Skip to content

Commit de857b9

Browse files
rbattistinirbattistini
committed
Now is possible to visualize orders in seller area
1 parent 2ab4b27 commit de857b9

15 files changed

+214
-170
lines changed

api-cart.php

+2-2
Original file line numberDiff line numberDiff line change
@@ -10,10 +10,10 @@
1010
$price_calculator->setBasePrice($print["Base_price"]);
1111

1212
$title = $print["Title"];
13-
$height = validate_height(floatval($_POST["height"]));
13+
$height = validate_measure(floatval($_POST["height"]), default_height, max_height);
1414
$price_calculator->setHeight($height);
1515

16-
$width = validate_width(floatval($_POST["width"]));
16+
$width = validate_measure(floatval($_POST["width"]), default_width, max_width);
1717
$price_calculator->setWidth($width);
1818

1919
$price_calculator->setTechniquePrice(0.0);

bootstrap.php

+1
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@
1818
const default_width = 30.00;
1919
const max_width = 500.00;
2020
const max_height = 500.00;
21+
const max_price = 900.00;
2122

2223
$price_calculator = new PriceCalculator(price_divider);
2324

db/database.php

+39
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,45 @@ public function __construct($servername, $username, $password, $dbname, $port){
1010
}
1111
}
1212

13+
/**
14+
* Only orders with at least one final product from a seller are displayed.
15+
*/
16+
public function getOrdersBySeller($order_id) {
17+
$stmt = $this->db->prepare("SELECT DISTINCT(prints_order.Order_id), Ship_city, Ship_postal_code, Ship_address, Order_date, Shipped_date, prints_order.Email, Card_number, prints_order.Shipper_name, Status FROM `prints_order`, `final_product`, `art_print`, `picture`, user WHERE prints_order.Order_id = final_product.Order_id AND `final_product`.`Picture_title` = `art_print`.`Picture_title` AND art_print.Picture_title = picture.Title AND picture.Email = user.Email AND user.Email=?");
18+
$stmt->bind_param("i", $order_id);
19+
$stmt->execute();
20+
$result = $stmt->get_result();
21+
22+
return $result->fetch_all(MYSQLI_ASSOC);
23+
}
24+
25+
public function getTotalAmountFromOrder($order_id) {
26+
$stmt = $this->db->prepare("SELECT SUM(final_product.Price) as Total_amount FROM `prints_order`, `final_product` WHERE prints_order.Order_id = final_product.Order_id AND prints_order.Order_id=?");
27+
$stmt->bind_param("i", $order_id);
28+
$stmt->execute();
29+
$result = $stmt->get_result();
30+
31+
return $result->fetch_all(MYSQLI_ASSOC);
32+
}
33+
34+
public function getNumberPrintsOrdered($order_id) {
35+
$stmt = $this->db->prepare("SELECT COUNT(*) as Number_prints_ordered FROM `prints_order`, `final_product` WHERE prints_order.Order_id = final_product.Order_id AND prints_order.Order_id=?");
36+
$stmt->bind_param("i", $order_id);
37+
$stmt->execute();
38+
$result = $stmt->get_result();
39+
40+
return $result->fetch_all(MYSQLI_ASSOC);
41+
}
42+
43+
public function getOrderById($order_id) {
44+
$stmt = $this->db->prepare("SELECT * FROM prints_order WHERE Order_id=?");
45+
$stmt->bind_param("i", $order_id);
46+
$stmt->execute();
47+
$result = $stmt->get_result();
48+
49+
return $result->fetch_all(MYSQLI_ASSOC);
50+
}
51+
1352
public function checkLogin($email, $password){
1453
/* I check if there is a user with specified email */
1554
$stmt = $this->db->prepare("SELECT Email, Role, Password, Salt FROM user WHERE Email = ?");

product-page.php

+2-2
Original file line numberDiff line numberDiff line change
@@ -24,8 +24,8 @@
2424
$templateParams["height"] = $_GET["height"] ?? default_height;
2525
$templateParams["width"] = $_GET["width"] ?? default_width;
2626

27-
$templateParams["height"] = validate_height($templateParams["height"]);
28-
$templateParams["width"] = validate_width($templateParams["width"]);
27+
$templateParams["height"] = validate_measure($templateParams["height"], default_height, max_height);
28+
$templateParams["width"] = validate_width($templateParams["width"], default_width, max_width);
2929

3030
$price_calculator->setBasePrice(floatval($print["Base_price"]));
3131
$price_calculator->setHeight(floatval($templateParams["height"]));

seller-add-print.php

+49-30
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,8 @@
55
$templateParams["title"] = "Seller Area - Add print";
66
$templateParams["name"] = "seller-add-print-template.php";
77
$templateParams["sidebar"] = "seller-sidebar.php";
8+
$templateParams["placeholder"] = "placeholder.webp";
9+
810
$email = htmlspecialchars($_SESSION["email"]);
911

1012
$templateParams["categories"] = $dbh->query("SELECT * From category");
@@ -18,42 +20,59 @@
1820
$title = getValidTitle($print_id, $dbh);
1921
$description = htmlspecialchars($_POST["description"]);
2022
$author = htmlspecialchars($_POST["author"]);
21-
$base_price = htmlspecialchars($_POST["base_price"]);
22-
$discount = htmlspecialchars($_POST["discount"]);
23+
24+
if(isInRange(htmlspecialchars($_POST["base_price"]), 0.0, max_price)) {
25+
$base_price = htmlspecialchars($_POST["base_price"]);
26+
} else {
27+
$templateParams["price_error_msg"] = "Please provide a number greater than 0 and smaller than".max_price." .";
28+
}
29+
30+
if(isInRange(htmlspecialchars($_POST["discount"]), 0.0, 99.99)) {
31+
$discount = htmlspecialchars($_POST["discount"]);
32+
} else {
33+
$templateParams["discount_error_msg"] = "The discount is in percentage. Please provide a number greater than 0 and smaller than 99.99";
34+
}
35+
2336
$category = htmlspecialchars($_POST["category"]);
2437

25-
list($image, $msg) = uploadImage(UPLOAD_DIR, $_FILES["picture"]);
26-
$image_name = basename($_FILES["picture"]["name"]);
27-
$fullPath = UPLOAD_DIR.$image_name;
28-
$orientation = getOrientation($fullPath);
29-
30-
$parameters = array(
31-
"title" => $title,
32-
"description" => $description,
33-
"author" => $author,
34-
"image" => $image_name,
35-
"base_price" => $base_price,
36-
"discount" => $discount,
37-
"orientation" => $orientation,
38-
"category" => $category,
39-
"email" => $email
40-
);
41-
42-
var_dump_plus($parameters);
43-
$dbh->addPicture($parameters);
44-
45-
foreach ($techniques as &$technique) {
46-
$technique_description =str_replace(" ", "_", $technique["Description"]);
47-
if (isset($_POST[$technique_description])) {
48-
$dbh->insertSupportedTechniqueForPrint($technique["Technique_id"], $title);
49-
} else if(!isset($_POST[$technique_description]) && in_array($technique, $print_techniques)) {
50-
$dbh->deleteSupportedTechniqueFromPrint($technique["Technique_id"], $title);
38+
list($result, $msg) = uploadImage(UPLOAD_DIR, $_FILES["picture"]);
39+
40+
if ($result && !isset($templateParams["price_error_msg"])
41+
&& !isset($templateParams["discount_error_msg"])) {
42+
43+
$image_name = $msg;
44+
$fullPath = UPLOAD_DIR.$image_name;
45+
$orientation = getOrientation($fullPath);
46+
47+
$parameters = array(
48+
"title" => $title,
49+
"description" => $description,
50+
"author" => $author,
51+
"image" => $image_name,
52+
"base_price" => $base_price,
53+
"discount" => $discount,
54+
"orientation" => $orientation,
55+
"category" => $category,
56+
"email" => $email
57+
);
58+
59+
var_dump_plus($parameters);
60+
$dbh->addPicture($parameters);
61+
62+
foreach ($techniques as &$technique) {
63+
$technique_description =str_replace(" ", "_", $technique["Description"]);
64+
if (isset($_POST[$technique_description])) {
65+
$dbh->insertSupportedTechniqueForPrint($technique["Technique_id"], $title);
66+
} else if(!isset($_POST[$technique_description]) && in_array($technique, $print_techniques)) {
67+
$dbh->deleteSupportedTechniqueFromPrint($technique["Technique_id"], $title);
68+
}
5169
}
70+
unset($technique);
71+
} else {
72+
$templateParams["image_upload_error_msg"] = $msg;
5273
}
53-
unset($technique);
5474
}
5575

56-
5776
} else {
5877
header('Location: login.php');
5978
}

seller-orders.php

+10-29
Original file line numberDiff line numberDiff line change
@@ -7,43 +7,24 @@
77
$templateParams["name"] = "seller-orders-template.php";
88
$templateParams["sidebar"] = "seller-sidebar.php";
99
$email = htmlspecialchars($_SESSION["email"]);
10-
$templateParams["orders"] = $dbh->getMyOrders($email);
10+
$templateParams["orders"] = $dbh->getOrdersBySeller($email);
1111

1212
if(isset($_GET["order_id"])) {
1313
$templateParams["order_selected"] = true;
1414
$order_id = htmlspecialchars($_GET["order_id"]);
15-
$order = $dbh->getOrderProducts($order_id)[0];
16-
17-
if(isset($_POST["order_id"])) {
18-
19-
$ship_city = htmlspecialchars($_POST["ship_city"]);
20-
$ship_postal_code = htmlspecialchars($_POST["ship_postal_code"]);
21-
$ship_address = htmlspecialchars($_POST["ship_address"]);
22-
$order_date = htmlspecialchars($_POST["order_date"]);
23-
$shipped_date = htmlspecialchars($_POST["shipped_date"]);
24-
$card_number = htmlspecialchars($_POST["card_number"]);
25-
$shipper_name = htmlspecialchars($_POST["shipper_name"]);
26-
$status = htmlspecialchars($_POST["status"]);
27-
28-
$parameters = array(
29-
"ship_city" => $ship_city,
30-
"ship_postal_code" => $ship_postal_code,
31-
"ship_address" => $ship_address,
32-
"order_date" => $order_date,
33-
"shipped_date" => $shipped_date,
34-
"email" => $email,
35-
"card_number" => $card_number,
36-
"shipper_name" => $shipper_name,
37-
"status" => $status
38-
);
39-
40-
$dbh->updatePicture($parameters);
15+
$order = $dbh->getOrderById($order_id);
16+
17+
if(empty($order)) {
18+
$templateParams["order_selected"] = false;
19+
} else {
20+
$order = $order[0];
21+
$order["Total_amount"] = $dbh->getTotalAmountFromOrder($order_id)[0]["Total_amount"];
22+
$order["Number_prints_ordered"] = $dbh->getNumberPrintsOrdered($order_id)[0]["Number_prints_ordered"];
23+
var_dump_plus($order);
4124
}
42-
4325
} else {
4426
$templateParams["order_selected"] = false;
4527
}
46-
4728
} else {
4829
header('Location: login.php');
4930
}

seller-prints.php

+58-38
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,14 @@
11
<?php
22
require_once 'bootstrap.php';
33

4-
if(isUserLoggedIn(UserType::Seller)) {
4+
if (isUserLoggedIn(UserType::Seller)) {
55
$templateParams["title"] = "Seller Area - Your prints";
66
$templateParams["name"] = "seller-prints-template.php";
77
$templateParams["sidebar"] = "seller-sidebar.php";
88
$email = htmlspecialchars($_SESSION["email"]);
99
$templateParams["prints"] = $dbh->getPicturesFromSeller($email);
1010

11-
if(isset($_GET["print_id"])) {
11+
if (isset($_GET["print_id"])) {
1212
$templateParams["print_selected"] = true;
1313
$print_id = htmlspecialchars($_GET["print_id"]);
1414
$print = $dbh->getPictureFromTitle($print_id)[0];
@@ -17,64 +17,84 @@
1717
$templateParams["techniques"] = $techniques;
1818
$print_techniques = $dbh->getTechniquesFromPictureTitle($print_id);
1919

20-
if(isset($_POST["author"])) {
20+
if (isset($_POST["author"])) {
2121
$title = $print_id;
2222
$description = htmlspecialchars($_POST["description"]);
2323
$author = htmlspecialchars($_POST["author"]);
24-
$base_price = htmlspecialchars($_POST["base_price"]);
25-
$discount = htmlspecialchars($_POST["discount"]);
24+
25+
if(isInRange(htmlspecialchars($_POST["base_price"]), 0.0, max_price)) {
26+
$base_price = htmlspecialchars($_POST["base_price"]);
27+
} else {
28+
$templateParams["price_error_msg"] = "Please provide a number greater than 0 and smaller than ".max_price;
29+
}
30+
31+
if(isInRange(htmlspecialchars($_POST["discount"]), 0.0, 99.99)) {
32+
$discount = htmlspecialchars($_POST["discount"]);
33+
} else {
34+
$templateParams["discount_error_msg"] = "The discount is in percentage. Please provide a number greater than 0 and smaller than 99.99";
35+
}
36+
2637
$category = htmlspecialchars($_POST["category"]);
2738

2839
/**
2940
* Check if a new image was uploaded. If it isn't reuse the current image.
3041
*/
31-
if(!empty($_FILES["picture"]["name"])) {
32-
list($image, $msg) = uploadImage(UPLOAD_DIR, $_FILES["picture"]);
33-
$image_name = basename($_FILES["picture"]["name"]);
34-
$fullPath = UPLOAD_DIR.$image_name;
35-
$orientation = getOrientation($fullPath);
42+
if (!empty($_FILES["picture"]["name"])) {
43+
list($result, $msg) = uploadImage(UPLOAD_DIR, $_FILES["picture"]);
3644
} else {
3745
$image_name = $print["Image"];
3846
$orientation = htmlspecialchars($print["Orientation"]);
47+
$result = true;
48+
$msg = "";
3949
}
4050

41-
$parameters = array(
42-
"description" => $description,
43-
"author" => $author,
44-
"image" => $image_name,
45-
"base_price" => $base_price,
46-
"discount" => $discount,
47-
"orientation" => $orientation,
48-
"category" => $category,
49-
"email" => $email
50-
);
51+
if ($result && !isset($templateParams["price_error_msg"])
52+
&& !isset($templateParams["discount_error_msg"])) {
5153

52-
$dbh->updatePicture($parameters, $title);
53-
}
54+
if (!empty($_FILES["picture"]["name"])) {
55+
$image_name = $msg;
56+
$fullPath = UPLOAD_DIR . $image_name;
57+
$orientation = getOrientation($fullPath);
58+
}
5459

55-
foreach ($techniques as &$technique) {
56-
$technique_description =str_replace(" ", "_", $technique["Description"]);
57-
if (isset($_POST[$technique_description]) && !in_array($technique, $print_techniques)) {
58-
$dbh->insertSupportedTechniqueForPrint($technique["Technique_id"], $print_id);
59-
} else if(!isset($_POST[$technique_description]) && in_array($technique, $print_techniques)) {
60-
$dbh->deleteSupportedTechniqueFromPrint($technique["Technique_id"], $print_id);
61-
}
62-
}
63-
unset($technique);
60+
$parameters = array(
61+
"description" => $description,
62+
"author" => $author,
63+
"image" => $image_name,
64+
"base_price" => $base_price,
65+
"discount" => $discount,
66+
"orientation" => $orientation,
67+
"category" => $category,
68+
"email" => $email
69+
);
6470

65-
/**
66-
* Update current image and techniques shown in the page
67-
*/
68-
$print = $dbh->getPictureFromTitle($print_id)[0];
69-
$print_techniques = $dbh->getTechniquesFromPictureTitle($print_id);
71+
$dbh->updatePicture($parameters, $title);
72+
73+
foreach ($techniques as &$technique) {
74+
$technique_description = str_replace(" ", "_", $technique["Description"]);
75+
if (isset($_POST[$technique_description]) && !in_array($technique, $print_techniques)) {
76+
$dbh->insertSupportedTechniqueForPrint($technique["Technique_id"], $print_id);
77+
} else if (!isset($_POST[$technique_description]) && in_array($technique, $print_techniques)) {
78+
$dbh->deleteSupportedTechniqueFromPrint($technique["Technique_id"], $print_id);
79+
}
80+
}
81+
unset($technique);
82+
83+
} else {
84+
$templateParams["image_upload_error_msg"] = $msg;
85+
}
7086

87+
/**
88+
* Update current image and techniques shown in the page
89+
*/
90+
$print = $dbh->getPictureFromTitle($print_id)[0];
91+
$print_techniques = $dbh->getTechniquesFromPictureTitle($print_id);
92+
}
7193
} else {
7294
$templateParams["print_selected"] = false;
7395
}
74-
7596
} else {
7697
header('Location: login.php');
7798
}
7899

79100
require 'template/base.php';
80-
?>

template/base.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
<head>
55
<meta charset="utf-8">
66
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
7-
<title><?php echo $templateParams["title"]."- Fine Art Prints" ?></title>
7+
<title><?php echo $templateParams["title"]." - Fine Art Prints" ?></title>
88
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css"
99
integrity="sha384-TX8t27EcRE3e/ihU7zmQxVncDAy5uIKz4rEkgIXeMed4M0jlfIDPvg6uqKI2xXr2" crossorigin="anonymous">
1010
<link rel="shortcut icon" type="image/jpg" href="upload/icons/file-richtext.svg" />

template/checkout-template.php

-2
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,5 @@
1-
<link rel="stylesheet" href="css/theme.css">
21
<link rel="stylesheet" href="css/order_style.css">
32

4-
53
<div class="flex-grow-1 subtle-pattern">
64
<div class="container bg-white flex-flow-row-wrap">
75
<div class="row my-4 w-100 text-center">

0 commit comments

Comments
 (0)