Lka42RZE

1<?php
2$pageTitle       = "Student Introduction Quiz Results JSON";
3$pageDescription = "";
4$document_root   = $_SERVER['DOCUMENT_ROOT'];
5error_reporting(E_ALL & ~(E_STRICT | E_NOTICE));
6ini_set("display_errors", 1);
7date_default_timezone_set("America/New_York");
8?>
9<?php
10if (isset($_GET['inst_id'])) {
11  include("$document_root/includes/db_connectPDO.php");
12  include("$document_root/includes/api_service.php");
13
14  // TODO: Convert these to POST params
15  $inst_id = $_GET['inst_id'];
16  $inst_pw = $_GET['inst_pw'];
17  
18  $keystmt    = $conn->query("SELECT secret_key FROM apiAuth WHERE uuid = '$inst_id'");
19  $secret_key = $keystmt->fetch(PDO::FETCH_COLUMN);
20  
21  if ($secret_key == $inst_pw) {
22    
23    $namestmt         = $conn->query("SELECT institution_name FROM apiAuth WHERE uuid = '$inst_id'");
24    $institution_name = $namestmt->fetch(PDO::FETCH_COLUMN);
25    
26    try {
27      // TODO: Set this to the most recent timestamp for the institution
28      $default_from = date('Y-m-d', strtotime(' -50000 day'));
29
30      $day_from     = isset($_GET['day_from']) ?  date("Y-m-d", strtotime($_GET['day_from'])) : $default_from;
31      $day_until    = isset($_GET['day_until']) ? date("Y-m-d", strtotime($_GET['day_until'])) : date('Y-m-d');
32
33      $stmt = $conn->prepare("SELECT student_id FROM affiliateOrientations WHERE institution like '$institution_name' AND time BETWEEN '$day_from' AND '$day_until'"); 
34      $stmt->execute();
35      $orientations = $stmt->fetchAll(PDO::FETCH_COLUMN);
36      echo json_encode(new ArrayValue($orientations), JSON_PRETTY_PRINT);
37    }
38    catch (PDOException $e) {
39      echo "Error: " . $e->getMessage();
40    }
41    
42  } else {
43    echo 'You are not authorized to view this page.';
44  }
45}
46
47$conn = null;
48?>