216 lines
8.5 KiB
PHP
216 lines
8.5 KiB
PHP
<?php
|
|
require_once __DIR__ . '/../common.php';
|
|
require_once __DIR__ . '/../db_init.php';
|
|
|
|
header('Content-Type: application/json; charset=UTF-8');
|
|
|
|
$tokenRec = require_valid_token();
|
|
$method = $_SERVER['REQUEST_METHOD'];
|
|
|
|
switch ($method) {
|
|
|
|
case 'GET':
|
|
$qnID = $_GET['questionnaireID'] ?? '';
|
|
if (!$qnID) {
|
|
http_response_code(400);
|
|
echo json_encode(["error" => "questionnaireID query param required"]);
|
|
exit;
|
|
}
|
|
[$pdo, $tmpDb, $lockFp] = qdb_open(false);
|
|
|
|
$stmt = $pdo->prepare("
|
|
SELECT questionID, questionnaireID, defaultText, type, orderIndex, isRequired, configJson
|
|
FROM question WHERE questionnaireID = :qid ORDER BY orderIndex
|
|
");
|
|
$stmt->execute([':qid' => $qnID]);
|
|
$questions = $stmt->fetchAll(PDO::FETCH_ASSOC);
|
|
|
|
foreach ($questions as &$q) {
|
|
$q['isRequired'] = (int)$q['isRequired'];
|
|
$q['orderIndex'] = (int)$q['orderIndex'];
|
|
$q['configJson'] = $q['configJson'] ?: '{}';
|
|
$ao = $pdo->prepare("
|
|
SELECT answerOptionID, questionID, defaultText, points, orderIndex, nextQuestionId
|
|
FROM answer_option WHERE questionID = :qid ORDER BY orderIndex
|
|
");
|
|
$ao->execute([':qid' => $q['questionID']]);
|
|
$q['answerOptions'] = $ao->fetchAll(PDO::FETCH_ASSOC);
|
|
foreach ($q['answerOptions'] as &$opt) {
|
|
$opt['points'] = (int)$opt['points'];
|
|
$opt['orderIndex'] = (int)$opt['orderIndex'];
|
|
}
|
|
|
|
$tr = $pdo->prepare("SELECT languageCode, text FROM question_translation WHERE questionID = :qid");
|
|
$tr->execute([':qid' => $q['questionID']]);
|
|
$q['translations'] = $tr->fetchAll(PDO::FETCH_ASSOC);
|
|
}
|
|
unset($q);
|
|
|
|
qdb_discard($tmpDb, $lockFp);
|
|
echo json_encode(["success" => true, "questions" => $questions]);
|
|
break;
|
|
|
|
case 'POST':
|
|
require_role(['admin', 'supervisor'], $tokenRec);
|
|
$body = json_decode(file_get_contents('php://input'), true);
|
|
if (!$body || empty($body['questionnaireID']) || !isset($body['defaultText'])) {
|
|
http_response_code(400);
|
|
echo json_encode(["error" => "questionnaireID and defaultText required"]);
|
|
exit;
|
|
}
|
|
|
|
$id = bin2hex(random_bytes(16));
|
|
$qnID = $body['questionnaireID'];
|
|
$text = trim($body['defaultText']);
|
|
$type = trim($body['type'] ?? '');
|
|
$order = (int)($body['orderIndex'] ?? 0);
|
|
$req = (int)($body['isRequired'] ?? 0);
|
|
$config = $body['configJson'] ?? '{}';
|
|
|
|
[$pdo, $tmpDb, $lockFp] = qdb_open(true);
|
|
try {
|
|
$chk = $pdo->prepare("SELECT 1 FROM questionnaire WHERE questionnaireID = :id");
|
|
$chk->execute([':id' => $qnID]);
|
|
if (!$chk->fetch()) {
|
|
qdb_discard($tmpDb, $lockFp);
|
|
http_response_code(404);
|
|
echo json_encode(["error" => "Questionnaire not found"]);
|
|
exit;
|
|
}
|
|
|
|
if ($order === 0) {
|
|
$max = $pdo->prepare("SELECT COALESCE(MAX(orderIndex),0)+1 FROM question WHERE questionnaireID = :id");
|
|
$max->execute([':id' => $qnID]);
|
|
$order = (int)$max->fetchColumn();
|
|
}
|
|
|
|
$pdo->prepare("INSERT INTO question (questionID, questionnaireID, defaultText, type, orderIndex, isRequired, configJson)
|
|
VALUES (:id, :qid, :t, :ty, :o, :r, :cj)")
|
|
->execute([':id' => $id, ':qid' => $qnID, ':t' => $text, ':ty' => $type,
|
|
':o' => $order, ':r' => $req, ':cj' => $config]);
|
|
qdb_save($tmpDb, $lockFp);
|
|
echo json_encode(["success" => true, "question" => [
|
|
"questionID" => $id, "questionnaireID" => $qnID, "defaultText" => $text,
|
|
"type" => $type, "orderIndex" => $order, "isRequired" => $req,
|
|
"configJson" => $config, "answerOptions" => [], "translations" => []
|
|
]]);
|
|
} catch (Throwable $e) {
|
|
qdb_discard($tmpDb, $lockFp);
|
|
http_response_code(500);
|
|
error_log($e->getMessage());
|
|
echo json_encode(["error" => "Server error"]);
|
|
}
|
|
break;
|
|
|
|
case 'PUT':
|
|
require_role(['admin', 'supervisor'], $tokenRec);
|
|
$body = json_decode(file_get_contents('php://input'), true);
|
|
if (!$body || empty($body['questionID'])) {
|
|
http_response_code(400);
|
|
echo json_encode(["error" => "questionID is required"]);
|
|
exit;
|
|
}
|
|
$id = $body['questionID'];
|
|
|
|
[$pdo, $tmpDb, $lockFp] = qdb_open(true);
|
|
try {
|
|
$existing = $pdo->prepare("SELECT * FROM question WHERE questionID = :id");
|
|
$existing->execute([':id' => $id]);
|
|
$row = $existing->fetch(PDO::FETCH_ASSOC);
|
|
if (!$row) {
|
|
qdb_discard($tmpDb, $lockFp);
|
|
http_response_code(404);
|
|
echo json_encode(["error" => "Question not found"]);
|
|
exit;
|
|
}
|
|
|
|
$text = trim($body['defaultText'] ?? $row['defaultText']);
|
|
$type = trim($body['type'] ?? $row['type']);
|
|
$order = (int)($body['orderIndex'] ?? $row['orderIndex']);
|
|
$req = (int)($body['isRequired'] ?? $row['isRequired']);
|
|
$config = $body['configJson'] ?? $row['configJson'];
|
|
|
|
$pdo->prepare("UPDATE question SET defaultText = :t, type = :ty, orderIndex = :o, isRequired = :r, configJson = :cj WHERE questionID = :id")
|
|
->execute([':t' => $text, ':ty' => $type, ':o' => $order, ':r' => $req, ':cj' => $config, ':id' => $id]);
|
|
qdb_save($tmpDb, $lockFp);
|
|
echo json_encode(["success" => true, "question" => [
|
|
"questionID" => $id, "questionnaireID" => $row['questionnaireID'],
|
|
"defaultText" => $text, "type" => $type, "orderIndex" => $order, "isRequired" => $req,
|
|
"configJson" => $config
|
|
]]);
|
|
} catch (Throwable $e) {
|
|
qdb_discard($tmpDb, $lockFp);
|
|
http_response_code(500);
|
|
error_log($e->getMessage());
|
|
echo json_encode(["error" => "Server error"]);
|
|
}
|
|
break;
|
|
|
|
case 'DELETE':
|
|
require_role(['admin', 'supervisor'], $tokenRec);
|
|
$body = json_decode(file_get_contents('php://input'), true);
|
|
if (!$body || empty($body['questionID'])) {
|
|
http_response_code(400);
|
|
echo json_encode(["error" => "questionID is required"]);
|
|
exit;
|
|
}
|
|
$id = $body['questionID'];
|
|
|
|
[$pdo, $tmpDb, $lockFp] = qdb_open(true);
|
|
try {
|
|
$pdo->exec("PRAGMA foreign_keys = OFF;");
|
|
$pdo->beginTransaction();
|
|
|
|
$aoIds = $pdo->prepare("SELECT answerOptionID FROM answer_option WHERE questionID = :id");
|
|
$aoIds->execute([':id' => $id]);
|
|
foreach ($aoIds->fetchAll(PDO::FETCH_COLUMN) as $aoid) {
|
|
$pdo->prepare("DELETE FROM answer_option_translation WHERE answerOptionID = :id")->execute([':id' => $aoid]);
|
|
}
|
|
$pdo->prepare("DELETE FROM answer_option WHERE questionID = :id")->execute([':id' => $id]);
|
|
$pdo->prepare("DELETE FROM question_translation WHERE questionID = :id")->execute([':id' => $id]);
|
|
$pdo->prepare("DELETE FROM client_answer WHERE questionID = :id")->execute([':id' => $id]);
|
|
$pdo->prepare("DELETE FROM question WHERE questionID = :id")->execute([':id' => $id]);
|
|
|
|
$pdo->commit();
|
|
$pdo->exec("PRAGMA foreign_keys = ON;");
|
|
qdb_save($tmpDb, $lockFp);
|
|
echo json_encode(["success" => true]);
|
|
} catch (Throwable $e) {
|
|
if ($pdo->inTransaction()) $pdo->rollBack();
|
|
qdb_discard($tmpDb, $lockFp);
|
|
http_response_code(500);
|
|
error_log($e->getMessage());
|
|
echo json_encode(["error" => "Server error"]);
|
|
}
|
|
break;
|
|
|
|
case 'PATCH':
|
|
require_role(['admin', 'supervisor'], $tokenRec);
|
|
$body = json_decode(file_get_contents('php://input'), true);
|
|
if (!$body || empty($body['questionnaireID']) || !is_array($body['order'] ?? null)) {
|
|
http_response_code(400);
|
|
echo json_encode(["error" => "questionnaireID and order[] required"]);
|
|
exit;
|
|
}
|
|
|
|
[$pdo, $tmpDb, $lockFp] = qdb_open(true);
|
|
try {
|
|
$stmt = $pdo->prepare("UPDATE question SET orderIndex = :o WHERE questionID = :id AND questionnaireID = :qid");
|
|
foreach ($body['order'] as $idx => $qid) {
|
|
$stmt->execute([':o' => $idx, ':id' => $qid, ':qid' => $body['questionnaireID']]);
|
|
}
|
|
qdb_save($tmpDb, $lockFp);
|
|
echo json_encode(["success" => true]);
|
|
} catch (Throwable $e) {
|
|
qdb_discard($tmpDb, $lockFp);
|
|
http_response_code(500);
|
|
error_log($e->getMessage());
|
|
echo json_encode(["error" => "Server error"]);
|
|
}
|
|
break;
|
|
|
|
default:
|
|
http_response_code(405);
|
|
echo json_encode(["error" => "Method not allowed"]);
|
|
}
|