//This file displays an individual item
//TODO Check item exists in database.
if(!isset($_GET['id']) || !is_numeric($_GET['id'])){
redirect_to_url('/'); //Send to homepage.
} else {
$item_id = (int)$_GET['id'];
}
$item = new Item($item_id);
QR::item($item_id);
$valid_actions = array('delete', 'checkout', 'return');
if(isset($_GET['action']) && in_array($_GET['action'], $valid_actions)){
$auth->require_login();
$action = $_GET['action'];
if( $action == 'delete' && $item->get_owner_id() == $user_id ){
Item::delete($item_id);
redirect_to_url('/items/view_items.php?u=' . $user_id);
}
//TODO: May want to add check if item is available to be checked out
else if( $action == 'checkout' ){
Item::checkout_by_ids($item_id, $user_id);
redirect_to_url('/items/view_items.php?u=' . $user_id);
}
else if( $action == 'return' ){
Item::return_by_id($item_id, $user_id);
//redirect_to_url('/items/view_items.php?u=' . $user_id);
}
}
$page->assign('item', $item->to_array());
<?php
namespace tatt;
require_once 'tatt/webcommon.php';
var_dump($_POST);
$auth->require_login();
if(!isset($_GET['id']) || !is_numeric($_GET['id']))
redirect_to_url('/items/view_items.php'); //Redirect to inventory page.
$item_id = (int)$_GET['id'];
$item = new Item($item_id);
if($item->get_owner_id() != $user_id)
redirect_to_url('/items/view_items.php'); //Redirect to inventory page.
if(isset($_POST['name'])){
//form was submitted
$name = $db->escape_string($_POST['name']);
$location = $db->escape_string($_POST['location']);
$item->set_name($name);
$item->set_location($location);
if(isset($_POST['attributes'])){
$attributes = $_POST['attributes'];
foreach($attributes as $attribute){
$attribute_id = (int)$attribute['id'];
$value = $db->escape_string($attribute['value']);
//echo "ID: $attribute_id V: $value";
$new_attribute = new Attribute($item_id, $attribute_id);
$new_attribute->set_value($value);
