Beispiel #1
0
function checkUser()
{
    $nameUser = $_COOKIE['log'];
    $result = mysqli_query(connect(), "SELECT * FROM users WHERE name = '{$nameUser}'");
    while ($rslt = mysqli_fetch_row($result)) {
        $id = $rslt[0];
    }
    $result1 = mysqli_query(connect(), "SELECT * FROM companies WHERE userID = '{$id}'");
    $nameCompany = "";
    while ($rslt1 = mysqli_fetch_row($result1)) {
        $nameCompany = $rslt1[1];
        $a = $rslt1[2];
        $p = $rslt1[3];
    }
    close_bd();
    if ($nameCompany == null) {
        echo "У вас нет компании";
        controller_insertCompany();
    } else {
        $id = $_COOKIE['companyID'];
        echo "<form action=http://localhost/companies/index.php?page=companies&action=edit&id={$id} method=post> Ваша компания: {$nameCompany}<br>\n\t\t<input class=button type=submit value=Редактировать name = but/></form>";
        //echo "<form action=http://localhost/companies/index.php?page=products&action=edit&id=$id method=post/></form>";
        echo "<form method=post action=index.php?page=companies&action=delete&id={$id}><br><input class=button type=submit value=\"Удалить\" name = but/></form>";
        controller_products_index();
    }
    close_bd();
}
Beispiel #2
0
function controller_insertProduct()
{
    view_insertProduct();
    if (!empty($_POST['nameProduct'])) {
        $nameProduct = $_POST['nameProduct'];
        $price = $_POST['price'];
        $res = mysqli_query(connect(), "SELECT id FROM products WHERE name = '{$nameProduct}'");
        $row = mysqli_fetch_row($res);
        $count = $row[0];
        close_bd();
        if (!preg_match("/^[a-zA-Z0-9]+\$/", $_POST['nameProduct'])) {
            echo "Название может состоять только из букв английского алфавита и цифр";
        } elseif (!preg_match("/^[0-9]+\$/", $_POST['price'])) {
            echo "Цена может состоять только цифр<br>";
        } elseif (strlen($_POST['nameProduct']) < 3 or strlen($_POST['nameProduct']) > 30) {
            echo "Название должно быть не меньше 3-х символов и не больше 30";
        } elseif (!empty($count)) {
            echo "Продукт с таким названием уже существует, придумайте другое";
        } else {
            addProduct();
        }
    }
}
Beispiel #3
0
function connect()
{
    $link = mysqli_connect('localhost', 'root', '7215', 'companies');
    if (!$link) {
        die('Ошибка соединения: ' . mysqli_error());
    }
    return $link;
}
function close_bd()
{
    mysqli_close(connect());
}
$login = $_POST["login"];
$userID = "";
$companyID = "";
$result = mysqli_query(connect(), "SELECT id FROM users WHERE name = '{$login}'");
while ($rslt = mysqli_fetch_row($result)) {
    $userID = $rslt[0];
}
$result = mysqli_query(connect(), "SELECT id FROM companies WHERE userID = '{$userID}'");
while ($rslt = mysqli_fetch_row($result)) {
    $companyID = $rslt[0];
}
close_bd();
setcookie("companyID", $companyID, time() + 3600 * 24 * 30 * 12, "/");
setcookie("userID", $userID, time() + 3600 * 24 * 30 * 12, "/");
setcookie("log", $_POST["login"], time() + 3600 * 24 * 30 * 12, "/");
setcookie("pa", md5($_POST["passw"]), time() + 3600 * 24 * 30 * 12, "/");
header("Location: " . $_SERVER['HTTP_REFERER']);
exit;
Beispiel #4
0
function view_my_products($products_list)
{
    $companyID = $_GET['id'];
    $result = mysqli_query(connect(), "SELECT name FROM companies WHERE id = '{$companyID}'");
    while ($rslt = mysqli_fetch_row($result)) {
        $n = $rslt[0];
    }
    close_bd();
    echo "<h1>Продукция компании '{$n}' <form method=post> \n\t\t\n\t\t</h1></form>";
    echo "<table border='1'>\n\t\t<tr>\n\t\t<th>Товар</th>\n\t\t<th>Стоимость</th>\n\t\t</tr>";
    foreach ($products_list as $row) {
        echo "<tr>";
        echo "<td>" . $row['name'] . "</td>";
        echo "<td>" . $row['price'] . "</td>\n\t\t\t  </td>\n";
        echo "</tr>";
    }
    echo "</table>";
    controller_pages_products($companyID);
}