Stabilize legacy Steven API endpoints and add OpenAPI spec

steven/API/postBerkasSidangMahasiswa.php

@@ -0,0 +1,111 @@
+<?php
+
+session_start();
+
+include '../conf/koneksiPDO.php';
+include '../conf/function.php';
+
+$conn = new createCon();
+$dbh = $conn->connect();
+
+header('Content-Type: application/json');
+
+$loginMhs = requireSessionRole('mhs');
+$nim = isset($loginMhs['nim']) ? $loginMhs['nim'] : '';
+$idMhs = isset($loginMhs['id']) ? $loginMhs['id'] : 0;
+
+$idJadwal = isset($_GET['idJadwal']) ? (int) $_GET['idJadwal'] : 0;
+if ($idJadwal <= 0) {
+    jsonResponse(['status' => false, 'msg' => 'Parameter idJadwal tidak valid'], 422);
+}
+
+if (!isset($_POST['listKey'])) {
+    jsonResponse(['status' => false, 'msg' => 'Parameter listKey tidak lengkap'], 422);
+}
+
+$listKey = json_decode($_POST['listKey'], true);
+if (!is_array($listKey) || empty($listKey)) {
+    jsonResponse(['status' => false, 'msg' => 'Format listKey tidak valid'], 422);
+}
+
+$sql = 'SELECT * FROM tbjadwal WHERE id = :idJadwal AND idMhs = :idMhs';
+$stmt = $dbh->prepare($sql);
+$stmt->bindParam(':idJadwal', $idJadwal);
+$stmt->bindParam(':idMhs', $idMhs);
+$stmt->execute();
+
+if ($stmt->rowCount() === 0) {
+    jsonResponse(['status' => false, 'msg' => 'Forbidden'], 403);
+}
+
+$namaFolder = 'dll';
+
+while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
+    $jenisSidang = strtolower($row['jenis']);
+    switch ($jenisSidang) {
+        case 'outline': $namaFolder = 'Seminar Outline'; break;
+        case 'sidhas': $namaFolder = 'Seminar Hasil'; break;
+        case 'sidang': $namaFolder = 'Sidang Akhir'; break;
+    }
+}
+
+$urlAPIDrive = 'http://203.24.50.140/';
+$banyakSukses = 0;
+
+foreach ($listKey as $key => $val) {
+    if (isset($_FILES[$val])) {
+        $tmpfile = $_FILES[$val]['tmp_name'];
+        $filename = basename($_FILES[$val]['name']);
+        $typeFile = $_FILES[$val]['type'];
+
+        $cFile = curl_file_create($tmpfile, $typeFile, $filename);
+
+        $post = ['nim' => $nim, 'file_gdrive' => $cFile, 'folderMhs' => $namaFolder];
+        $ch = curl_init();
+        curl_setopt($ch, CURLOPT_URL, $urlAPIDrive);
+        curl_setopt($ch, CURLOPT_POST, 1);
+        curl_setopt($ch, CURLOPT_PORT, 8080);
+        curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
+        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
+        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
+        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
+
+        $result = curl_exec($ch);
+
+        curl_close($ch);
+
+        $decodedResult = json_decode($result, true);
+
+        if ($decodedResult['status'] == 1) {
+            $fileId = $decodedResult['fileId'];
+
+            ++$banyakSukses;
+            $sql = 'SELECT * FROM tb_berkas_sidang WHERE idJadwal = :idJadwal AND nama = :nama';
+            $stmt = $dbh->prepare($sql);
+            $stmt->bindParam(':idJadwal', $idJadwal);
+            $stmt->bindParam(':nama', $val);
+            $stmt->execute();
+
+            if ($stmt->rowCount() == 0) {
+                $sql = 'INSERT INTO tb_berkas_sidang(idJadwal, nama, driveId) VALUES(:idJadwal, :nama, :driveId)';
+                $stmt = $dbh->prepare($sql);
+                $stmt->bindParam(':idJadwal', $idJadwal);
+                $stmt->bindParam(':nama', $val);
+                $stmt->bindParam(':driveId', $fileId);
+                $stmt->execute();
+            } else {
+                $sql = 'UPDATE tb_berkas_sidang SET driveId = :driveId WHERE idJadwal = :idJadwal AND nama = :nama';
+                $stmt = $dbh->prepare($sql);
+                $stmt->bindParam(':idJadwal', $idJadwal);
+                $stmt->bindParam(':nama', $val);
+                $stmt->bindParam(':driveId', $fileId);
+                $stmt->execute();
+            }
+        }
+    }
+}
+
+echo json_encode([
+    'status' => true,
+    'msg' => $banyakSukses.' file berhasil diupload',
+]);