nce/nc_update_readcnt_db.php

   1 <?php
   2 /*
   3  nce (ntch cloud environment.)
   4  name: nc_update_readcnt_db.php
   5  author: Akira Ohta (akohta001.gmail.com)
   6  date: 2013-apr-14th
   7  description:
   8  License: GPLv3
   9  */
  10 include_once "account.php";
  11 include_once "preference.php";
  12 include_once "database.php";
  13 include_once "log.php";
  14 include_once "http_util.php";
  15 include_once "error_code.php";
  16
  17 $user_id = $_POST['user'];
  18 $hashed_passwd = $_POST['hashed_passwd'];
  19 $board_name = $_POST['board_name'];
  20 $dat_name = $_POST['dat_name'];
  21 $res_number = $_POST['res_number'];
  22 $record_type = $_POST['record_type'];
  23
  24 //--- authorization ---
  25 $user = chk_passwd( $user_id, $hashed_passwd);
  26 if(FALSE === $user){
  27         echo $ERROR_MSG;
  28         exit;
  29 }
  30
  31 //--- parameter check start ---
  32 if(!chk_param($board_name) || !chk_param($dat_name) ||
  33         !chk_param($res_number) || !chk_param($record_type)){
  34         echo ERROR303;
  35         exit;
  36 }
  37
  38 if(!is_numeric($record_type)){
  39         echo ERROR303;
  40         exit;
  41 }
  42
  43 if(1 != $record_type && 4 != $record_type){
  44         echo ERROR304;
  45         exit;
  46 }
  47
  48 //--- parameter check end ---
  49
  50 $table_name = TABLE_PREFIX."tbl{$user->home_dir}";
  51
  52 $query1 = <<< QUERY1
  53 select id from $table_name
  54  where record_type="{$record_type}" and
  55  board_name='{$board_name}' and
  56   dat_name='{$dat_name}'
  57 QUERY1;
  58
  59 $query2 = <<< QUERY2
  60 insert into  $table_name
  61          (record_type, res_number, dat_name, board_name)
  62          values ('{$record_type}', '{$res_number}', "{$dat_name}", "{$board_name}")
  63 QUERY2;
  64
  65 $query3 = <<< QUERY3
  66 update $table_name
  67         set res_number="{$res_number}"
  68         where record_type="{$record_type}" and
  69                 board_name="{$board_name}" and
  70                 dat_name='{$dat_name}'
  71 QUERY3;
  72
  73 try{
  74         $db->open();
  75         $result = $db->execute($query1);
  76         if(!$result || 0 == $result->num_rows){
  77                 $result = $db->execute($query2);
  78                 if(!$result){
  79                         echo ERROR501;
  80                         exit;
  81                 }
  82         }else{
  83                 $result = $db->execute($query3);
  84                 if(!$result){
  85                         echo ERROR502;
  86                         exit;
  87                 }
  88         }
  89         $db->close();
  90 }catch(Exception $e){
  91         $error = __FILE__."(".__LINE__.
  92                 ") An error occured during update a record.";
  93         nc_logging($error, $e);
  94         echo ERROR500;
  95         exit;
  96 }
  97
  98 echo SUCCESS100;
  99
 100 ?>