute([
':cid' => $input['contribution_id'], ':id' => $input['task_id'],
':voter' => $input['voter_name'], ':voter' => $input['voter_name'],
':vtype' => $input['vote_type'], ':vtype' => $input['vote_type'],
':bid' => $browser_id ':bid' => $browser_id
]); ]);
} else {
$stmt = $pdo->prepare("
INSERT INTO votes (contribution_id, voter_name, vote_type, browser_id)
VALUES (:id, :voter, :vtype, :bid)
");
$stmt->execute([
':id' => $input['contribution_id'],
':voter' => $input['voter_name'],
':vtype' => $input['vote_type'],
':bid' => $browser_id
]);
}
// Returns changed or created
if ($existing) {
json_response(['message' => 'Vote changed.', 'action' => 'changed'], 200);
} else {
json_response(['message' => 'Vote recorded.', 'action' => 'created'], 201); json_response(['message' => 'Vote recorded.', 'action' => 'created'], 201);
} }
}
} catch (PDOException $e) { } catch (PDOException $e) {
error_response('Database Error: ' . $e->getMessage(), 500); error_response('Database Error: ' . $e->getMessage(), 500);
@@ -586,26 +619,40 @@ function handle_photo_upload($file) {
// ===================================================================== // =====================================================================
// --------------------------------------------------------------------- // ---------------------------------------------------------------------
// READ COMMENTS: Loads Comments for a Contribution // READ COMMENTS: Loads Comments for Contributions or Tasks
// Returns Comments sorted by Date (newest first) // Returns Comments sorted by Date (oldest first)
// Required: contribution_id // Required: contribution_id or task_id
// --------------------------------------------------------------------- // ---------------------------------------------------------------------
function handle_read_comments($input) { function handle_read_comments($input) {
$pdo = get_db(); $pdo = get_db();
$missing = validate_required($input, ['contribution_id']); // Checks for contribution_id or task_id
if (!empty($missing)) { if (empty($input['contribution_id']) && empty($input['task_id'])) {
error_response('Missing Fields: ' . implode(', ', $missing)); error_response('Either contribution_id or task_id is required.');
} }
// Determines Vote Type
$is_task = isset($input['task_id']) && $input['task_id'] !== '';
try { try {
if ($is_task) {
$stmt = $pdo->prepare("
SELECT comment_id, task_id, author_name, browser_id, content, status, created_at
FROM comments
WHERE task_id = :id AND status = 'approved'
ORDER BY created_at ASC
");
} else {
$stmt = $pdo->prepare(" $stmt = $pdo->prepare("
SELECT comment_id, contribution_id, author_name, browser_id, content, status, created_at SELECT comment_id, contribution_id, author_name, browser_id, content, status, created_at
FROM comments FROM comments
WHERE contribution_id = :cid AND status = 'approved' WHERE contribution_id = :id AND status = 'approved'
ORDER BY created_at ASC ORDER BY created_at ASC
"); ");
$stmt->execute([':cid' => $input['contribution_id']]); }
// Prepared Statement
$stmt->execute([':id' => $is_task ? $input['task_id'] : $input['contribution_id']]);
$comments = $stmt->fetchAll(); $comments = $stmt->fetchAll();
json_response(['comments' => $comments, 'count' => count($comments)]); json_response(['comments' => $comments, 'count' => count($comments)]);
@@ -617,37 +664,56 @@ function handle_read_comments($input) {
// --------------------------------------------------------------------- // ---------------------------------------------------------------------
// CREATE COMMENT: Adds Comments to Contributions // CREATE COMMENT: Adds Comments Contributions or Tasks
// Required: contribution_id, author_name, content // Required: author_name, content, contribution_id or task_id
// Optional: browser_id // Optional: browser_id
// --------------------------------------------------------------------- // ---------------------------------------------------------------------
function handle_create_comment($input) { function handle_create_comment($input) {
$pdo = get_db(); $pdo = get_db();
$missing = validate_required($input, ['contribution_id', 'author_name', 'content']); $missing = validate_required($input, ['author_name', 'content']);
if (!empty($missing)) { if (!empty($missing)) {
error_response('Missing Fields: ' . implode(', ', $missing)); error_response('Missing Fields: ' . implode(', ', $missing));
} }
// Validates Content Length // Checks for contribution_id or task_id
if (empty($input['contribution_id']) && empty($input['task_id'])) {
error_response('Either contribution_id or task_id is required.');
}
// Validates Length
if (strlen($input['content']) > 1000) { if (strlen($input['content']) > 1000) {
error_response('Comment too long. Maximum 1000 Characters.'); error_response('Comment too long. Maximum 1000 Characters.');
} }
// Checks if Contribution exists // Determines Comment Type
$is_task = isset($input['task_id']) && $input['task_id'] !== '';
if ($is_task) {
// Checks for Tasks
$stmt = $pdo->prepare("SELECT task_id FROM tasks WHERE task_id = :id");
$stmt->execute([':id' => $input['task_id']]);
if (!$stmt->fetch()) {
error_response('Task not found.', 404);
}
} else {
// Checks for Contributions
$stmt = $pdo->prepare("SELECT contribution_id FROM contributions WHERE contribution_id = :id"); $stmt = $pdo->prepare("SELECT contribution_id FROM contributions WHERE contribution_id = :id");
$stmt->execute([':id' => $input['contribution_id']]); $stmt->execute([':id' => $input['contribution_id']]);
if (!$stmt->fetch()) { if (!$stmt->fetch()) {
error_response('Contribution not found.', 404); error_response('Contribution not found.', 404);
} }
}
// Prepared Statement
try { try {
$stmt = $pdo->prepare(" $stmt = $pdo->prepare("
INSERT INTO comments (contribution_id, author_name, browser_id, content) INSERT INTO comments (contribution_id, task_id, author_name, browser_id, content)
VALUES (:cid, :author, :bid, :content) VALUES (:cid, :tid, :author, :bid, :content)
"); ");
$stmt->execute([ $stmt->execute([
':cid' => $input['contribution_id'], ':cid' => $is_task ? null : $input['contribution_id'],
':tid' => $is_task ? $input['task_id'] : null,
':author' => $input['author_name'], ':author' => $input['author_name'],
':bid' => $input['browser_id'] ?? null, ':bid' => $input['browser_id'] ?? null,
':content' => $input['content'] ':content' => $input['content']