GitList
Repositories
Help
Report an Issue
vroom360
Code
Commits
Branches
Tags
Search
Tree:
e36c40f
Branches
Tags
master
vroom360
admin
admin_dao.php
initial commit
Dev Ghai
commited
e36c40f
at 2013-09-26 06:24:15
admin_dao.php
Blame
History
Raw
<?php require_once 'admin_config.php'; require_once 'admin_errorObject.php'; class admin_dao { private $_queries = array ( 'isAdminAuthorized' => 'SELECT `admins_id` FROM `admins` WHERE `admins_id` = ? AND `admins_password` = PASSWORD(?) AND `admins_active` = true LIMIT 1', 'addNewAdmin' => 'INSERT INTO `admins`(`admins_id`, `admins_password`, `admins_email`, `admins_active`, `admins_modified_by`, `admins_modification_date`) VALUES(?, PASSWORD(?), ?, ?, ?, NOW())', 'getAdmins' => 'SELECT `admins_id`, `admins_active`, `admins_modified_by`, `admins_modification_date` FROM `vroom360`.`admins` WHERE `admins_id` LIKE CONCAT(\'%\', ?, \'%\') LIMIT ?, ?', 'deactivateAdmin' => 'UPDATE `admins` SET `admins_active` = false WHERE `admins_id` = ?', 'setSurveyAvailability' => 'UPDATE `question_set` SET `questionset_active` = ?, `questionset_modified_by` = ?, `questionset_modification_date` = NOW() WHERE `questionset_id` = ?', 'addQuestionSet' => 'INSERT INTO `question_set`(`questionset_setname`, `questionset_active`, `questionset_modified_by`, `questionset_modification_date`) VALUES (?, ?, ?, NOW())', 'addQuestion' => 'INSERT INTO `questions`(`questions_text`, `questions_location_x`, `questions_location_y`, `questions_location_z`) VALUES(?, ?, ?, ?)', 'addQuestionsInSet' => 'INSERT INTO `questions_in_set`(`questionsinset_set_id`, `questionsinset_question_id`) VALUES (?, ?)', 'updateQuestion' => 'UPDATE `questions` SET `questions_text` = ?, `questions_location_x` = ?, `questions_location_y` = ?, `questions_location_z` = ? WHERE `questions_id` = ?', 'isUsernameAvailable' => 'SELECT `users_loginId` FROM `users` WHERE `users_loginId` = ? LIMIT 1 UNION SELECT `admins_id` FROM `admins` WHERE `admins_id` = ? LIMIT 1', 'isSurveyNameAvailable' => 'SELECT `questionset_id` FROM `question_set` WHERE `questionset_setname` = ?', 'deleteQuestionsInSet' => 'DELETE FROM `questions_in_set` WHERE `questionsinset_set_id` = ? AND `questionsinset_question_id` = ?', 'setQuestionAvailability' => 'UPDATE `questions` SET `questions_active` = ? WHERE `questions_id` = ?', 'getQuestions' => 'SELECT `q`.`questions_id`,`q`.`questions_text`, `q`.`questions_location_x`,`q`.`questions_location_y`, `q`.`questions_location_z` FROM `questions_in_set` `qis` INNER JOIN `questions` `q` ON (`qis`.`questionsinset_question_id` = `q`.`questions_id` AND `qis`.`questionsinset_set_id` = ?)', 'getAllSurveys' => 'SELECT `questionset_id`, `questionset_setname`, `questionset_active`, `questionset_modified_by`, `questionset_modification_date` FROM `question_set`', 'updateQuestionSet' => 'UPDATE `question_set` SET `questionset_modified_by` = ?, `questionset_setname` = ?, `questionset_active` = ?, `questionset_modification_date` = NOW() WHERE `questionset_id` = ?', 'downloadSurvey' =>'', ); function __construct() { $this->_config = new admin_config(); //connect to DB; $this->_dbConnection = new mysqli( $this->_config->GetDbServer(), $this->_config->GetDbUser(), $this->_config->GetDbUserPassword(), $this->_config->GetDbSchema(), $this->_config->GetDbPort() ); if($this->_dbConnection->connect_error) { return new Admin_ErrorObject(E_VROOM_DB_CONNECT_FAILED, $this->GetMysqlError('DB Connection')); } //select the schema we need to use. //if data needs to support UTF-8, mysql_set_charset should be called here. } public function IsUserAuthorized($userid, $password) { //take statement from central repository and prepare statement if($stmt = $this->_dbConnection->prepare($this->_queries['isAdminAuthorized'])) { //bind parameters $stmt->bind_param('ss', $userid, $password); //execute query if(!$stmt->execute()) { return new Admin_ErrorObject( E_VROOM_EXECUTE_QUERY_FAILED, $this->GetMysqlError($this->_queries['isAdminAuthorized']) ); } $stmt->store_result(); if($stmt->num_rows > 1) { //something's wrong with the DB. report to admin return new Admin_ErrorObject( E_VROOM_EXECUTE_QUERY_FAILED, $this->GetMysqlError($this->_queries['isAdminAuthorized']) ); } else if ($stmt->num_rows === 0) { return false; } //return the data return true; } else { return new Admin_ErrorObject( E_VROOM_PREPARE_QUERY_FAILED, $this->GetMysqlError($this->_queries['isAdminAuthorized']) ); } } public function IsUsernameAvailable($userid) { //take statement from central repository and prepare statement if($stmt = $this->_dbConnection->prepare($this->_queries['isUsernameAvailable'])) { //bind parameters $stmt->bind_param('ss', $userid, $userid); //execute query if(!$stmt->execute()) { return new Admin_ErrorObject( E_VROOM_EXECUTE_QUERY_FAILED, $this->GetMysqlError($this->_queries['isUsernameAvailable']) ); } $stmt->store_result(); return $stmt->num_rows == 0; } else { return new Admin_ErrorObject( E_VROOM_PREPARE_QUERY_FAILED, $this->GetMysqlError($this->_queries['isUsernameAvailable']) ); } } public function AddAdmin($userid, $password, $email, $isActive, $modified_by) { //first call IsUsernameAvailable. Return only if username is available and there is a successful insert. $this->_dbConnection->autocommit(false); if(!$this->IsUsernameAvailable($userid)) { $this->_dbConnection->rollback(); return false; } if($stmt = $this->_dbConnection->prepare($this->_queries['addNewAdmin'])) { //bind parameters $stmt->bind_param('sssis', $userid, $password, $email, $isActive, $modified_by); //execute query if(!$stmt->execute()) { $e = new Admin_ErrorObject( E_VROOM_EXECUTE_QUERY_FAILED, $this->GetMysqlError($this->_queries['addNewAdmin']) ); $this->_dbConnection->rollback(); return $e; } $stmt->store_result(); if($stmt->affected_rows != 1) { //something's wrong with the DB. report to admin $e = new Admin_ErrorObject( E_VROOM_INSERT_FAILED, $this->GetMysqlError($this->_queries['addNewAdmin']) ); $this->_dbConnection->rollback(); return $e; } $this->_dbConnection->commit(); //return the data return true; } else { $e = new Admin_ErrorObject( E_VROOM_PREPARE_QUERY_FAILED, $this->GetMysqlError($this->_queries['addNewAdmin']) ); $this->_dbConnection->rollback(); return $e; } } public function GetAdmins($searchString, $startRow, $numRows) { } public function IsSurveyNameAvailable($surveyName) { if($stmt = $this->_dbConnection->prepare($this->_queries['isSurveyNameAvailable'])) { //bind parameters $stmt->bind_param('s', $surveyName); //execute query if(!$stmt->execute()) { return new Admin_ErrorObject( E_VROOM_EXECUTE_QUERY_FAILED, $this->GetMysqlError($this->_queries['isSurveyNameAvailable']) ); } $stmt->store_result(); return $stmt->num_rows == 0; } else { return new Admin_ErrorObject( E_VROOM_PREPARE_QUERY_FAILED, $this->GetMysqlError($this->_queries['isSurveyNameAvailable']) ); } } public function AddQuestions(array $questions) { $questionIds = array(); $this->_dbConnection->autocommit(false); if($stmt = $this->_dbConnection->prepare($this->_queries['addQuestion'])) { foreach ($questions as $key=>$value) { //bind parameters /* * 'INSERT INTO `questions`(`questions_text`, `questions_location_x`, `questions_location_y`, `questions_location_z`) VALUES(?, ?, ?, ?)', */ $stmt->bind_param('sddd', $value['text'], $value['x'], $value['y'], $value['z']); //execute query if(!$stmt->execute()) { $e = new Admin_ErrorObject( E_VROOM_EXECUTE_QUERY_FAILED, $this->GetMysqlError($this->_queries['addQuestion']) ); $this->_dbConnection->rollback(); return $e; } $stmt->store_result(); $lastInsertedId = $this->_dbConnection->insert_id; if($lastInsertedId===0) { //something's wrong with the DB. report to admin $e = new Admin_ErrorObject( E_VROOM_INSERT_FAILED, $this->GetMysqlError($this->_queries['addQuestion']) ); $this->_dbConnection->rollback(); return $e; } $questionIds []= $lastInsertedId; } $this->_dbConnection->commit(); //return the data return $questionIds; } else { $e = new Admin_ErrorObject( E_VROOM_PREPARE_QUERY_FAILED, $this->GetMysqlError($this->_queries['addQuestion']) ); $this->_dbConnection->rollback(); return $e; } } public function AddQuestionSet($surveyName, $isActive, $username) { $this->_dbConnection->autocommit(false); if($stmt = $this->_dbConnection->prepare($this->_queries['addQuestionSet'])) { /* * INSERT INTO `question_set`(`questionset_setname`, `questionset_active`, `questionset_modified_by`, `questionset_modification_date`) VALUES (?, ?, ?, NOW()) */ //bind parameters $stmt->bind_param('sis', $surveyName, $isActive, $username); //execute query if(!$stmt->execute()) { $e = new Admin_ErrorObject( E_VROOM_EXECUTE_QUERY_FAILED, $this->GetMysqlError($this->_queries['addQuestionSet']) ); $this->_dbConnection->rollback(); return $e; } $stmt->store_result(); $surveyId = $this->_dbConnection->insert_id; if($surveyId === 0) { //something's wrong with the DB. report to admin $e = new Admin_ErrorObject( E_VROOM_INSERT_FAILED, $this->GetMysqlError($this->_queries['addQuestionSet']) ); $this->_dbConnection->rollback(); return $e; } $this->_dbConnection->commit(); //return the data return $surveyId; } else { $e = new Admin_ErrorObject( E_VROOM_PREPARE_QUERY_FAILED, $this->GetMysqlError($this->_queries['addQuestionSet']) ); $this->_dbConnection->rollback(); return $e; } } public function AddQuestionsInSet($questionSetId, array $questionIds) { $this->_dbConnection->autocommit(false); if($stmt = $this->_dbConnection->prepare($this->_queries['addQuestionsInSet'])) { foreach ($questionIds as $key=>$value) { //bind parameters /* * 'addQuestionsInSet' => 'INSERT INTO `questions_in_set`(`questionsinset_set_id`, `questionsinset_question_id`) VALUES (?, ?)', */ $stmt->bind_param('ii', $questionSetId, $value); //execute query if(!$stmt->execute()) { $e = new Admin_ErrorObject( E_VROOM_EXECUTE_QUERY_FAILED, $this->GetMysqlError($this->_queries['addQuestionsInSet']) ); $this->_dbConnection->rollback(); return $e; } $stmt->store_result(); if($stmt->affected_rows != 1) { //something's wrong with the DB. report to admin $e = new Admin_ErrorObject( E_VROOM_INSERT_FAILED, $this->GetMysqlError($this->_queries['addQuestionsInSet']) ); $this->_dbConnection->rollback(); return $e; } } $this->_dbConnection->commit(); //return the data return true; } else { $e = new Admin_ErrorObject( E_VROOM_PREPARE_QUERY_FAILED, $this->GetMysqlError($this->_queries['addQuestionsInSet']) ); $this->_dbConnection->rollback(); return $e; } } public function UpdateQuestions(array $questions) { /* * 'updateQuestion' => 'UPDATE `questions` SET `questions_text` = ?, `questions_location_x` = ?, `questions_location_y` = ?, `questions_location_z` = ?, WHERE `questions_id` = ?', */ $this->_dbConnection->autocommit(false); if($stmt = $this->_dbConnection->prepare($this->_queries['updateQuestion'])) { foreach ($questions as $key=>$value) { //bind parameters $stmt->bind_param('sdddi', $value['text'], $value['x'], $value['y'], $value['z'], $value['id']); //execute query if(!$stmt->execute()) { $e = new Admin_ErrorObject( E_VROOM_EXECUTE_QUERY_FAILED, $this->GetMysqlError($this->_queries['updateQuestion']) ); $this->_dbConnection->rollback(); return $e; } } $this->_dbConnection->commit(); //return the data return true; } else { $e = new Admin_ErrorObject( E_VROOM_PREPARE_QUERY_FAILED, $this->GetMysqlError($this->_queries['updateQuestion']) ); $this->_dbConnection->rollback(); return $e; } } public function DeleteQuestionsInSet($questionSetId, array $questionIds) { $this->_dbConnection->autocommit(false); if($stmt = $this->_dbConnection->prepare($this->_queries['deleteQuestionsInSet'])) { foreach ($questionIds as $key=>$value) { //bind parameters /* * 'deleteQuestionsInSet' => 'DELETE FROM `questions_in_set` WHERE `questionsinset_set_id` = ? AND `questionsinset_question_id` = ?', */ $stmt->bind_param('ii', $questionSetId, $value); //execute query if(!$stmt->execute()) { $e = new Admin_ErrorObject( E_VROOM_EXECUTE_QUERY_FAILED, $this->GetMysqlError($this->_queries['deleteQuestionsInSet']) ); $this->_dbConnection->rollback(); return $e; } } $this->_dbConnection->commit(); //return the data return true; } else { $e = new Admin_ErrorObject( E_VROOM_PREPARE_QUERY_FAILED, $this->GetMysqlError($this->_queries['deleteQuestionsInSet']) ); $this->_dbConnection->rollback(); return $e; } } /** * Use this to deactivate the questions individually. * @param * array $questionsIds * Accepts the array containing IDs of the questions in database that need * to be deleted or deactivated. * @return Admin_ErrorObject/boolean * Admin_ErrorObject if there was an error executing the database operation. * boolean to communicate logical success otherwise. */ public function SetQuestionsAvailability(array $questionsIds) { $this->_dbConnection->autocommit(false); if($stmt = $this->_dbConnection->prepare($this->_queries['setQuestionAvailability'])) { foreach ($questionIds as $key=>$value) { //bind parameters /* * 'setQuestionState' => 'UPDATE `questions` SET `questions_active` = ? WHERE `questions_id` = ?', */ $stmt->bind_param('ii', $value, $key); //execute query if(!$stmt->execute()) { $e = new Admin_ErrorObject( E_VROOM_EXECUTE_QUERY_FAILED, $this->GetMysqlError($this->_queries['setQuestionAvailability']) ); $this->_dbConnection->rollback(); return $e; } } $this->_dbConnection->commit(); //return the data return true; } else { $e = new Admin_ErrorObject( E_VROOM_PREPARE_QUERY_FAILED, $this->GetMysqlError($this->_queries['setQuestionAvailability']) ); $this->_dbConnection->rollback(); return $e; } } public function SetSurveyAvailability($surveyStatuses, $whoModifiedIt) { $this->_dbConnection->autocommit(false); if($stmt = $this->_dbConnection->prepare($this->_queries['setSurveyAvailability'])) { foreach ($surveyStatuses as $surveyId=>$isActive) { //bind parameters $stmt->bind_param('isi', $isActive, $whoModifiedIt, $surveyId); //execute query if(!$stmt->execute()) { $e = new Admin_ErrorObject( E_VROOM_EXECUTE_QUERY_FAILED, $this->GetMysqlError($this->_queries['setSurveyAvailability']) ); $this->_dbConnection->rollback(); return $e; } } $this->_dbConnection->commit(); //return the data return true; } else { $e = new Admin_ErrorObject( E_VROOM_PREPARE_QUERY_FAILED, $this->GetMysqlError($this->_queries['setSurveyAvailability']) ); $this->_dbConnection->rollback(); return $e; } } public function GetQuestions($questionSetId) { //take statement from central repository and prepare statement if($stmt = $this->_dbConnection->prepare($this->_queries['getQuestions'])) { //bind parameters $stmt->bind_param('i', $questionSetId); //execute query if(!$stmt->execute()) { return new ErrorObject($this->GetMysqlError($this->_queries['getQuestions']), E_VROOM_EXECUTE_QUERY_FAILED); } $stmt->store_result(); //bind the column values to variables $stmt->bind_result( $ques_id, $ques_text, $ques_x, $ques_y, $ques_z ); $questions = array(); $questionNumber = -1; //copy result from DB into bound variables while($stmt->fetch()) { $ques = array(); $ques['id'] = $ques_id; $ques['text'] = $ques_text; $ques['x'] = $ques_x; $ques['y'] = $ques_y; $ques['z'] = $ques_z; $questions[++$questionNumber] = $ques; } //return the data return $questions; } else { return new ErrorObject($this->GetMysqlError($this->_queries['getQuestions']), E_VROOM_PREPARE_QUERY_FAILED); } } public function GetAllSurveys() { //take statement from central repository and prepare statement if($stmt = $this->_dbConnection->prepare($this->_queries['getAllSurveys'])) { //execute query if(!$stmt->execute()) { return new ErrorObject($this->GetMysqlError($this->_queries['getAllSurveys']), E_VROOM_EXECUTE_QUERY_FAILED); } $stmt->store_result(); //bind the column values to variables $stmt->bind_result( $s_id, $s_name, $s_isActive, $s_modifiedBy, $s_modificationDate ); $surveys = array(); $surveyNumber = -1; //copy result from DB into bound variables while($stmt->fetch()) { $survey = array(); $survey['id'] = $s_id; $survey['text'] = $s_name; $survey['x'] = $s_isActive; $survey['y'] = $s_modifiedBy; $survey['z'] = $s_modificationDate; $surveys[++$surveyNumber] = $survey; } //return the data return $surveys; } else { return new ErrorObject($this->GetMysqlError($this->_queries['getAllSurveys']), E_VROOM_PREPARE_QUERY_FAILED); } } public function UpdateQuestionSet($surveyName, $questionSetId, $isActive, $adminId) { //updateQuestionSetModification $this->_dbConnection->autocommit(false); if($stmt = $this->_dbConnection->prepare($this->_queries['updateQuestionSet'])) { //bind parameters $stmt->bind_param('ssii', $adminId, $surveyName, $isActive, $questionSetId); //execute query if(!$stmt->execute()) { $e = new Admin_ErrorObject( E_VROOM_EXECUTE_QUERY_FAILED, $this->GetMysqlError($this->_queries['updateQuestionSet']) ); $this->_dbConnection->rollback(); return $e; } $this->_dbConnection->commit(); //return the data return true; } else { $e = new Admin_ErrorObject( E_VROOM_PREPARE_QUERY_FAILED, $this->GetMysqlError($this->_queries['updateQuestionSet']) ); $this->_dbConnection->rollback(); return $e; } } public function SearchSurvey($searchString, $isActive) { $query = 'SELECT `qs`.`questionset_id`, `qs`.`questionset_setname`, `qs`.`questionset_active`, `qs`.`questionset_modified_by`, `qs`.`questionset_modification_date`, COUNT(`qis`.`questionsinset_question_id`) as `question_count` FROM `question_set` `qs` LEFT OUTER JOIN `questions_in_set` `qis` ON `qs`.`questionset_id` = `qis`.`questionsinset_set_id` WHERE `questionset_setname` LIKE CONCAT(\'%\',?,\'%\')'; if($isActive === 0 || $isActive === 1) { $query = $query . ' AND `questionset_active` = '.intval($isActive); } //add rest of clauses $query = $query. ' GROUP BY `qs`.`questionset_id` ORDER BY `qs`.`questionset_modification_date` DESC'; if($stmt = $this->_dbConnection->prepare($query)) { //bind parameters $stmt->bind_param('s', $searchString); //execute query if(!$stmt->execute()) { return new ErrorObject($this->GetMysqlError($query), E_VROOM_EXECUTE_QUERY_FAILED); } $stmt->store_result(); //bind the column values to variables $stmt->bind_result( $set_id, $set_name, $set_isActive, $set_modifiedBy, $set_modifiedOn, $set_questionCount ); $sets = array(); //copy result from DB into bound variables while($stmt->fetch()) { $set = array(); $set['id'] = $set_id; $set['name'] = $set_name; $set['isActive'] = $set_isActive; $set['modifiedBy'] = $set_modifiedBy; $set['modifiedOn'] = $set_modifiedOn; $set['quesCount'] = $set_questionCount; $sets []= $set; } //return the data return $sets; } else { return new ErrorObject($this->GetMysqlError($query), E_VROOM_PREPARE_QUERY_FAILED); } } public function LogError($requestHash, $request) { } public function CloseConnection() { $this->_dbConnection->commit(); $this->_dbConnection->close(); } private function GetMysqlError($statement) { $mysqlErrorCode = $this->_dbConnection->errno; $mysqlErrorDescription = $this->_dbConnection->error; return "Statement: $statement, Mysql error code: $mysqlErrorCode, Mysql error description: $mysqlErrorDescription"; } } ?>
