Skip to content

Commit 957d586

Browse files
committed
Permissions update, code refactoring
1 parent 391133e commit 957d586

File tree

129 files changed

+312
-256
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

129 files changed

+312
-256
lines changed

api-about-us.php

100644100755
File mode changed.

api-add-credit-card.php

100644100755
File mode changed.

api-cart.php

100644100755
File mode changed.

api-customer-orders-summary.php

100644100755
File mode changed.

api-order.php

100644100755
File mode changed.

api-print-customization.php

100644100755
File mode changed.

api-print.php

100644100755
File mode changed.

categories.php

100644100755
File mode changed.

checkout.php

100644100755
File mode changed.

css/aboutus_style.css

100644100755
File mode changed.

css/categories_style.css

100644100755
File mode changed.

css/shop_style.css

100644100755
File mode changed.

customer-area.php

100644100755
File mode changed.

customer-orders-summary.php

100644100755
File mode changed.

db/database.php

+2-2
Original file line numberDiff line numberDiff line change
@@ -179,7 +179,7 @@ public function addPicture($parameters) {
179179
$stmt->execute();
180180
}
181181

182-
public function updatePicture($parameters) {
182+
public function updatePicture($parameters, $title) {
183183
$description = $parameters["description"];
184184
$author = $parameters["author"];
185185
$image = $parameters["image"];
@@ -190,7 +190,7 @@ public function updatePicture($parameters) {
190190
$email = $parameters["email"];
191191

192192
$stmt = $this->db->prepare("UPDATE picture SET Description = ?, Author = ?, Image = ?, Base_price = ?, Discount = ?, Orientation = ?, Category_name = ?, Email = ? WHERE Title = ?");
193-
$stmt->bind_param("sssiisss", $description, $author, $image, $base_price, $discount, $orientation, $category_name, $email);
193+
$stmt->bind_param("sssiissss", $description, $author, $image, $base_price, $discount, $orientation, $category_name, $email, $title);
194194
$stmt->execute();
195195
}
196196

db/fineartprints.sql

100644100755
File mode changed.

db/frame.sql

100644100755
File mode changed.

error-404.php

100644100755
File mode changed.

index.php

100644100755
File mode changed.

login.php

100644100755
+1-5
Original file line numberDiff line numberDiff line change
@@ -11,13 +11,9 @@
1111
}
1212

1313
if (isUserLoggedIn(UserType::Customer)) {
14-
$templateParams["title"] = "Customer Area";
15-
$templateParams["name"] = "customer-area.php";
1614
header("Location: customer-area.php");
1715
} else if (isUserLoggedIn(UserType::Seller)) {
18-
$templateParams["title"] = "Seller Area";
19-
$templateParams["name"] = "template/seller-profile-template.php";
20-
require "template/base.php";
16+
header("Location: seller-profile.php");
2117
} else {
2218
$templateParams["title"] = "Login";
2319
$templateParams["name"] = "template/login-template.php";

logout.php

100644100755
File mode changed.

product-page.php

100644100755
File mode changed.

seller-add-print.php

+2
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,8 @@
44
if(isUserLoggedIn(UserType::Seller)) {
55
$templateParams["title"] = "Seller Area - Add print";
66
$templateParams["name"] = "seller-add-print-template.php";
7+
$templateParams["sidebar"] = "seller-sidebar.php";
8+
79
$email = htmlspecialchars($_SESSION["email"]);
810

911
if(isset($_POST["author"])) {

seller-orders.php

100644100755
+46-2
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,52 @@
11
<?php
22
require_once 'bootstrap.php';
33

4-
$templateParams["title"] = "Seller Area - View orders";
5-
$templateParams["name"] = "seller-orders-template.php";
4+
if(isUserLoggedIn(UserType::Seller)) {
5+
6+
$templateParams["title"] = "Seller Area - View orders";
7+
$templateParams["name"] = "seller-orders-template.php";
8+
$templateParams["sidebar"] = "seller-sidebar.php";
9+
$email = htmlspecialchars($_SESSION["email"]);
10+
$templateParams["orders"] = $dbh->getMyOrders($email);
11+
12+
if(isset($_GET["order_id"])) {
13+
$templateParams["order_selected"] = true;
14+
$order_id = htmlspecialchars($_GET["order_id"]);
15+
$order = $dbh->getOrderProducts($order_id)[0];
16+
17+
if(isset($_POST["order_id"])) {
18+
19+
$ship_city = htmlspecialchars($_POST["ship_city"]);
20+
$ship_postal_code = htmlspecialchars($_POST["ship_postal_code"]);
21+
$ship_address = htmlspecialchars($_POST["ship_address"]);
22+
$order_date = htmlspecialchars($_POST["order_date"]);
23+
$shipped_date = htmlspecialchars($_POST["shipped_date"]);
24+
$card_number = htmlspecialchars($_POST["card_number"]);
25+
$shipper_name = htmlspecialchars($_POST["shipper_name"]);
26+
$status = htmlspecialchars($_POST["status"]);
27+
28+
$parameters = array(
29+
"ship_city" => $ship_city,
30+
"ship_postal_code" => $ship_postal_code,
31+
"ship_address" => $ship_address,
32+
"order_date" => $order_date,
33+
"shipped_date" => $shipped_date,
34+
"email" => $email,
35+
"card_number" => $card_number,
36+
"shipper_name" => $shipper_name,
37+
"status" => $status
38+
);
39+
40+
$dbh->updatePicture($parameters);
41+
}
42+
43+
} else {
44+
$templateParams["order_selected"] = false;
45+
}
46+
47+
} else {
48+
header('Location: login.php');
49+
}
650

751
require 'template/base.php';
852
?>

seller-prints.php

+27-7
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@
44
if(isUserLoggedIn(UserType::Seller)) {
55
$templateParams["title"] = "Seller Area - Your prints";
66
$templateParams["name"] = "seller-prints-template.php";
7+
$templateParams["sidebar"] = "seller-sidebar.php";
78
$email = htmlspecialchars($_SESSION["email"]);
89
$templateParams["prints"] = $dbh->getPicturesFromSeller($email);
910

@@ -12,21 +13,28 @@
1213
$print_id = htmlspecialchars($_GET["print_id"]);
1314
$print = $dbh->getPictureFromTitle($print_id)[0];
1415
$templateParams["categories"] = $dbh->query("SELECT * From category");
15-
$templateParams["techniques"] = $dbh->query("SELECT * From print_technique");
16+
$techniques = $dbh->query("SELECT * From print_technique");
17+
$templateParams["techniques"] = $techniques;
1618
$print_techniques = $dbh->getTechniquesFromPictureTitle($print_id);
1719

1820
if(isset($_POST["author"])) {
19-
21+
$title = $print_id;
2022
$description = htmlspecialchars($_POST["description"]);
2123
$author = htmlspecialchars($_POST["author"]);
22-
list($image, $msg) = uploadImage(UPLOAD_DIR, $_FILES["picture"]);
23-
$image_name = basename($image["name"]);
24-
var_dump($image_name);
2524
$base_price = htmlspecialchars($_POST["base_price"]);
2625
$discount = htmlspecialchars($_POST["discount"]);
27-
$orientation = getOrientation($image); // REVIEW
2826
$category = htmlspecialchars($_POST["category"]);
2927

28+
if(!empty($_FILES["picture"]["name"])) {
29+
list($image, $msg) = uploadImage(UPLOAD_DIR, $_FILES["picture"]);
30+
$image_name = basename($_FILES["picture"]["name"]);
31+
$fullPath = UPLOAD_DIR.$image_name;
32+
$orientation = getOrientation($fullPath);
33+
} else {
34+
$image_name = $print["Image"];
35+
$orientation = htmlspecialchars($print["Orientation"]);
36+
}
37+
3038
$parameters = array(
3139
"description" => $description,
3240
"author" => $author,
@@ -38,9 +46,21 @@
3846
"email" => $email
3947
);
4048

41-
$dbh->updatePicture($parameters);
49+
$dbh->updatePicture($parameters, $title);
50+
}
51+
52+
foreach ($techniques as &$technique) {
53+
$technique_description =str_replace(" ", "_", $technique["Description"]);
54+
if (isset($_POST[$technique_description]) && !in_array($technique, $print_techniques)) {
55+
$dbh->insertSupportedTechniqueForPrint($technique["Technique_id"], $print_id);
56+
} else if(!isset($_POST[$technique_description]) && in_array($technique, $print_techniques)) {
57+
$dbh->deleteSupportedTechniqueFromPrint($technique["Technique_id"], $print_id);
58+
}
4259
}
60+
unset($technique);
4361

62+
$print = $dbh->getPictureFromTitle($print_id)[0]; // image shown update
63+
$print_techniques = $dbh->getTechniquesFromPictureTitle($print_id); // techniques shown update
4464
} else {
4565
$templateParams["print_selected"] = false;
4666
}

seller-profile.php

100644100755
+2-1
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,8 @@
22
require_once 'bootstrap.php';
33

44
$templateParams["title"] = "Seller Area - Profile";
5-
$templateParams["name"] = "seller-profile-template.php";
5+
$templateParams["name"] = "template/seller-profile-template.php";
6+
$templateParams["sidebar"] = "template/seller-sidebar.php";
67

78
require 'template/base.php';
89
?>

shop.php

100644100755
File mode changed.

shopping-cart.php

100644100755
File mode changed.

sign-up.php

100644100755
File mode changed.

template/about-us.php

100644100755
File mode changed.

template/base.php

100644100755
File mode changed.

template/customer-area-template.php

100644100755
File mode changed.

template/customer-orders-summary-template.php

100644100755
File mode changed.

template/home-template.php

100644100755
File mode changed.

template/seller-add-print-template.php

+5-8
Original file line numberDiff line numberDiff line change
@@ -5,14 +5,11 @@
55
<div class="container">
66
<div class="row">
77
<div class="col-md-3">
8-
<aside class="bg-white sidebar container shadow-sm my-4 p-4 list-group list-group-flush">
9-
<h3 class="py-4 pl-3">Seller's Area</h3>
10-
<a href="seller-overview.php" class="list-group-item list-group-item-action bg-white">Overview</a>
11-
<a href="seller-profile.php" class="list-group-item list-group-item-action bg-white">Profile</a>
12-
<a href="seller-prints.php" class="list-group-item list-group-item-action bg-white">Your prints</a>
13-
<a href="#" class="list-group-item list-group-item-action bg-white">Add new print</a>
14-
<a href="seller-orders.php" class="list-group-item list-group-item-action bg-white">View orders</a>
15-
</aside>
8+
<?php
9+
if(isset($templateParams["sidebar"])){
10+
require($templateParams["sidebar"]);
11+
}
12+
?>
1613
</div>
1714

1815
<div class="col-md-9">

0 commit comments

Comments
 (0)