diff --git a/README.md b/README.md index 81d98c9..3b10b04 100755 --- a/README.md +++ b/README.md @@ -4,18 +4,11 @@ ## TO DO: *Make searchbar work* - *Implement listing and following* ### Tasks *search.php* - *implement tags* - *insert beer/brewery/article form - /admin.php* - *add beer to list/ add brewery to follow* - - *brewery/beer/list .php* - diff --git a/admin.php b/admin.php new file mode 100644 index 0000000..52f3b1d --- /dev/null +++ b/admin.php @@ -0,0 +1,92 @@ + + + + + + + Admin Login + + + + +
+

SECRET ADMIN LOGIN???

+ ' . $login_err . '
'; + } + ?> + +
" method="post"> +
+ + + +
+
+ + + +
+
+ +
+
+ + + \ No newline at end of file diff --git a/beer.php b/beer.php index 85273cf..bba9ac4 100644 --- a/beer.php +++ b/beer.php @@ -2,12 +2,12 @@ session_start(); require_once("model/db.php"); require_once("controller/getRecord.php"); +require_once("controller/listLatest.php"); require_once("view/mainContent/userButtons.php"); require("view/header.php"); require("view/sidebar.php"); - $record = getRecord($pdo, "beer", $_GET["id"] ); $title = $record["name"]; $description = $record["description"]; @@ -15,20 +15,25 @@ $date = $record["time"]; $alc = $record["alc"]; $ibu = $record["ibu"]; $brewery_id = $record["brewery_id"]; - -require("view/mainContent/mainContent.php"); - - $brewery = getRecord($pdo, "brewery", $brewery_id )["name"]; +require("view/mainContent/mainContent.php"); -require("view/mainContent/beerExtraInfo.php"); - -echo "Kappa"; if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){ if(isThisBound($pdo, "list", $_GET["id"], $_SESSION["id"])){ - unfollowButton($pdo, "list", $_GET["id"], $_SESSION["id"]); - } else followButton($pdo, "list", $_GET["id"], $_SESSION["id"]); - showStars($pdo, $_GET["id"], $_SESSION["id"]); + $rating = getRating( $pdo, $_GET["id"], $_SESSION["id"])["rating"]; + require("view/mainContent/beerExtraInfo.php"); + showStars($_GET["id"], $rating); + unfollowButton("list", $_GET["id"]); + } else { + followButton("list", $_GET["id"]); + } } + + +$array = listTagsByBeer($pdo, $_GET["id"]); + +require("view/mainContent/listTags.php"); + + include("view/footer.php"); \ No newline at end of file diff --git a/brewery.php b/brewery.php index 30bba50..a90c361 100644 --- a/brewery.php +++ b/brewery.php @@ -3,6 +3,7 @@ session_start(); require_once("model/db.php"); require_once("controller/getRecord.php"); require_once("controller/listLatest.php"); +require_once("view/mainContent/userButtons.php"); require("view/header.php"); require("view/sidebar.php"); @@ -19,18 +20,21 @@ $array = listBeersByBrewery($pdo, $_GET["id"]); require("view/mainContent/mainContent.php"); +if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){ + if(isThisBound($pdo, "follow", $_GET["id"], $_SESSION["id"])){ + unfollowButton("follow", $_GET["id"]); + } else followButton("follow", $_GET["id"]); +} + require("view/mainContent/breweryExtraInfo.php"); $title = "Beers from $title"; $what = "beer"; + + require("view/sidebar/sidebarLister.php"); -if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){ - if(isThisBound($pdo, "follow", $_GET["id"], $_SESSION["id"])){ - unfollowButton($pdo, "follow", $_GET["id"], $_SESSION["id"]); - } else followButton($pdo, "follow", $_GET["id"], $_SESSION["id"]); -} include("view/footer.php"); \ No newline at end of file diff --git a/controller/follow.php b/controller/follow.php new file mode 100644 index 0000000..f306271 --- /dev/null +++ b/controller/follow.php @@ -0,0 +1,34 @@ +exec($sql); +} catch (PDOException $e) { + echo "Error in $from: Not Found"; +} +header("location: ../$what.php?id=$item"); \ No newline at end of file diff --git a/controller/getRecord.php b/controller/getRecord.php index 084ad8d..db7ecc6 100644 --- a/controller/getRecord.php +++ b/controller/getRecord.php @@ -20,7 +20,7 @@ function isThisBound($pdo, $where, $item_id, $user_id){ if($where === "list"){ $item = "beer_id"; }else $item = "brewery_id"; - $sql = "SELECT * FROM $where WHERE $item = $item_id AND user_id = $user_id"; + $sql = "SELECT * FROM $where WHERE $item=$item_id AND user_id=$user_id"; $stmt = $conn->prepare($sql); $stmt->execute(); $result = $stmt->setFetchMode(PDO::FETCH_ASSOC); @@ -29,4 +29,18 @@ function isThisBound($pdo, $where, $item_id, $user_id){ } catch (PDOException $e) { echo "Error in $where: Not Found"; } +} + +function getRating($pdo, $beer, $user){ + $conn = $pdo; + try { + $sql = "SELECT * FROM list WHERE beer_id = $beer AND user_id = $user"; + $stmt = $conn->prepare($sql); + $stmt->execute(); + $result = $stmt->setFetchMode(PDO::FETCH_ASSOC); + $rating = $stmt->fetch(); + } catch (PDOException $e) { + echo "Error in $from: Not Found"; + } + return $rating; } \ No newline at end of file diff --git a/controller/insertArticle.php b/controller/insertArticle.php new file mode 100644 index 0000000..98d6293 --- /dev/null +++ b/controller/insertArticle.php @@ -0,0 +1,59 @@ +exec($sql); + } catch (PDOException $e) { + echo "Error in $from: Not Found"; + } +} +//header("location: ../insertWhat.php"); + +?> + + + + + Insert Article + + + + +
+

Insert Article

+
" method="post"> +
+ + +
+
+ + +
+
+ + Cancel +
+
+
+ + \ No newline at end of file diff --git a/controller/insertBeer.php b/controller/insertBeer.php new file mode 100644 index 0000000..f7c127f --- /dev/null +++ b/controller/insertBeer.php @@ -0,0 +1,87 @@ +exec($sql); + } catch (PDOException $e) { + echo "Error in $from: Not Found"; + } +} +// header("location: ../insertWhat.php"); + +?> + + + + + + Reset Password + + + + +
+

Insert Beer

+
" method="post"> +
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+ + Cancel +
+
+
+ + \ No newline at end of file diff --git a/controller/insertBrewery.php b/controller/insertBrewery.php new file mode 100644 index 0000000..3e1eca2 --- /dev/null +++ b/controller/insertBrewery.php @@ -0,0 +1,63 @@ +exec($sql); + } catch (PDOException $e) { + echo "Error in $from: Not Found"; + } +} +// header("location: ../insertWhat.php"); + +?> + + + + + Reset Password + + + + +
+

Insert Brewery

+
" method="post"> +
+ + +
+
+ + +
+
+ + +
+
+ + Cancel +
+
+
+ + \ No newline at end of file diff --git a/controller/insertWhat.php b/controller/insertWhat.php new file mode 100644 index 0000000..876e3a7 --- /dev/null +++ b/controller/insertWhat.php @@ -0,0 +1,34 @@ + + + + + + + Reset Password + + + + +
+ +
+ + \ No newline at end of file diff --git a/controller/listLatest.php b/controller/listLatest.php index 9d28da7..e4180d4 100644 --- a/controller/listLatest.php +++ b/controller/listLatest.php @@ -70,3 +70,58 @@ function listBeersByBrewery($pdo, $where){ return $arrayBeers; } +function listTagsByBeer($pdo, $beer){ + $conn = $pdo; + try { + $stmt = $conn->prepare("SELECT tag_title FROM beer_has_tag INNER JOIN tag ON beer_has_tag.tag_id = tag.id WHERE beer_id = '$beer'"); + $stmt->execute(); + $result = $stmt->setFetchMode(PDO::FETCH_ASSOC); + $arrayBeersXTags = $stmt->fetchAll(); + } catch (PDOException $e) { + echo "Error in Beers: " . $e->getMessage(); + } + return $arrayBeersXTags; +} + +function listBeersByTag($pdo, $tag){ + $conn = $pdo; + try { + + $stmt = $conn->prepare("SELECT FROM beer_has_tag JOIN tag ON tag_id WHERE tag.id = $tag"); + $stmt->execute(); + $result = $stmt->setFetchMode(PDO::FETCH_ASSOC); + $arrayTagsXBeers = $stmt->fetchAll(); + } catch (PDOException $e) { + echo "Error in Beers: " . $e->getMessage(); + } + print_r($arrayTagsXBeers); + return $arrayTagsXBeers; +} + +function listBeersByUser($pdo, $user){ + $conn = $pdo; + try { + + $stmt = $conn->prepare("SELECT name, beer.id, degree, rating FROM beer JOIN list ON beer.id = list.beer_id JOIN user ON list.user_id = user.id WHERE user.id = $user"); + $stmt->execute(); + $result = $stmt->setFetchMode(PDO::FETCH_ASSOC); + $arrayOfBeers = $stmt->fetchAll(); + } catch (PDOException $e) { + echo "Error in Beers: " . $e->getMessage(); + } + return $arrayOfBeers; +} + +function listBeersByBreweryNAN( $pdo ){ + $conn = $pdo; + try { + $sql = "SELECT * FROM brewery"; + $stmt = $conn->prepare($sql); + $stmt->execute(); + $result = $stmt->setFetchMode(PDO::FETCH_ASSOC); + $arrayOfBreweries = $stmt->fetchAll(); + } catch (PDOException $e) { + echo "Error in Breweries: " . $e->getMessage(); + } + return $arrayOfBreweries; +} \ No newline at end of file diff --git a/controller/rate.php b/controller/rate.php new file mode 100644 index 0000000..df97bf0 --- /dev/null +++ b/controller/rate.php @@ -0,0 +1,28 @@ +prepare($sql); + $stmt->execute(); +} catch (PDOException $e) { + echo "Error in list: Not Found"; +} +header("location: ../beer.php?id=$what"); \ No newline at end of file diff --git a/controller/unfollow.php b/controller/unfollow.php new file mode 100644 index 0000000..080fc0e --- /dev/null +++ b/controller/unfollow.php @@ -0,0 +1,34 @@ +exec($sql); +} catch (PDOException $e) { + echo "Error in $from: Not Found"; +} +header("location: ../$what.php?id=$item"); diff --git a/databaseDeploy/priloha5.sql b/databaseDeploy/priloha5.sql index 197949d..8947d37 100644 --- a/databaseDeploy/priloha5.sql +++ b/databaseDeploy/priloha5.sql @@ -11,17 +11,17 @@ insert into user ( nick, mail, password ) values ( 'aaa', 'test@mail.cz', '$2y$1 insert into user ( nick, mail, password ) values ( 'aa', 'test@mail.cz', '$2y$10$QVa2JNaw.VozkHyRWlEGNeAjYfiHEksxVVMhDZPjhGsuAY9MO51.C' ); -insert into brewery (name, region, description) values ( 'Zichovec', 'Louny', 'Remeslny pivovar'); -insert into brewery (name, region, description) values ( 'Siberia', 'Praha 9-Vysocany', 'Remeslny pivovar'); -insert into brewery (name, region, description) values ( 'Matuska', 'Broumy', 'Remeslny pivovar'); -insert into brewery (name, region, description) values ( 'Cestmir', 'Stara Boleslav', 'Remeslny pivovar'); -insert into brewery (name, region, description) values ( 'Prazdroj', 'Plzen', 'Pilsner Urquell'); +insert into brewery ( name, region, description ) values ( 'Zichovec', 'Louny', 'Remeslny pivovar'); +insert into brewery ( name, region, description ) values ( 'Siberia', 'Praha 9-Vysocany', 'Remeslny pivovar'); +insert into brewery ( name, region, description ) values ( 'Matuska', 'Broumy', 'Remeslny pivovar'); +insert into brewery ( name, region, description ) values ( 'Cestmir', 'Stara Boleslav', 'Remeslny pivovar'); +insert into brewery ( name, region, description ) values ( 'Prazdroj', 'Plzen', 'Pilsner Urquell'); -insert into beer ( name, alc, ibu, description, brewery_id, degree) values ( 'Robin', 5.1, '40', 'Quality APA, good as a starting beer', '1','12' ); -insert into beer ( name, alc, ibu, description, brewery_id, degree) values ( 'Krahulik', 5.0, '32', 'Classic Lagger from Zichovec, comes in handy','1', '12' ); -insert into beer ( name, alc, ibu, description, brewery_id, degree) values ( 'Pilsner Urquell', 4.4, '38', 'Oh yes, the PILSNER!','5', '12' ); -insert into beer ( name, alc, ibu, description, brewery_id, degree) values ( 'Zlata Raketa', 7.0, '60', 'Signature beer from Matuska Brewery','3', '17' ); -insert into beer ( name, alc, ibu, description, brewery_id, degree) values ( 'Yummy Blackcurrant Raspberry & Lingonberry', 5.1, '40', 'Simply delicious Beer from Siberia with full taste','2', '12' ); +insert into beer ( name, alc, ibu, description, brewery_id, degree ) values ( 'Robin', 5.1, '40', 'Quality APA, good as a starting beer', '1','12' ); +insert into beer ( name, alc, ibu, description, brewery_id, degree ) values ( 'Krahulik', 5.0, '32', 'Classic Lagger from Zichovec, comes in handy','1', '12' ); +insert into beer ( name, alc, ibu, description, brewery_id, degree ) values ( 'Pilsner Urquell', 4.4, '38', 'Oh yes, the PILSNER!','5', '12' ); +insert into beer ( name, alc, ibu, description, brewery_id, degree ) values ( 'Zlata Raketa', 7.0, '60', 'Signature beer from Matuska Brewery','3', '17' ); +insert into beer ( name, alc, ibu, description, brewery_id, degree ) values ( 'Yummy Blackcurrant Raspberry & Lingonberry', 5.1, '40', 'Simply delicious Beer from Siberia with full taste','2', '12' ); insert into tag ( tag_title ) values ( 'IPA' ); insert into tag ( tag_title ) values ( 'APA' ); diff --git a/myList.php b/myList.php index 204c680..2b249a2 100644 --- a/myList.php +++ b/myList.php @@ -1,12 +1,33 @@ "; + $arrayOfBeers = listBeersByUser($pdo, $_SESSION["id"]); + foreach($arrayOfBeers as $row): + echo " +
+
+

"; + echo $row["name"]; + echo " "; + echo $row["degree"]; + echo "˚

"; + showStars($row["id"], $row["rating"]); + echo "
"; + echo "
"; + echo "
+
"; + endforeach; + echo ""; include("view/footer.php"); } else { header("location: index.php"); diff --git a/passChange.php b/passChange.php index 3f7ddc0..2746739 100644 --- a/passChange.php +++ b/passChange.php @@ -9,7 +9,7 @@ if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){ } // Include config file -require_once "config.php"; +require_once ("model/db.php"); // Define variables and initialize with empty values $new_password = $confirm_password = ""; @@ -40,33 +40,34 @@ if($_SERVER["REQUEST_METHOD"] == "POST"){ // Check input errors before updating the database if(empty($new_password_err) && empty($confirm_password_err)){ // Prepare an update statement - $sql = "UPDATE users SET password = ? WHERE id = ?"; + $sql = "UPDATE user SET password = :password WHERE id = :id"; - if($stmt = mysqli_prepare($link, $sql)){ + if($stmt = $pdo->prepare($sql)){ // Bind variables to the prepared statement as parameters - mysqli_stmt_bind_param($stmt, "si", $param_password, $param_id); + $stmt->bindParam(":password", $param_password, PDO::PARAM_STR); + $stmt->bindParam(":id", $param_id, PDO::PARAM_INT); // Set parameters $param_password = password_hash($new_password, PASSWORD_DEFAULT); $param_id = $_SESSION["id"]; // Attempt to execute the prepared statement - if(mysqli_stmt_execute($stmt)){ + if($stmt->execute()){ // Password updated successfully. Destroy the session, and redirect to login page session_destroy(); - header("location: login.php"); + header("location: index.php"); exit(); } else{ echo "Oops! Something went wrong. Please try again later."; } // Close statement - mysqli_stmt_close($stmt); + unset($stmt); } } // Close connection - mysqli_close($link); + unset($pdo); } ?> @@ -98,7 +99,7 @@ if($_SERVER["REQUEST_METHOD"] == "POST"){
- Cancel + Cancel
diff --git a/search.php b/search.php index d6c0ebf..91f3324 100644 --- a/search.php +++ b/search.php @@ -1,4 +1,5 @@ +
+ + + + +
+ \ No newline at end of file diff --git a/view/mainContent/userButtons.php b/view/mainContent/userButtons.php index 9cba92e..a2e9650 100644 --- a/view/mainContent/userButtons.php +++ b/view/mainContent/userButtons.php @@ -1,35 +1,42 @@ prepare($sql); - $stmt->execute(); - $result = $stmt->setFetchMode(PDO::FETCH_ASSOC); - $record = $stmt->fetch(); - } catch (PDOException $e) { - echo "Error in $from: Not Found"; - } - return $record; +function unfollowButton($where, $item_id){ + echo "
+

"; } -function followButton($pdo, $where, $item_id, $user_id){ - print_r($pdo); - $conn = $pdo; - try { - $sql = "SELECT * FROM $from WHERE id = $where"; - $stmt = $conn->prepare($sql); - $stmt->execute(); - $result = $stmt->setFetchMode(PDO::FETCH_ASSOC); - $record = $stmt->fetch(); - } catch (PDOException $e) { - echo "Error in $from: Not Found"; +function followButton($where, $item_id){ + + echo "
+

"; +} + +function showStars($beer_id, $rating){ + + for ($i = 1; $i <= $rating; $i++) { + echo "
"; + echo ""; + echo ""; + echo "
"; } - return $record; - } -function showStars($pdo, $beer_id, $user_id){ - print_r($pdo); + for ($i = ++$rating ; $i <= 10; $i++) { + echo "
"; + echo ""; + echo ""; + echo "
"; + } } diff --git a/view/navbar/loginbar.php b/view/navbar/loginbar.php index e0359ae..0fb736e 100644 --- a/view/navbar/loginbar.php +++ b/view/navbar/loginbar.php @@ -6,7 +6,7 @@ -
//Honeypot +