adding file upload & tags
This commit is contained in:
+128
-2
@@ -73,6 +73,16 @@ try {
|
||||
case 'registration':
|
||||
handleRegistration($method, $db);
|
||||
break;
|
||||
case 'attachments':
|
||||
handleAttachments($method, $id, $db);
|
||||
break;
|
||||
case 'tags':
|
||||
if ($method === 'GET') {
|
||||
echo json_encode($db->query("SELECT DISTINCT tag FROM event_tags ORDER BY tag")->fetchAll(PDO::FETCH_COLUMN));
|
||||
} else {
|
||||
http_response_code(405);
|
||||
}
|
||||
break;
|
||||
default:
|
||||
http_response_code(404);
|
||||
echo json_encode(['error' => 'Not found']);
|
||||
@@ -315,6 +325,23 @@ function handleTeams($method, $id, $db) {
|
||||
}
|
||||
}
|
||||
|
||||
function loadEventTags($eventId, $db) {
|
||||
$tstmt = $db->prepare("SELECT tag FROM event_tags WHERE event_id = ? ORDER BY tag");
|
||||
$tstmt->execute([$eventId]);
|
||||
return array_column($tstmt->fetchAll(PDO::FETCH_ASSOC), 'tag');
|
||||
}
|
||||
|
||||
function saveEventTags($eventId, $tags, $db) {
|
||||
$db->prepare("DELETE FROM event_tags WHERE event_id = ?")->execute([$eventId]);
|
||||
if (!empty($tags)) {
|
||||
$istmt = $db->prepare("INSERT IGNORE INTO event_tags (event_id, tag) VALUES (?, ?)");
|
||||
foreach ($tags as $tag) {
|
||||
$tag = trim($tag);
|
||||
if ($tag !== '') $istmt->execute([$eventId, $tag]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
function handleEvents($method, $id, $db) {
|
||||
switch ($method) {
|
||||
case 'GET':
|
||||
@@ -330,19 +357,28 @@ function handleEvents($method, $id, $db) {
|
||||
$cstmt = $db->prepare("SELECT * FROM comments WHERE event_id = ? ORDER BY created_at ASC");
|
||||
$cstmt->execute([$id]);
|
||||
$event['comments'] = $cstmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
$event['tags'] = loadEventTags($id, $db);
|
||||
}
|
||||
echo json_encode($event);
|
||||
} else {
|
||||
$teamFilter = $_GET['team_id'] ?? null;
|
||||
$tagFilter = $_GET['tag'] ?? null;
|
||||
$sql = "
|
||||
SELECT e.*, t.name AS team_name, t.color AS team_color
|
||||
FROM events e JOIN teams t ON e.team_id = t.id
|
||||
";
|
||||
$params = [];
|
||||
$conditions = [];
|
||||
if ($teamFilter) {
|
||||
$sql .= " WHERE e.team_id = ?";
|
||||
$conditions[] = "e.team_id = ?";
|
||||
$params[] = $teamFilter;
|
||||
}
|
||||
if ($tagFilter) {
|
||||
$sql .= " JOIN event_tags et ON e.id = et.event_id";
|
||||
$conditions[] = "et.tag = ?";
|
||||
$params[] = $tagFilter;
|
||||
}
|
||||
if ($conditions) $sql .= " WHERE " . implode(' AND ', $conditions);
|
||||
$sql .= " ORDER BY e.occurred_at DESC";
|
||||
$stmt = $db->prepare($sql);
|
||||
$stmt->execute($params);
|
||||
@@ -351,6 +387,7 @@ function handleEvents($method, $id, $db) {
|
||||
$cstmt = $db->prepare("SELECT * FROM comments WHERE event_id = ? ORDER BY created_at ASC");
|
||||
$cstmt->execute([$event['id']]);
|
||||
$event['comments'] = $cstmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
$event['tags'] = loadEventTags($event['id'], $db);
|
||||
}
|
||||
echo json_encode($events);
|
||||
}
|
||||
@@ -369,7 +406,11 @@ function handleEvents($method, $id, $db) {
|
||||
$data['event_type'] ?? 'general',
|
||||
$data['occurred_at'] ?? date('Y-m-d H:i:s')
|
||||
]);
|
||||
echo json_encode(['id' => $db->lastInsertId()]);
|
||||
$eventId = $db->lastInsertId();
|
||||
if (isset($data['tags']) && is_array($data['tags'])) {
|
||||
saveEventTags($eventId, $data['tags'], $db);
|
||||
}
|
||||
echo json_encode(['id' => $eventId]);
|
||||
break;
|
||||
case 'PUT':
|
||||
if ($id) {
|
||||
@@ -387,11 +428,21 @@ function handleEvents($method, $id, $db) {
|
||||
$stmt = $db->prepare("UPDATE events SET " . implode(', ', $fields) . " WHERE id = ?");
|
||||
$stmt->execute($params);
|
||||
}
|
||||
if (isset($data['tags']) && is_array($data['tags'])) {
|
||||
saveEventTags($id, $data['tags'], $db);
|
||||
}
|
||||
echo json_encode(['updated' => true]);
|
||||
}
|
||||
break;
|
||||
case 'DELETE':
|
||||
if ($id) {
|
||||
// Delete attachments from disk
|
||||
$stmt = $db->prepare("SELECT stored_name FROM file_attachments WHERE event_id = ?");
|
||||
$stmt->execute([$id]);
|
||||
foreach ($stmt->fetchAll(PDO::FETCH_ASSOC) as $att) {
|
||||
$path = '/var/www/uploads/' . $att['stored_name'];
|
||||
if (file_exists($path)) unlink($path);
|
||||
}
|
||||
$stmt = $db->prepare("DELETE FROM events WHERE id = ?");
|
||||
$stmt->execute([$id]);
|
||||
echo json_encode(['deleted' => true]);
|
||||
@@ -612,6 +663,81 @@ function handleDocuments($method, $id, $db) {
|
||||
}
|
||||
}
|
||||
|
||||
function handleAttachments($method, $id, $db) {
|
||||
$username = $_SESSION['neptune_username'] ?? 'Unknown';
|
||||
$uploadDir = '/var/www/uploads/';
|
||||
|
||||
switch ($method) {
|
||||
case 'GET':
|
||||
$eventId = $_GET['event_id'] ?? null;
|
||||
if ($eventId) {
|
||||
$stmt = $db->prepare("SELECT id, event_id, original_name, stored_name, mime_type, file_size, uploaded_by, created_at FROM file_attachments WHERE event_id = ? ORDER BY created_at ASC");
|
||||
$stmt->execute([$eventId]);
|
||||
echo json_encode($stmt->fetchAll(PDO::FETCH_ASSOC));
|
||||
} else {
|
||||
http_response_code(400);
|
||||
echo json_encode(['error' => 'event_id required']);
|
||||
}
|
||||
break;
|
||||
|
||||
case 'POST':
|
||||
if (!isset($_FILES['file']) || $_FILES['file']['error'] !== UPLOAD_ERR_OK) {
|
||||
http_response_code(400);
|
||||
echo json_encode(['error' => 'Upload failed']);
|
||||
return;
|
||||
}
|
||||
$eventId = $_POST['event_id'] ?? null;
|
||||
if (!$eventId) {
|
||||
http_response_code(400);
|
||||
echo json_encode(['error' => 'event_id required']);
|
||||
return;
|
||||
}
|
||||
$file = $_FILES['file'];
|
||||
$ext = pathinfo($file['name'], PATHINFO_EXTENSION);
|
||||
$storedName = uniqid('att_', true) . '.' . $ext;
|
||||
$dest = $uploadDir . $storedName;
|
||||
|
||||
if (!is_dir($uploadDir)) {
|
||||
mkdir($uploadDir, 0755, true);
|
||||
}
|
||||
|
||||
if (!move_uploaded_file($file['tmp_name'], $dest)) {
|
||||
http_response_code(500);
|
||||
echo json_encode(['error' => 'Failed to save file']);
|
||||
return;
|
||||
}
|
||||
|
||||
$stmt = $db->prepare("
|
||||
INSERT INTO file_attachments (event_id, original_name, stored_name, mime_type, file_size, uploaded_by)
|
||||
VALUES (?, ?, ?, ?, ?, ?)
|
||||
");
|
||||
$stmt->execute([
|
||||
$eventId,
|
||||
$file['name'],
|
||||
$storedName,
|
||||
$file['type'] ?: 'application/octet-stream',
|
||||
$file['size'],
|
||||
$username
|
||||
]);
|
||||
echo json_encode(['id' => $db->lastInsertId()]);
|
||||
break;
|
||||
|
||||
case 'DELETE':
|
||||
if ($id) {
|
||||
$stmt = $db->prepare("SELECT stored_name FROM file_attachments WHERE id = ?");
|
||||
$stmt->execute([$id]);
|
||||
$att = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
if ($att) {
|
||||
$path = $uploadDir . $att['stored_name'];
|
||||
if (file_exists($path)) unlink($path);
|
||||
$db->prepare("DELETE FROM file_attachments WHERE id = ?")->execute([$id]);
|
||||
}
|
||||
echo json_encode(['deleted' => true]);
|
||||
}
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
function handleShapes($method, $id, $db) {
|
||||
switch ($method) {
|
||||
case 'GET':
|
||||
|
||||
@@ -58,6 +58,22 @@ function migrate($db) {
|
||||
setting_key VARCHAR(100) PRIMARY KEY,
|
||||
setting_value TEXT NOT NULL
|
||||
)");
|
||||
try { $db->exec("CREATE TABLE IF NOT EXISTS file_attachments (
|
||||
id INT AUTO_INCREMENT PRIMARY KEY,
|
||||
event_id INT NOT NULL,
|
||||
original_name VARCHAR(255) NOT NULL,
|
||||
stored_name VARCHAR(255) NOT NULL,
|
||||
mime_type VARCHAR(100),
|
||||
file_size INT,
|
||||
uploaded_by VARCHAR(100),
|
||||
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
|
||||
)"); } catch (Exception $e) {}
|
||||
try { $db->exec("CREATE TABLE IF NOT EXISTS event_tags (
|
||||
id INT AUTO_INCREMENT PRIMARY KEY,
|
||||
event_id INT NOT NULL,
|
||||
tag VARCHAR(50) NOT NULL,
|
||||
UNIQUE KEY unique_event_tag (event_id, tag)
|
||||
)"); } catch (Exception $e) {}
|
||||
try {
|
||||
$stmt = $db->prepare("SELECT COUNT(*) as c FROM neptune_settings WHERE setting_key = 'registration_enabled'");
|
||||
$stmt->execute();
|
||||
|
||||
Reference in New Issue
Block a user