datatable.php

1. <?php
2. // Database details
3. $db_server   = 'localhost';
4. $db_username = 'root';
5. $db_password = '';
6. $db_name     = 'register';
7.  
8. // Get job (and id)
9. $job = '';
10. $id  = '';
11. if (isset($_GET['job'])){
12.   $job = $_GET['job'];
13.   if ($job == 'get_companies' ||
14.       $job == 'get_company'   ||
15.       $job == 'add_company'   ||
16.       $job == 'edit_company'  ||
17.       $job == 'delete_company'){
18.     if (isset($_GET['id'])){
19.       $id = $_GET['id'];
20.       if (!is_numeric($id)){
21.         $id = '';
22.       }
23.     }
24.   } else {
25.     $job = '';
26.   }
27. }
28.  
29. // Prepare array
30. $mysql_data = array();
31.  
32. // Valid job found
33. if ($job != ''){
34.  
35.   // Connect to database
36.   $db_connection = mysqli_connect($db_server, $db_username, $db_password, $db_name);
37.   if (mysqli_connect_errno()){
38.     $result  = 'error';
39.     $message = 'Failed to connect to database: ' . mysqli_connect_error();
40.     $job     = '';
41.   }
42.  
43.   // Execute job
44.   if ($job == 'get_companies'){
45.    
46.     // Get companies
47.     $query = "SELECT * FROM questions ORDER BY id";
48.     $query = mysqli_query($db_connection, $query);
49.     if (!$query){
50.       $result  = 'error';
51.       $message = 'query error';
52.     } else {
53.       $result  = 'success';
54.       $message = 'query success';
55.      
56.       while ($company = mysqli_fetch_array($query)){
57.         $functions  = '<div class="function_buttons"><ul>';
58.         $functions .= '<li class="function_edit"><a data-id="'   . $company['id'] . '" data-name="' . $company['quest_desc'] . '"><span>Edit</span></a></li>';
59.         $functions .= '<li class="function_delete"><a data-id="' . $company['id'] . '" data-name="' . $company['quest_desc'] . '"><span>Delete</span></a></li>';
60.         $functions .= '</ul></div>';
61.         $mysql_data[] = array(
62.           "quest_desc"   => $company['quest_desc'],
63.           "ans1"      => $company['ans1'],
64.           "ans2"      => $company['ans2'],
65.           "ans3"      => $company['ans3'],
66.           "ans4"      => $company['ans4'],
67.           "ans5"      => $company['ans5'],
68.           "correct_ans" => $company['correct_ans'],
69.           "functions"    => $functions
70.         );
71.       }
72.     }
73.    
74.   } elseif ($job == 'get_company'){
75.    
76.     // Get company
77.     if ($id == ''){
78.       $result  = 'error';
79.       $message = 'id missing';
80.     } else {
81.       $query = "SELECT * FROM questions WHERE id = '" . mysqli_real_escape_string($db_connection, $id) . "'";
82.       $query = mysqli_query($db_connection, $query);
83.       if (!$query){
84.         $result  = 'error';
85.         $message = 'query error';
86.       } else {
87.         $result  = 'success';
88.         $message = 'query success';
89.         while ($company = mysqli_fetch_array($query)){
90.           $mysql_data[] = array(
91.             "quest_desc"   => $company['quest_desc'],
92.             "ans1"      => $company['ans1'],
93.             "ans2"      => $company['ans2'],
94.             "ans3"      => $company['ans3'],
95.             "ans4"      => $company['ans4'],
96.             "ans5"      => $company['ans5'],
97.             "correct_ans" => $company['correct_ans'],
98.           );
99.         }
100.       }
101.     }
102.  
103.   } elseif ($job == 'add_company'){
104.    
105.     // Add company
106.     $query = "INSERT INTO questions SET ";
107.     if (isset($_GET['quest_desc']))         { $query .= "quest_desc         = '" . mysqli_real_escape_string($db_connection, $_GET['quest_desc'])         . "', "; }
108.  
109.     if (isset($_GET['ans1'])) { $query .= "ans1 = '" . mysqli_real_escape_string($db_connection, $_GET['ans1']) . "', "; }
110.  
111.     if (isset($_GET['ans2']))   { $query .= "ans2   = '" . mysqli_real_escape_string($db_connection, $_GET['ans2'])   . "', "; }
112.  
113.     if (isset($_GET['ans3']))      { $query .= "ans3      = '" . mysqli_real_escape_string($db_connection, $_GET['ans3'])      . "', "; }
114.  
115.     if (isset($_GET['ans4']))  { $query .= "ans4  = '" . mysqli_real_escape_string($db_connection, $_GET['ans4'])  . "', "; }
116.  
117.     if (isset($_GET['ans5']))    { $query .= "ans5    = '" . mysqli_real_escape_string($db_connection, $_GET['ans5'])    . "', "; }
118.  
119.     if (isset($_GET['correct_ans']))   { $query .= "correct_ans   = '" . mysqli_real_escape_string($db_connection, $_GET['correct_ans'])   . "', "; }
120.  
121.     $query = mysqli_query($db_connection, $query);
122.     if (!$query){
123.       $result  = 'error';
124.       $message = 'query error';
125.     } else {
126.       $result  = 'success';
127.       $message = 'query success';
128.     }
129.  
130.   } elseif ($job == 'edit_company'){
131.    
132.     // Edit company
133.     if ($id == ''){
134.       $result  = 'error';
135.       $message = 'id missing';
136.     } else {
137.       $query = "UPDATE it_companies SET ";
138.       if (isset($_GET['quest_desc']))         { $query .= "quest_desc         = '" . mysqli_real_escape_string($db_connection, $_GET['rank'])         . "', "; }
139.       if (isset($_GET['ans1'])) { $query .= "ans1 = '" . mysqli_real_escape_string($db_connection, $_GET['ans1']) . "', "; }
140.       if (isset($_GET['ans2']))   { $query .= "ans2  = '" . mysqli_real_escape_string($db_connection, $_GET['ans2'])   . "', "; }
141.       if (isset($_GET['ans3']))      { $query .= "ans3      = '" . mysqli_real_escape_string($db_connection, $_GET['ans3'])      . "', "; }
142.       if (isset($_GET['ans3']))  { $query .= "ans3  = '" . mysqli_real_escape_string($db_connection, $_GET['ans3'])  . "', "; }
143.       if (isset($_GET['ans4']))    { $query .= "ans4    = '" . mysqli_real_escape_string($db_connection, $_GET['ans4'])    . "', "; }
144.       if (isset($_GET['ans5']))   { $query .= "ans5   = '" . mysqli_real_escape_string($db_connection, $_GET['ans5'])   . "', "; }
145.       if (isset($_GET['correct_ans'])) { $query .= "correct_ans = '" . mysqli_real_escape_string($db_connection, $_GET['correct_ans']) . "'";   }
146.       $query .= "WHERE id = '" . mysqli_real_escape_string($db_connection, $id) . "'";
147.       $query  = mysqli_query($db_connection, $query);
148.       if (!$query){
149.         $result  = 'error';
150.         $message = 'query error';
151.       } else {
152.         $result  = 'success';
153.         $message = 'query success';
154.       }
155.     }
156.    
157.   } elseif ($job == 'delete_company'){
158.  
159.     // Delete company
160.     if ($id == ''){
161.       $result  = 'error';
162.       $message = 'id missing';
163.     } else {
164.       $query = "DELETE FROM questions WHERE id = '" . mysqli_real_escape_string($db_connection, $id) . "'";
165.       $query = mysqli_query($db_connection, $query);
166.       if (!$query){
167.         $result  = 'error';
168.         $message = 'query error';
169.       } else {
170.         $result  = 'success';
171.         $message = 'query success';
172.       }
173.     }
174.  
175.   }
176.  
177.   // Close database connection
178.   mysqli_close($db_connection);
179.  
180. }
181.  
182. // Prepare data
183. $data = array(
184.   "result"  => $result,
185.   "message" => $message,
186.   "data"    => $mysql_data
187. );
188.  
189. // Convert PHP array to JSON array
190. $json_data = json_encode($data);
191. print $json_data;
192. ?>