admin/36018-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
36018-vm/accept-application.php
Flatlogic Bot dc54701498 N7 finsh finsh
2025-11-22 14:03:37 +00:00

68 lines
2.1 KiB
PHP
Raw Blame History

<?php
declare(strict_types=1);
session_start();
require_once 'db/config.php';
if (!isset($_SESSION['user_id'])) {
header("Location: /login.php");
exit;
}
$application_id = isset($_GET['id']) ? (int)$_GET['id'] : 0;
$user_id = $_SESSION['user_id'];
if (!$application_id) {
header("Location: /index.php");
exit;
}
$pdo = db();
// Begin a transaction
$pdo->beginTransaction();
try {
// Get application and task details, and ensure the current user owns the task
$stmt = $pdo->prepare(
"SELECT a.id as application_id, a.task_id, t.user_id as task_owner_id
FROM applications a
JOIN tasks t ON a.task_id = t.id
WHERE a.id = ? AND t.user_id = ?"
);
$stmt->execute([$application_id, $user_id]);
$application_info = $stmt->fetch(PDO::FETCH_ASSOC);
if (!$application_info) {
// If no result, either application doesn't exist or user doesn't own the task.
throw new Exception("Authorization failed or application not found.");
}
$task_id = $application_info['task_id'];
// 1. Update the accepted application's status to 'accepted'
$stmt = $pdo->prepare("UPDATE applications SET status = 'accepted' WHERE id = ?");
$stmt->execute([$application_id]);
// 2. Update the task's status to 'assigned'
$stmt = $pdo->prepare("UPDATE tasks SET status = 'assigned' WHERE id = ?");
$stmt->execute([$task_id]);
// 3. Reject all other pending applications for this task
$stmt = $pdo->prepare("UPDATE applications SET status = 'rejected' WHERE task_id = ? AND id != ? AND status = 'pending'");
$stmt->execute([$task_id, $application_id]);
// If all queries were successful, commit the transaction
$pdo->commit();
header("Location: /task-details.php?id=" . $task_id . "&message=application_accepted");
exit;
} catch (Exception $e) {
// If any query fails, roll back the transaction
$pdo->rollBack();
error_log($e->getMessage());
// Redirect with a generic error. Avoid exposing specific DB errors.
header("Location: /task-details.php?id=" . ($task_id ?? 0) . "&message=acceptance_failed");
exit;
}
Reference in New Issue View Git Blame Copy Permalink