Everythink :/

master
flejk 3 years ago
parent c5b703308f
commit 5e124aa2b4

@ -4,18 +4,11 @@
## TO DO: ## TO DO:
*Make searchbar work* *Make searchbar work*
*Implement listing and following*
### Tasks ### Tasks
*search.php* *search.php*
*implement tags*
*insert beer/brewery/article form - /admin.php* *insert beer/brewery/article form - /admin.php*
*add beer to list/ add brewery to follow*
*brewery/beer/list .php*

@ -0,0 +1,92 @@
<?php
// Initialize the session
session_start();
// Check if the user is already logged in, if yes then redirect him to welcome page
if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){
header("location: index.php");
exit;
}
// Include config file
require_once "model/db.php";
// Define variables and initialize with empty values
$username = $password = "";
$username_err = $password_err = $login_err = "";
// Processing form data when form is submitted
if($_SERVER["REQUEST_METHOD"] == "POST"){
// Check if username is empty
if(empty(trim($_POST["username"]))){
$username_err = "Please enter username.";
} else{
$username = trim($_POST["username"]);
}
// Check if password is empty
if(empty(trim($_POST["password"]))){
$password_err = "Please enter your password.";
} else{
$password = trim($_POST["password"]);
}
// Validate credentials
if(empty($username_err) && empty($password_err)){
if($username == "pseudoRoot"){
if($password == "nemamheslo"){
session_start();
$_SESSION["loggedinAdmin"] = true;
$_SESSION["username"] = "admin";
header("location: controller/insertWhat.php");
} else $login_err = "Wrong Password";
} else $login_err = "Wrong Username";
}else $login_err = "You didnt Enter either username of Password";
unset($pdo);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Admin Login</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
<style>
body{ font: 14px sans-serif; }
.wrapper{ width: 360px; padding: 20px; }
</style>
</head>
<body>
<div class="wrapper">
<h2>SECRET ADMIN LOGIN???</h2>
<?php
if(!empty($login_err)){
echo '<div class="alert alert-danger">' . $login_err . '</div>';
}
?>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<div class="form-group">
<label>ADMIN name</label>
<input type="text" name="username" class="form-control <?php echo (!empty($username_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $username; ?>">
<span class="invalid-feedback"><?php echo $username_err; ?></span>
</div>
<div class="form-group">
<label>Password</label>
<input type="password" name="password" class="form-control <?php echo (!empty($password_err)) ? 'is-invalid' : ''; ?>">
<span class="invalid-feedback"><?php echo $password_err; ?></span>
</div>
<div class="form-group">
<input type="submit" class="btn btn-primary" value="Login">
</div>
</form>
</div>
</body>
</html>

@ -2,12 +2,12 @@
session_start(); session_start();
require_once("model/db.php"); require_once("model/db.php");
require_once("controller/getRecord.php"); require_once("controller/getRecord.php");
require_once("controller/listLatest.php");
require_once("view/mainContent/userButtons.php"); require_once("view/mainContent/userButtons.php");
require("view/header.php"); require("view/header.php");
require("view/sidebar.php"); require("view/sidebar.php");
$record = getRecord($pdo, "beer", $_GET["id"] ); $record = getRecord($pdo, "beer", $_GET["id"] );
$title = $record["name"]; $title = $record["name"];
$description = $record["description"]; $description = $record["description"];
@ -15,20 +15,25 @@ $date = $record["time"];
$alc = $record["alc"]; $alc = $record["alc"];
$ibu = $record["ibu"]; $ibu = $record["ibu"];
$brewery_id = $record["brewery_id"]; $brewery_id = $record["brewery_id"];
require("view/mainContent/mainContent.php");
$brewery = getRecord($pdo, "brewery", $brewery_id )["name"]; $brewery = getRecord($pdo, "brewery", $brewery_id )["name"];
require("view/mainContent/mainContent.php");
require("view/mainContent/beerExtraInfo.php");
echo "Kappa";
if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){ if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){
if(isThisBound($pdo, "list", $_GET["id"], $_SESSION["id"])){ if(isThisBound($pdo, "list", $_GET["id"], $_SESSION["id"])){
unfollowButton($pdo, "list", $_GET["id"], $_SESSION["id"]); $rating = getRating( $pdo, $_GET["id"], $_SESSION["id"])["rating"];
} else followButton($pdo, "list", $_GET["id"], $_SESSION["id"]); require("view/mainContent/beerExtraInfo.php");
showStars($pdo, $_GET["id"], $_SESSION["id"]); showStars($_GET["id"], $rating);
unfollowButton("list", $_GET["id"]);
} else {
followButton("list", $_GET["id"]);
}
} }
$array = listTagsByBeer($pdo, $_GET["id"]);
require("view/mainContent/listTags.php");
include("view/footer.php"); include("view/footer.php");

@ -3,6 +3,7 @@ session_start();
require_once("model/db.php"); require_once("model/db.php");
require_once("controller/getRecord.php"); require_once("controller/getRecord.php");
require_once("controller/listLatest.php"); require_once("controller/listLatest.php");
require_once("view/mainContent/userButtons.php");
require("view/header.php"); require("view/header.php");
require("view/sidebar.php"); require("view/sidebar.php");
@ -19,18 +20,21 @@ $array = listBeersByBrewery($pdo, $_GET["id"]);
require("view/mainContent/mainContent.php"); require("view/mainContent/mainContent.php");
if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){
if(isThisBound($pdo, "follow", $_GET["id"], $_SESSION["id"])){
unfollowButton("follow", $_GET["id"]);
} else followButton("follow", $_GET["id"]);
}
require("view/mainContent/breweryExtraInfo.php"); require("view/mainContent/breweryExtraInfo.php");
$title = "Beers from $title"; $title = "Beers from $title";
$what = "beer"; $what = "beer";
require("view/sidebar/sidebarLister.php"); require("view/sidebar/sidebarLister.php");
if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){
if(isThisBound($pdo, "follow", $_GET["id"], $_SESSION["id"])){
unfollowButton($pdo, "follow", $_GET["id"], $_SESSION["id"]);
} else followButton($pdo, "follow", $_GET["id"], $_SESSION["id"]);
}
include("view/footer.php"); include("view/footer.php");

@ -0,0 +1,34 @@
<?php
// Initialize the session
session_start();
// Check if the user is already logged in, if yes then redirect him to welcome page
if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] == false){
header("location: ../index.php");
exit;
}
// Include config file
require_once("../model/db.php");
$what = key($_POST);
$item = $_POST[$what];
$id = $_SESSION["id"];
if ($what == "beer"){
$from_id = "beer_id";
$from="list";
} else {
$from_id = "brewery_id";
$from="follow";
}
$conn = $pdo;
try {
$sql = "INSERT INTO $from ( user_id, $from_id) values ( $id, $item );";
echo $sql;
$conn->exec($sql);
} catch (PDOException $e) {
echo "Error in $from: Not Found";
}
header("location: ../$what.php?id=$item");

@ -20,7 +20,7 @@ function isThisBound($pdo, $where, $item_id, $user_id){
if($where === "list"){ if($where === "list"){
$item = "beer_id"; $item = "beer_id";
}else $item = "brewery_id"; }else $item = "brewery_id";
$sql = "SELECT * FROM $where WHERE $item = $item_id AND user_id = $user_id"; $sql = "SELECT * FROM $where WHERE $item=$item_id AND user_id=$user_id";
$stmt = $conn->prepare($sql); $stmt = $conn->prepare($sql);
$stmt->execute(); $stmt->execute();
$result = $stmt->setFetchMode(PDO::FETCH_ASSOC); $result = $stmt->setFetchMode(PDO::FETCH_ASSOC);
@ -30,3 +30,17 @@ function isThisBound($pdo, $where, $item_id, $user_id){
echo "Error in $where: Not Found"; echo "Error in $where: Not Found";
} }
} }
function getRating($pdo, $beer, $user){
$conn = $pdo;
try {
$sql = "SELECT * FROM list WHERE beer_id = $beer AND user_id = $user";
$stmt = $conn->prepare($sql);
$stmt->execute();
$result = $stmt->setFetchMode(PDO::FETCH_ASSOC);
$rating = $stmt->fetch();
} catch (PDOException $e) {
echo "Error in $from: Not Found";
}
return $rating;
}

@ -0,0 +1,59 @@
<?php
// Initialize the session
session_start();
// Check if the user is already logged in, if yes then redirect him to welcome page
if(isset($_SESSION["loggedinAdmin"]) && $_SESSION["loggedinAdmin"] === true){
echo "";
}else header("location: ../index.php");
// Include config file
require_once("../model/db.php");
$title = $_POST["title"];
$body = $_POST["body"];
if(!is_null($title)){
$conn = $pdo;
try {
$sql = "INSERT INTO article ( title, body ) values ( '$title', '$body' );";
echo $sql;
$conn->exec($sql);
} catch (PDOException $e) {
echo "Error in $from: Not Found";
}
}
//header("location: ../insertWhat.php");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Insert Article</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
<style>
body{ font: 14px sans-serif; }
.wrapper{ width: 360px; padding: 20px; }
</style>
</head>
<body>
<div class="wrapper">
<h2>Insert Article</h2>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<div class="form-group">
<label>Title</label>
<input type="text" name="title" class="form-control">
</div>
<div class="form-group">
<label>Body</label>
<textarea rows="4" cols="50" name="body" class="form-control"></textarea>
</div>
<div class="form-group">
<input type="submit" class="btn btn-primary" value="Submit">
<a class="btn btn-link ml-2" href="insertWhat.php">Cancel</a>
</div>
</form>
</div>
</body>
</html>

@ -0,0 +1,87 @@
<?php
// Initialize the session
session_start();
// Check if the user is already logged in, if yes then redirect him to welcome page
if(isset($_SESSION["loggedinAdmin"]) && $_SESSION["loggedinAdmin"] === true){
echo "";
}else header("location: ../index.php");
// Include config file
require_once("../model/db.php");
require_once("listLatest.php");
$name = $_POST["name"];
$alc = $_POST["alc"];
$ibu = $_POST["ibu"];
$description = $_POST["description"];
$brewery_id = $_POST["brewery_id"];
$degree = $_POST["degree"];
$arrayOfBreweries = listBeersByBreweryNAN( $pdo );
if(!is_null($name)){
$conn = $pdo;
try {
$sql = "INSERT INTO beer ( name, alc, ibu, description, brewery_id, degree ) values ( '$name', $alc, '$ibu', '$description', '$brewery_id', '$degree' );";
echo $sql;
$conn->exec($sql);
} catch (PDOException $e) {
echo "Error in $from: Not Found";
}
}
// header("location: ../insertWhat.php");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Reset Password</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
<style>
body{ font: 14px sans-serif; }
.wrapper{ width: 360px; padding: 20px; }
</style>
</head>
<body>
<div class="wrapper">
<h2>Insert Beer</h2>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<div class="form-group">
<label>Beer Name</label>
<input type="text" name="name" class="form-control">
</div>
<div class="form-group">
<label>Alc (float for example: 4.2)</label>
<input type="text" name="alc" class="form-control">
</div>
<div class="form-group">
<label>IBU</label>
<input type="text" name="ibu" class="form-control">
</div>
<div class="form-group">
<label>Description</label>
<textarea rows="4" cols="50" name="decsription" class="form-control"></textarea>
</div>
<div class="form-group">
<label>Parent Brewery</label>
<select name="brewery_id" class="form-control">
<?php foreach($arrayOfBreweries as $row) : ?>
<option value="<?= $row['id'] ?>"><?= $row['name'] ?></option>
<?php endforeach ?>
</select>
</div>
<div class="form-group">
<label>Degree</label>
<input type="text" name="degree" class="form-control">
</div>
<div class="form-group">
<input type="submit" class="btn btn-primary" value="Submit">
<a class="btn btn-link ml-2" href="insertWhat.php">Cancel</a>
</div>
</form>
</div>
</body>
</html>

@ -0,0 +1,63 @@
<?php
// Initialize the session
session_start();
// Check if the user is already logged in, if yes then redirect him to welcome page
if(isset($_SESSION["loggedinAdmin"]) && $_SESSION["loggedinAdmin"] === true){
echo "";
}else header("location: ../index.php");
// Include config file
require_once("../model/db.php");
$name = $_POST["name"];
$region = $_POST["region"];
$description = $_POST["description"];
if(!is_null($name)){
$conn = $pdo;
try {
$sql = "INSERT INTO article ( name, region, description ) values ( '$name', '$region', '$description' );";
$conn->exec($sql);
} catch (PDOException $e) {
echo "Error in $from: Not Found";
}
}
// header("location: ../insertWhat.php");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Reset Password</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
<style>
body{ font: 14px sans-serif; }
.wrapper{ width: 360px; padding: 20px; }
</style>
</head>
<body>
<div class="wrapper">
<h2>Insert Brewery</h2>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<div class="form-group">
<label>Name of Brewery</label>
<input type="text" name="name" class="form-control">
</div>
<div class="form-group">
<label>Region</label>
<input type="text" name="region" class="form-control">
</div>
<div class="form-group">
<label>Description</label>
<textarea rows="4" cols="50" name="decsription" class="form-control"></textarea>
</div>
<div class="form-group">
<input type="submit" class="btn btn-primary" value="Submit">
<a class="btn btn-link ml-2" href="insertWhat.php">Cancel</a>
</div>
</form>
</div>
</body>
</html>

@ -0,0 +1,34 @@
<?php
// Initialize the session
session_start();
// Check if the user is already logged in, if yes then redirect him to welcome page
if(isset($_SESSION["loggedinAdmin"]) && $_SESSION["loggedinAdmin"] === true){
echo "";
}else header("location: ../index.php");
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Reset Password</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
<style>
body{ font: 14px sans-serif; }
.wrapper{ width: 360px; padding: 20px; }
</style>
</head>
<body>
<div class="wrapper">
<select name="forma" onchange="location = this.value;">
<option value="">Choose ...</option>
<option value="insertBeer.php">Insert Beer</option>
<option value="insertBrewery.php">Insert Brewery</option>
<option value="insertArticle.php">Insert Article</option>
<option value="../logout.php">Logout Admin</option>
</select>
</div>
</body>
</html>

@ -70,3 +70,58 @@ function listBeersByBrewery($pdo, $where){
return $arrayBeers; return $arrayBeers;
} }
function listTagsByBeer($pdo, $beer){
$conn = $pdo;
try {
$stmt = $conn->prepare("SELECT tag_title FROM beer_has_tag INNER JOIN tag ON beer_has_tag.tag_id = tag.id WHERE beer_id = '$beer'");
$stmt->execute();
$result = $stmt->setFetchMode(PDO::FETCH_ASSOC);
$arrayBeersXTags = $stmt->fetchAll();
} catch (PDOException $e) {
echo "Error in Beers: " . $e->getMessage();
}
return $arrayBeersXTags;
}
function listBeersByTag($pdo, $tag){
$conn = $pdo;
try {
$stmt = $conn->prepare("SELECT FROM beer_has_tag JOIN tag ON tag_id WHERE tag.id = $tag");
$stmt->execute();
$result = $stmt->setFetchMode(PDO::FETCH_ASSOC);
$arrayTagsXBeers = $stmt->fetchAll();
} catch (PDOException $e) {
echo "Error in Beers: " . $e->getMessage();
}
print_r($arrayTagsXBeers);
return $arrayTagsXBeers;
}
function listBeersByUser($pdo, $user){
$conn = $pdo;
try {
$stmt = $conn->prepare("SELECT name, beer.id, degree, rating FROM beer JOIN list ON beer.id = list.beer_id JOIN user ON list.user_id = user.id WHERE user.id = $user");
$stmt->execute();
$result = $stmt->setFetchMode(PDO::FETCH_ASSOC);
$arrayOfBeers = $stmt->fetchAll();
} catch (PDOException $e) {
echo "Error in Beers: " . $e->getMessage();
}
return $arrayOfBeers;
}
function listBeersByBreweryNAN( $pdo ){
$conn = $pdo;
try {
$sql = "SELECT * FROM brewery";
$stmt = $conn->prepare($sql);
$stmt->execute();
$result = $stmt->setFetchMode(PDO::FETCH_ASSOC);
$arrayOfBreweries = $stmt->fetchAll();
} catch (PDOException $e) {
echo "Error in Breweries: " . $e->getMessage();
}
return $arrayOfBreweries;
}

@ -0,0 +1,28 @@
<?php
// Initialize the session
session_start();
// Check if the user is already logged in, if yes then redirect him to welcome page
if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] == false){
header("location: ../index.php");
exit;
}
// Include config file
require_once("../model/db.php");
$what = key($_POST);
$item = $_POST[$what];
$id = $_SESSION["id"];
$conn = $pdo;
try {
$sql = "UPDATE list SET rating='$item' WHERE user_id = '$id' AND beer_id = '$what'";
$stmt = $conn->prepare($sql);
$stmt->execute();
} catch (PDOException $e) {
echo "Error in list: Not Found";
}
header("location: ../beer.php?id=$what");

@ -0,0 +1,34 @@
<?php
// Initialize the session
session_start();
// Check if the user is already logged in, if yes then redirect him to welcome page
if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] == false){
header("location: ../index.php");
exit;
}
// Include config file
require_once("../model/db.php");
$what = key($_POST);
$item = $_POST[$what];
$id = $_SESSION["id"];
if ($what == "beer"){
$from_id = "beer_id";
$from="list";
} else {
$from_id = "brewery_id";
$from="follow";
}
$conn = $pdo;
try {
$sql = "DELETE FROM $from WHERE $from_id = $item AND user_id = $id";
echo $sql;
$conn->exec($sql);
} catch (PDOException $e) {
echo "Error in $from: Not Found";
}
header("location: ../$what.php?id=$item");

@ -11,17 +11,17 @@ insert into user ( nick, mail, password ) values ( 'aaa', 'test@mail.cz', '$2y$1
insert into user ( nick, mail, password ) values ( 'aa', 'test@mail.cz', '$2y$10$QVa2JNaw.VozkHyRWlEGNeAjYfiHEksxVVMhDZPjhGsuAY9MO51.C' ); insert into user ( nick, mail, password ) values ( 'aa', 'test@mail.cz', '$2y$10$QVa2JNaw.VozkHyRWlEGNeAjYfiHEksxVVMhDZPjhGsuAY9MO51.C' );
insert into brewery (name, region, description) values ( 'Zichovec', 'Louny', 'Remeslny pivovar'); insert into brewery ( name, region, description ) values ( 'Zichovec', 'Louny', 'Remeslny pivovar');
insert into brewery (name, region, description) values ( 'Siberia', 'Praha 9-Vysocany', 'Remeslny pivovar'); insert into brewery ( name, region, description ) values ( 'Siberia', 'Praha 9-Vysocany', 'Remeslny pivovar');
insert into brewery (name, region, description) values ( 'Matuska', 'Broumy', 'Remeslny pivovar'); insert into brewery ( name, region, description ) values ( 'Matuska', 'Broumy', 'Remeslny pivovar');
insert into brewery (name, region, description) values ( 'Cestmir', 'Stara Boleslav', 'Remeslny pivovar'); insert into brewery ( name, region, description ) values ( 'Cestmir', 'Stara Boleslav', 'Remeslny pivovar');
insert into brewery (name, region, description) values ( 'Prazdroj', 'Plzen', 'Pilsner Urquell'); insert into brewery ( name, region, description ) values ( 'Prazdroj', 'Plzen', 'Pilsner Urquell');
insert into beer ( name, alc, ibu, description, brewery_id, degree) values ( 'Robin', 5.1, '40', 'Quality APA, good as a starting beer', '1','12' ); insert into beer ( name, alc, ibu, description, brewery_id, degree ) values ( 'Robin', 5.1, '40', 'Quality APA, good as a starting beer', '1','12' );
insert into beer ( name, alc, ibu, description, brewery_id, degree) values ( 'Krahulik', 5.0, '32', 'Classic Lagger from Zichovec, comes in handy','1', '12' ); insert into beer ( name, alc, ibu, description, brewery_id, degree ) values ( 'Krahulik', 5.0, '32', 'Classic Lagger from Zichovec, comes in handy','1', '12' );
insert into beer ( name, alc, ibu, description, brewery_id, degree) values ( 'Pilsner Urquell', 4.4, '38', 'Oh yes, the PILSNER!','5', '12' ); insert into beer ( name, alc, ibu, description, brewery_id, degree ) values ( 'Pilsner Urquell', 4.4, '38', 'Oh yes, the PILSNER!','5', '12' );
insert into beer ( name, alc, ibu, description, brewery_id, degree) values ( 'Zlata Raketa', 7.0, '60', 'Signature beer from Matuska Brewery','3', '17' ); insert into beer ( name, alc, ibu, description, brewery_id, degree ) values ( 'Zlata Raketa', 7.0, '60', 'Signature beer from Matuska Brewery','3', '17' );
insert into beer ( name, alc, ibu, description, brewery_id, degree) values ( 'Yummy Blackcurrant Raspberry & Lingonberry', 5.1, '40', 'Simply delicious Beer from Siberia with full taste','2', '12' ); insert into beer ( name, alc, ibu, description, brewery_id, degree ) values ( 'Yummy Blackcurrant Raspberry & Lingonberry', 5.1, '40', 'Simply delicious Beer from Siberia with full taste','2', '12' );
insert into tag ( tag_title ) values ( 'IPA' ); insert into tag ( tag_title ) values ( 'IPA' );
insert into tag ( tag_title ) values ( 'APA' ); insert into tag ( tag_title ) values ( 'APA' );

@ -1,12 +1,33 @@
<?php <?php
session_start(); session_start();
require_once("model/db.php");
require_once("controller/getRecord.php");
require_once("controller/listLatest.php");
require_once("view/mainContent/userButtons.php");
if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){ if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){
require("view/header.php"); require("view/header.php");
require("view/sidebar.php"); require("view/sidebar.php");
echo "<div class=\"content\">";
$arrayOfBeers = listBeersByUser($pdo, $_SESSION["id"]);
foreach($arrayOfBeers as $row):
echo "
<div class=\"box\">
<article>
<a href=\"beer.php?id=";
echo $row["id"];
echo "\"><h2>";
echo $row["name"];
echo " ";
echo $row["degree"];
echo "˚</h2></a>";
showStars($row["id"], $row["rating"]);
echo "</br>";
echo "</br>";
echo "</article>
</div>";
endforeach;
echo "</div>";
include("view/footer.php"); include("view/footer.php");
} else { } else {
header("location: index.php"); header("location: index.php");

@ -9,7 +9,7 @@ if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
} }
// Include config file // Include config file
require_once "config.php"; require_once ("model/db.php");
// Define variables and initialize with empty values // Define variables and initialize with empty values
$new_password = $confirm_password = ""; $new_password = $confirm_password = "";
@ -40,33 +40,34 @@ if($_SERVER["REQUEST_METHOD"] == "POST"){
// Check input errors before updating the database // Check input errors before updating the database
if(empty($new_password_err) && empty($confirm_password_err)){ if(empty($new_password_err) && empty($confirm_password_err)){
// Prepare an update statement // Prepare an update statement
$sql = "UPDATE users SET password = ? WHERE id = ?"; $sql = "UPDATE user SET password = :password WHERE id = :id";
if($stmt = mysqli_prepare($link, $sql)){ if($stmt = $pdo->prepare($sql)){
// Bind variables to the prepared statement as parameters // Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "si", $param_password, $param_id); $stmt->bindParam(":password", $param_password, PDO::PARAM_STR);
$stmt->bindParam(":id", $param_id, PDO::PARAM_INT);
// Set parameters // Set parameters
$param_password = password_hash($new_password, PASSWORD_DEFAULT); $param_password = password_hash($new_password, PASSWORD_DEFAULT);
$param_id = $_SESSION["id"]; $param_id = $_SESSION["id"];
// Attempt to execute the prepared statement // Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){ if($stmt->execute()){
// Password updated successfully. Destroy the session, and redirect to login page // Password updated successfully. Destroy the session, and redirect to login page
session_destroy(); session_destroy();
header("location: login.php"); header("location: index.php");
exit(); exit();
} else{ } else{
echo "Oops! Something went wrong. Please try again later."; echo "Oops! Something went wrong. Please try again later.";
} }
// Close statement // Close statement
mysqli_stmt_close($stmt); unset($stmt);
} }
} }
// Close connection // Close connection
mysqli_close($link); unset($pdo);
} }
?> ?>
@ -98,7 +99,7 @@ if($_SERVER["REQUEST_METHOD"] == "POST"){
</div> </div>
<div class="form-group"> <div class="form-group">
<input type="submit" class="btn btn-primary" value="Submit"> <input type="submit" class="btn btn-primary" value="Submit">
<a class="btn btn-link ml-2" href="welcome.php">Cancel</a> <a class="btn btn-link ml-2" href="index.php">Cancel</a>
</div> </div>
</form> </form>
</div> </div>

@ -1,4 +1,5 @@
<?php <?php
session_start(); session_start();
header("location: index.php"); print_r($_GET);
//header("location: index.php");

Binary file not shown.

After

Width:  |  Height:  |  Size: 5.2 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 7.1 KiB

@ -23,6 +23,10 @@ body {
/* Tagy */ /* Tagy */
#star:hover {
src: url("src/starY.png") no-repeat;
}
.taglist .tag{ .taglist .tag{
margin-right:.4em; margin-right:.4em;
padding:.5em; padding:.5em;
@ -201,16 +205,17 @@ input:focus {
button { button {
text-align: center; text-align: center;
background: #575757; font-size: 1.4em;
background: #fff;
color: #575757; color: #575757;
border: 2px solid #fff; border: 2px solid #575757;
border-radius: 8px; border-radius: 8px;
cursor: pointer; cursor: pointer;
outline: 0; outline: 0;
} }
button:hover { button:hover {
color: #fff; color: black;
background: #575757; background: #575757;
border: 2px solid #fff; border: 2px solid #fff;
} }

@ -11,10 +11,21 @@ if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){
// Include config file // Include config file
require_once("model/db.php"); require_once("model/db.php");
// Define variables and initialize with empty values // Define variables and initialize with empty values
$username = $password = ""; $username = $password = "";
$username_err = $password_err = $login_err = ""; $username_err = $password_err = $login_err = "";
if($_POST["name"] != null){
session_start();
$_SESSION["wrongCr"] = true;
header("location: index.php");
exit;
}
if(!empty(trim($_POST["password"]))){
session_start();
$_SESSION["wrongCr"] = true;
header("location: index.php");
exit;
}
// Processing form data when form is submitted // Processing form data when form is submitted
if($_SERVER["REQUEST_METHOD"] == "POST"){ if($_SERVER["REQUEST_METHOD"] == "POST"){

@ -0,0 +1,7 @@
<div class="content">
<div class="taglist">
<?php foreach($array as $row) : ?>
<span class="tag"><a href="search.php?type=tag&keyword=<?= $row['tag_title'] ?>">+ <?= $row['tag_title'] ?></a></span>
<?php endforeach; ?>
</div>
</div>

@ -1,35 +1,42 @@
<?php <?php
function unfollowButton($pdo, $where, $item_id, $user_id){ function unfollowButton($where, $item_id){
print_r($pdo); echo "<form method=\"POST\">
$conn = $pdo; <button type=\"submit\" name=\"";
try {
$sql = "SELECT * FROM $from WHERE id = $where"; if($where == "list"){
$stmt = $conn->prepare($sql); echo "beer\" value=\"$item_id\" formaction=\"controller/unfollow.php\">Remove from My Beer List";
$stmt->execute(); }else echo "brewery\" value=\"$item_id\" formaction=\"controller/unfollow.php\">Unfollow Brewery";
$result = $stmt->setFetchMode(PDO::FETCH_ASSOC);
$record = $stmt->fetch(); echo "</button></form></br>";
} catch (PDOException $e) { }
echo "Error in $from: Not Found";
} function followButton($where, $item_id){
return $record;
echo "<form method=\"POST\">
<button type=\"submit\" name=\"";
if($where == "list"){
echo "beer\" value=\"$item_id\" formaction=\"controller/follow.php\">Add to My Beer List";
}else echo "brewery\" value=\"$item_id\" formaction=\"controller/follow.php\">Follow Brewery";
echo "</button></form></br>";
} }
function followButton($pdo, $where, $item_id, $user_id){ function showStars($beer_id, $rating){
print_r($pdo);
$conn = $pdo; for ($i = 1; $i <= $rating; $i++) {
try { echo "<form method=\"POST\" action=\"controller/rate.php\">";
$sql = "SELECT * FROM $from WHERE id = $where"; echo "<input class=\"login\" type=\"text\" name=\"$beer_id\" value=\"$i\"></input>";
$stmt = $conn->prepare($sql); echo "<input class=\"Star\" type=\"image\" alt=\"Rate !\" src=\"src/starY.png\" value=\"\">";
$stmt->execute(); echo "</form>";
$result = $stmt->setFetchMode(PDO::FETCH_ASSOC);
$record = $stmt->fetch();
} catch (PDOException $e) {
echo "Error in $from: Not Found";
} }
return $record;
}
function showStars($pdo, $beer_id, $user_id){ for ($i = ++$rating ; $i <= 10; $i++) {
print_r($pdo); echo "<form method=\"POST\" action=\"controller/rate.php\">";
echo "<input class=\"login\" type=\"text\" name=\"$beer_id\" value=\"$i\"></input>";
echo "<input class=\"Star\" type=\"image\" alt=\"Rate !\" src=\"src/starN.png\" value=\"\" >";
echo "</form>";
}
} }

@ -6,7 +6,7 @@
<input id="SearchButton" type="image" alt="Enter !" src="src/key-ico.png"> <input id="SearchButton" type="image" alt="Enter !" src="src/key-ico.png">
</form> </form>
</div> </div>
<div class="login"> //Honeypot <div class="login">
<form id="login" method="post" action="verify.php" class="login"> <form id="login" method="post" action="verify.php" class="login">
<input name="user" type="text" placeholder="Username" size="22" > <input name="user" type="text" placeholder="Username" size="22" >
<input name="password" type="password" placeholder="Password" size="22" > <input name="password" type="password" placeholder="Password" size="22" >

@ -6,13 +6,16 @@ session_start();
<div class="slice"> <div class="slice">
<ul> <ul>
<li>Yo, <b><?php echo htmlspecialchars($_SESSION["username"]); ?></b>! Another one on the tab?</li> <li>Yo, <b><?php echo htmlspecialchars($_SESSION["username"]); ?></b>! Another one on the tab?</li>
<li></br></li>
<li></li>
</ul>
</div>
<div class="slice">
<ul>
<li><a href="myList.php" >Beer List of Mine</a></li>
<li><a href="passChange.php" >Reset Your Password</a></li>
<li><a href="logout.php" >Log out.</a></li>
</ul> </ul>
</div> </div>
<div class="slice">
<ul>
<li><a href="myList.php" >Beer List of Mine</a></li>
<li><a href="passChange.php" >Reset Your Password</a></li>
<li><a href="logout.php" >Log out.</a></li>
</ul>
</div> </div>
</nav> </nav>

Loading…
Cancel
Save