//////////////////////
$app->get('/customer/email/{email}', function ($request, $response, $args) {
if ($customerData = getUsersFromEmail($args['email'])) {
$users = array();
while ($user = mysqli_fetch_array($customerData)) {
array_push($users, editCustomer($user));
}
createResponse($users);
} else {
createResponse(array('error' => 'No users found with that email adress.'));
}
});
$app->get('/customer/{customer_id}', function ($request, $response, $args) {
if ($customerData = getUserFromID($args['customer_id'])) {
$user = mysqli_fetch_array($customerData);
createResponse(editCustomer($user));
} else {
createResponse(array('error' => 'No user found with that id.'));
}
});
$app->post('/customer/', function ($request, $response) {
$args = $request->getParsedBody();
$errors = array();
if (empty($args['firstName'])) {
array_push($errors, 'No First Name set!');
}
if (empty($args['lastName'])) {
array_push($errors, 'No Last Name set!');
}
if (empty($args['email'])) {
array_push($errors, 'No email set!');
}
if (empty($city)) {
$error['city'] = $lang['error_city_empty'];
}
if (empty($zip)) {
$error['zip'] = $lang['error_zip_empty'];
}
if (empty($country)) {
$error['country'] = $lang['error_country_empty'];
}
if (empty($phone)) {
$error['phone'] = $lang['error_phone_empty'];
}
if (empty($error)) {
$edit_data = array('customerId' => $logged, 'fname' => $fname, 'lname' => $lname, 'dob' => $dob, 'gender' => $gender, 'add1' => $add1, 'add2' => $add2, 'city' => $city, 'zip' => $zip, 'country' => $country, 'state' => $state, 'phone' => preg_replace("/[^0-9]+/", "", $phone), 'modify_by' => "c" . $logged);
$edit_query = editCustomer($edit_data);
if ($edit_query) {
$success = $lang['success_edit'];
} else {
$error_warning = $lang['error_query'];
}
} else {
$error_fname = $error['fname'];
$error_lname = $error['lname'];
$error_dob = $error['dob'];
$error_add1 = $error['add1'];
$error_city = $error['city'];
$error_zip = $error['zip'];
$error_country = $error['country'];
$error_state = $error['state'];
$error_phone = $error['phone'];
// initialize
include_once '../../../common/init.php';
if (!isLoggedInAdmin()) {
redirect('');
} else {
// include needed database functions
include_once $BASE_PATH . 'database/customers.php';
$username = strip_tags($_POST['username']);
$password = strip_tags($_POST['password']);
$fullname = strip_tags($_POST['fullname']);
$email = strip_tags($_POST['email']);
$id = $_POST['id'];
$image = "";
if (($_FILES["image"]["type"] == "image/jpeg" || $_FILES["image"]["type"] == "image/jpg") && $_FILES["image"]["size"] < $maxfilesize) {
$image = base64_encode(file_get_contents($_FILES['image']['tmp_name']));
} elseif (isset($_POST['delete-image'])) {
$image = null;
}
if (!empty($username) && !empty($fullname) && !empty($email)) {
if (empty($password)) {
editCustomer($username, $fullname, $email, $image, $id);
} else {
editCustomerWithPassword($username, md5($password), $fullname, $email, $image, $id);
}
//md5 hash to be replaced by something a bit more secure
redirect('pages/manager/customers/list_customers.php');
} else {
echo "Fill all fields";
}
}
addFailure();
break;
case 'sendPartsEmail':
sendPartsEmail();
break;
case 'editDefault':
editDefault();
break;
case 'getCustomerDetails':
getCustomerDetails();
break;
case 'getCustomerDetails1':
getCustomerDetails1();
break;
case 'editCustomer':
editCustomer();
break;
case 'editCustomer1':
editCustomer1();
break;
case 'getVehicleDetails':
getVehicleDetails();
break;
case 'getVehicleDetails1':
getVehicleDetails1();
break;
case 'editVehicle':
editVehicle();
break;
case 'editVehicleComplaint':
editVehicleComplaint();
$newauctionend = time() + 45;
}
if ($oldtotalbid > 3800 && $oldtotalbid <= 4000) {
$newtoken = $oldtoken - 20;
$newauctionstart = time();
$newauctionend = time() + 30;
}
if ($oldtotalbid > 4000) {
$newtoken = $oldtoken - 25;
$newauctionstart = time();
$newauctionend = time() + 15;
}
if ($newtoken >= 0) {
$newtotalbid = $oldtotalbid + 1;
$result = checkBiddingLog($pid);
if ($result) {
$newauctionprice = $oldauctionprice + 0.01;
} else {
$newauctionprice = $oldauctionprice - 0.01;
}
$data = array('productId' => $pid, 'customerId' => $logged, 'aprice' => $newauctionprice, 'modify_by' => "s" . $logged, 'datestart' => date("Y-m-d H:i:s", $newauctionstart), 'dateend' => date("Y-m-d H:i:s", $newauctionend), 'bids' => $newtotalbid, 'token' => $newtoken);
$updatebidcustomer = editCustomer($data);
$updatebidproduct = editProduct($data);
$bid_query = insertBiddingLog($data);
$_SESSION['success'] = $lang['success_bidding'];
header("location:" . mainPageURL());
} else {
$_SESSION['error_warning'] = $lang['error_tokens'];
header("location:buy_tokens.html");
}
}
<?php
include 'db/pdo.php';
$no_cust = $_POST['no_cust'];
$nama_cust = $_POST['nama_cust'];
$alamat = $_POST['alamat'];
$no_telp = $_POST['no_telp'];
$edit_customer = editCustomer($no_cust, $nama_cust, $alamat, $no_telp);
if (isset($edit_customer)) {
header("Location: {$base_url}/customer.php?edit={$nama_cust}");
}
