Audition-system/api.php at main · Issah721/Audition-system · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
<?php
require_once 'db.php'; // $pdo object will be available

header('Content-Type: application/json');

// Determine action
$action = $_GET['action'] ?? '';

try {
    if ($_SERVER['REQUEST_METHOD'] === 'POST') {
        if ($action === 'add_judge') {
            if (empty($_POST['username']) || empty($_POST['display_name'])) {
                http_response_code(400);
                echo json_encode(['error' => 'Username and display name are required.']);
                exit;
            }
            $username = $_POST['username'];
            $display_name = $_POST['display_name'];

            // Check if username already exists
            $stmt = $pdo->prepare("SELECT judge_id FROM judges WHERE username = ?");
            $stmt->execute([$username]);
            if ($stmt->fetch()) {
                http_response_code(409);
                echo json_encode(['error' => 'Username already exists']);
                exit;
            }

            $stmt = $pdo->prepare("INSERT INTO judges (username, display_name) VALUES (?, ?)");
            $stmt->execute([$username, $display_name]);
            $judge_id = $pdo->lastInsertId();

            http_response_code(201);
            echo json_encode([
                "message" => "Judge added successfully",
                "judge" => ["judge_id" => $judge_id, "username" => $username, "display_name" => $display_name]
            ]);

        } elseif ($action === 'add_score') {
            if (!isset($_POST['judge_id']) || !isset($_POST['user_id']) || !isset($_POST['points'])) {
                http_response_code(400);
                echo json_encode(['error' => 'Judge ID, User ID, and Points are required.']);
                exit;
            }
            $judge_id = $_POST['judge_id'];
            $user_id = $_POST['user_id'];
            $points = $_POST['points'];

            // Validate inputs
            if (!filter_var($judge_id, FILTER_VALIDATE_INT) || !filter_var($user_id, FILTER_VALIDATE_INT) || !filter_var($points, FILTER_VALIDATE_INT)) {
                http_response_code(400);
                echo json_encode(['error' => 'Invalid input types. IDs and points must be integers.']);
                exit;
            }
            $points = (int)$points;
            if ($points < 1 || $points > 100) {
                http_response_code(400);
                echo json_encode(['error' => 'Points must be an integer between 1 and 100.']);
                exit;
            }

            // Check if judge exists
            $stmt = $pdo->prepare("SELECT judge_id FROM judges WHERE judge_id = ?");
            $stmt->execute([$judge_id]);
            if (!$stmt->fetch()) {
                http_response_code(400);
                echo json_encode(['error' => 'Judge not found.']);
                exit;
            }

            // Check if user exists
            $stmt = $pdo->prepare("SELECT user_id FROM users WHERE user_id = ?");
            $stmt->execute([$user_id]);
            if (!$stmt->fetch()) {
                http_response_code(400);
                echo json_encode(['error' => 'User not found.']);
                exit;
            }

            // Check if score already exists
            $stmt = $pdo->prepare("SELECT score_id FROM scores WHERE user_id = ? AND judge_id = ?");
            $stmt->execute([$user_id, $judge_id]);
            if ($stmt->fetch()) {
                http_response_code(409);
                echo json_encode(['error' => 'Score already submitted for this user by this judge']);
                exit;
            }

            $stmt = $pdo->prepare("INSERT INTO scores (user_id, judge_id, points) VALUES (?, ?, ?)");
            $stmt->execute([$user_id, $judge_id, $points]);

            http_response_code(201);
            echo json_encode(["message" => "Score submitted successfully"]);

        } else {
            http_response_code(404);
            echo json_encode(['error' => 'Endpoint not found']);
        }
    } elseif ($_SERVER['REQUEST_METHOD'] === 'GET') {
        if ($action === 'get_judges') {
            $stmt = $pdo->query("SELECT judge_id, username, display_name FROM judges");
            $judges = $stmt->fetchAll();
            http_response_code(200);
            echo json_encode($judges);

        } elseif ($action === 'get_users_not_scored') {
            if (!isset($_GET['judge_id'])) {
                http_response_code(400);
                echo json_encode(['error' => 'Judge ID is required.']);
                exit;
            }
            $judge_id = $_GET['judge_id'];
            if (!filter_var($judge_id, FILTER_VALIDATE_INT)) {
                http_response_code(400);
                echo json_encode(['error' => 'Invalid Judge ID. Must be an integer.']);
                exit;
            }

            $stmt = $pdo->prepare("SELECT u.user_id, u.username, u.display_name
                                   FROM users u
                                   LEFT JOIN scores s ON u.user_id = s.user_id AND s.judge_id = ?
                                   WHERE s.score_id IS NULL");
            $stmt->execute([$judge_id]);
            $users = $stmt->fetchAll();
            http_response_code(200);
            echo json_encode($users);

        } elseif ($action === 'get_scoreboard') {
            $stmt = $pdo->query("SELECT u.user_id, u.display_name, SUM(s.points) as total_points
                                 FROM users u
                                 JOIN scores s ON u.user_id = s.user_id
                                 GROUP BY u.user_id, u.display_name
                                 ORDER BY total_points DESC");
            $scoreboard = $stmt->fetchAll();
            http_response_code(200);
            echo json_encode($scoreboard);

        } else {
            http_response_code(404);
            echo json_encode(['error' => 'Endpoint not found']);
        }
    } else {
        http_response_code(405); // Method Not Allowed
        echo json_encode(['error' => 'Method not allowed']);
    }
} catch (PDOException $e) {
    error_log("PDOException: " . $e->getMessage()); // Log the detailed error
    http_response_code(500); // Internal Server Error
    echo json_encode(['error' => 'Database error: ' . $e->getMessage()]);
} catch (Exception $e) {
    error_log("Exception: " . $e->getMessage()); // Log the detailed error
    http_response_code(400); // Bad Request for other exceptions
    echo json_encode(['error' => $e->getMessage()]);
}

?>