db = database.Database()
api = api.Api("json")
# Ensure the correct post keys were sent
if api.check_keys(
("member_id", "session_id", "name", "mobile", "emergency_ph")):
member_id = api.request["member_id"].value
session_id = api.request["session_id"].value
name = api.request["name"].value
mobile = api.request["mobile"].value
emergency_ph = api.request["emergency_ph"].value
# Ensure user is logged in
if db.check_session(member_id, session_id):
sql = ("UPDATE member SET " + "name = '" + name + "', " +
"mobile = '" + mobile + "', " + "emergency_ph = '" +
emergency_ph + "' " + "WHERE member_id = " + member_id + ";")
db.cur.execute(sql)
response = api.set_returncode(0)
else:
response = api.set_return_code(1)
else:
response = api.set_returncode(5)
# Send response
api.send_response()
# Close db connection
db.close()
api = api.Api("json")
# Ensure the correct post keys were sent
if api.check_keys(
("member_id", "session_id", "society_id", "committee_email")):
chair_id = api.request["member_id"].value
session_id = api.request["session_id"].value
society_id = api.request["society_id"].value
member_email = api.request["committee_email"].value
if db.check_session(chair_id, session_id):
if db.check_chair(chair_id, society_id):
sql = "SELECT member_id FROM member WHERE email LIKE '" + member_email + "'"
try:
db.cur.execute(sql)
api.set_returncode(0)
except:
api.set_returncode(6)
if db.cur.rowcount == 1:
row = db.cur.fetchone()
member_id = str(row[0])
# Remove committee member
sql = "DELETE FROM committee_society WHERE(member_id = " + member_id + " AND society_id = " + society_id + ");"
try:
db.cur.execute(sql)
response = api.set_returncode(0)
except:
# Database error
response = api.set_returncode(6)
else:
api.set_returncode(6)
try:
db.cur.execute(sql)
result = db.cur.fetchall()
soc_arr = []
for row in result:
soc_details = {}
soc_details["society_id"] = row[0]
soc_details["name"] = row[1]
soc_details["email"] = row[2]
soc_details["description"] = row[3]
soc_arr.append(soc_details)
api.set_returncode(0)
api.update_response("society_details", soc_arr)
except:
api.set_returncode(6)
else:
api.set_returncode(1)
else:
api.set_returncode(5)
# Send response
api.send_response()
# Close db connection
db.close()
# Check that the user is not already a member
if not db.check_member(member_id, society_id):
# Check if the token is valid
try:
sql = "SELECT * FROM join_token WHERE(society_id = " + society_id + " AND token = '" + token + "');"
db.cur.execute(sql)
if db.cur.rowcount != 0:
# Insert the user into the database
sql = "INSERT INTO member_society(member_id, society_id) VALUES(" + member_id + ", " + society_id + ");"
db.cur.execute(sql)
# Remove the qr code and database entry for the token
path = "/var/www/html/img/" + token + ".png"
subprocess.call(["rm", path])
sql = "DELETE FROM join_token WHERE(token = '" + token + "')"
db.cur.execute(sql)
response = api.set_returncode(0)
else:
# Invalid join token
response = api.set_returncode(8)
except Exception as e:
# Database error
response = api.set_returncode(6)
api.update_response("dberror", str(e))
else:
response = api.set_returncode(9)
else:
# Invalid session id
response = api.set_returncode(1)
else:
# Invalid post request
response = api.set_returncode(5)