function checkUser()
{
$nameUser = $_COOKIE['log'];
$result = mysqli_query(connect(), "SELECT * FROM users WHERE name = '{$nameUser}'");
while ($rslt = mysqli_fetch_row($result)) {
$id = $rslt[0];
}
$result1 = mysqli_query(connect(), "SELECT * FROM companies WHERE userID = '{$id}'");
$nameCompany = "";
while ($rslt1 = mysqli_fetch_row($result1)) {
$nameCompany = $rslt1[1];
$a = $rslt1[2];
$p = $rslt1[3];
}
close_bd();
if ($nameCompany == null) {
echo "У вас нет компании";
controller_insertCompany();
} else {
$id = $_COOKIE['companyID'];
echo "<form action=http://localhost/companies/index.php?page=companies&action=edit&id={$id} method=post> Ваша компания: {$nameCompany}<br>\n\t\t<input class=button type=submit value=Редактировать name = but/></form>";
//echo "<form action=http://localhost/companies/index.php?page=products&action=edit&id=$id method=post/></form>";
echo "<form method=post action=index.php?page=companies&action=delete&id={$id}><br><input class=button type=submit value=\"Удалить\" name = but/></form>";
controller_products_index();
}
close_bd();
}
function controller_insertProduct()
{
view_insertProduct();
if (!empty($_POST['nameProduct'])) {
$nameProduct = $_POST['nameProduct'];
$price = $_POST['price'];
$res = mysqli_query(connect(), "SELECT id FROM products WHERE name = '{$nameProduct}'");
$row = mysqli_fetch_row($res);
$count = $row[0];
close_bd();
if (!preg_match("/^[a-zA-Z0-9]+\$/", $_POST['nameProduct'])) {
echo "Название может состоять только из букв английского алфавита и цифр";
} elseif (!preg_match("/^[0-9]+\$/", $_POST['price'])) {
echo "Цена может состоять только цифр<br>";
} elseif (strlen($_POST['nameProduct']) < 3 or strlen($_POST['nameProduct']) > 30) {
echo "Название должно быть не меньше 3-х символов и не больше 30";
} elseif (!empty($count)) {
echo "Продукт с таким названием уже существует, придумайте другое";
} else {
addProduct();
}
}
}
function connect()
{
$link = mysqli_connect('localhost', 'root', '7215', 'companies');
if (!$link) {
die('Ошибка соединения: ' . mysqli_error());
}
return $link;
}
function close_bd()
{
mysqli_close(connect());
}
$login = $_POST["login"];
$userID = "";
$companyID = "";
$result = mysqli_query(connect(), "SELECT id FROM users WHERE name = '{$login}'");
while ($rslt = mysqli_fetch_row($result)) {
$userID = $rslt[0];
}
$result = mysqli_query(connect(), "SELECT id FROM companies WHERE userID = '{$userID}'");
while ($rslt = mysqli_fetch_row($result)) {
$companyID = $rslt[0];
}
close_bd();
setcookie("companyID", $companyID, time() + 3600 * 24 * 30 * 12, "/");
setcookie("userID", $userID, time() + 3600 * 24 * 30 * 12, "/");
setcookie("log", $_POST["login"], time() + 3600 * 24 * 30 * 12, "/");
setcookie("pa", md5($_POST["passw"]), time() + 3600 * 24 * 30 * 12, "/");
header("Location: " . $_SERVER['HTTP_REFERER']);
exit;
function view_my_products($products_list)
{
$companyID = $_GET['id'];
$result = mysqli_query(connect(), "SELECT name FROM companies WHERE id = '{$companyID}'");
while ($rslt = mysqli_fetch_row($result)) {
$n = $rslt[0];
}
close_bd();
echo "<h1>Продукция компании '{$n}' <form method=post> \n\t\t\n\t\t</h1></form>";
echo "<table border='1'>\n\t\t<tr>\n\t\t<th>Товар</th>\n\t\t<th>Стоимость</th>\n\t\t</tr>";
foreach ($products_list as $row) {
echo "<tr>";
echo "<td>" . $row['name'] . "</td>";
echo "<td>" . $row['price'] . "</td>\n\t\t\t </td>\n";
echo "</tr>";
}
echo "</table>";
controller_pages_products($companyID);
}