public static function addAccount($parameters)
{
self::getDatabaseInstance();
// SQL query for creating a new user record
$registerUserQuery = "INSERT INTO users ( username, email, firstName, lastName, address, postcode, city, countryId, password ) ";
$registerUserQuery .= "VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ? )";
$userId = self::$database->issueQuery($registerUserQuery, "sssssssis", $parameters);
$confirmCode = rand(100000, 100000000);
QueryOperator::addUnverifiedAccount(array($userId, $confirmCode));
return $confirmCode;
}
<?php
$recommendedAuctions = QueryOperator::getBuyersRecommendedAuctions(SessionOperator::getUser()->getUserId());
if (count($recommendedAuctions) < 20) {
$recommendedAuctions = array_merge($recommendedAuctions, QueryOperator::getMostPopularAuctions(20 - count($recommendedAuctions)));
}
?>
<!-- recommendations start -->
<div class="panel panel-default recommendation-box" <?php
if ($page == "search") {
?>
style="margin-top: 60px"<?php
}
?>
>
<div class="panel-heading">
<h5>
<?php
/*if ($collaborative){
echo "Recommended auctions inspired by your bidding history";
}else{
echo "The Most popular auctions right now";
}*/
echo "Recommended auctions";
?>
</h5>
</div>
<?php
require_once "../classes/class.helper_operator.php";
require_once "../config/config.php";
require_once "../classes/class.query_operator.php";
require_once "../classes/class.session_operator.php";
// Delete profile image from file system and image name from database
$user = SessionOperator::getUser();
unlink(ROOT . $user->getImage());
QueryOperator::uploadImage($user->getUserId(), null, "users");
// Update user session
$user = QueryOperator::getAccount(SessionOperator::getUser()->getUserId());
SessionOperator::updateUser(new User($user));
// Set feedback session
SessionOperator::setNotification(SessionOperator::DELETED_PROFILE_PHOTO);
HelperOperator::redirectTo("../views/profile_view.php");
echo $value;
?>
</option>
<?php
}
?>
</select>
</div>
<div class="form-group">
<label>Condition</label>
<select class="selectpicker form-control" name="itemCondition" data-dropup-auto="false">
<option default>Select</option>
<?php
$itemCondition = SessionOperator::getFormInput("itemCondition");
$itemConditions = QueryOperator::getConditionsList();
foreach ($itemConditions as $value) {
$value = htmlspecialchars($value);
$selected = "";
if ($value == $itemCondition) {
$selected = "selected";
}
?>
<option value="<?php
echo $value;
?>
" title="<?php
echo $value;
?>
" <?php
echo $selected;
// Prevent sql injection
if (!is_numeric($auctionId)) {
HelperOperator::redirectTo("../views/my_live_auctions_view.php");
}
/* @var User $user */
$user = SessionOperator::getUser();
$userId = $user->getUserId();
/* @var DbAuction $auction */
/* @var DbItem $item */
$auction = DbAuction::find($auctionId);
$item = DbItem::find($auction->getField("itemId"));
// User owns auction
if ($item->getField("userId") == $userId) {
// Notifiy current highest bidder
$highestBid = QueryOperator::getAuctionBids($auctionId, 1)[0];
if (!empty($highestBid)) {
$comment = "The auction \"" . $item->getField("itemName") . " " . $item->getField("itemBrand") . "\" with ";
$comment .= "your current highest bid of " . $highestBid->getBidPrice() . " GSP was deleted by " . $user->getUsername() . ".";
QueryOperator::addNotification($highestBid->getBidderId(), $comment, QueryOperator::NOTIFICATION_AUCTION_DELETED);
}
// Delete auction
$auction->delete();
if (!empty($imageName = $item->getField("image"))) {
unlink(ROOT . $imageName);
}
// Delete auction event
QueryOperator::dropAuctionEvent($auctionId);
// Set feedback session
SessionOperator::setNotification(SessionOperator::DELETED_AUCTION);
}
HelperOperator::redirectTo("../views/my_live_auctions_view.php");
$auctionId = (int) $_GET["auctionId"];
$bidPrice = $_GET["bidPrice"];
$auction = QueryOperator::getLiveAuction($auctionId);
$user = SessionOperator::getUser();
$userId = (int) $user->getUserId();
// Incorrect inputs
if (ValidationOperator::hasEmtpyFields($_GET) || !ValidationOperator::isPositiveNumber($bidPrice, "bidPrice") || !ValidationOperator::checkBidPrice($bidPrice, $auctionId)) {
// Create a session for bid price so that it can be recovered after the page returns
SessionOperator::setFormInput(["bidPrice" => $bidPrice]);
} else {
// Notify outbid user (only if it is not the same user)
$highestBidderId = $auction->getHighestBidderId();
if (!is_null($highestBidderId) && $highestBidderId != $userId) {
$comment = "You were outbid on the auction \"" . $auction->getItemName() . " " . $auction->getItemBrand() . "\" by ";
$comment .= "by \"" . $user->getUserName() . "\". The new highest bid is " . $bidPrice . " GSP.";
QueryOperator::addNotification($highestBidderId, $comment, QueryOperator::NOTIFICATION_OUTBID);
}
$comment = "You received a new bid on the auction \"" . $auction->getItemName() . " " . $auction->getItemBrand() . "\" by ";
$comment .= "by \"" . $user->getUserName() . "\". The new highest bid is " . $bidPrice . " GSP.";
QueryOperator::addNotification($auction->getSellerId(), $comment, QueryOperator::NOTIFICATION_NEW_BID);
// Place bid
QueryOperator::placeBid($auctionId, $userId, $bidPrice);
$dbAuction = DbAuction::find($auctionId);
$dbAuction->setField("highestBidderId", $userId);
$dbAuction->save();
// Set feedback session
SessionOperator::setNotification(SessionOperator::PLACED_BID);
}
}
// Return back to page
HelperOperator::redirectTo("../views/open_live_auction_view.php?liveAuction=" . $auctionId . "&s=1");
<?php
require_once "../classes/class.session_operator.php";
require_once "../classes/class.query_operator.php";
// Mark notification as seen
if (isset($_GET["notificationId"])) {
$id = $_GET["notificationId"];
QueryOperator::haveSeen(SessionOperator::getUser()->getUserId(), $id);
}
echo 'value = "' . SessionOperator::getFormInput("city") . '"';
?>
>
</div>
<div class="form-group-lg col-xs-6">
<label class="text-danger"> 
<?php
echo SessionOperator::getInputErrors("country");
?>
</label><br>
<select name="country" class="selectpicker form-control" data-dropup-auto="false">
<option default>Country</option>
<?php
$country = SessionOperator::getFormInput("country");
$countries = QueryOperator::getCountriesList();
foreach ($countries as $value) {
$value = htmlspecialchars($value);
$selected = "";
if ($value == $country) {
$selected = "selected";
}
?>
<option value="<?php
echo $value;
?>
" title="<?php
echo $value;
?>
" <?php
echo $selected;
<?php
require_once "../classes/class.session_operator.php";
require_once "../classes/class.query_operator.php";
require_once "../scripts/user_session.php";
require_once "../classes/class.pagination.php";
require_once "../classes/class.db_bid.php";
$search_result = SessionOperator::getSearchSetting(SessionOperator::SEARCH_RESULT);
$sort = SessionOperator::getSearchSetting(SessionOperator::SORT);
$searchString = SessionOperator::getSearchSetting(SessionOperator::SEARCH_STRING);
$searchCategory = SessionOperator::getSearchSetting(SessionOperator::SEARCH_CATEGORY);
$pagination = SessionOperator::getSearchSetting(SessionOperator::SEARCH_PAGINATION);
$sortOptions = QueryOperator::getSortOptionsList();
$subCategories = QueryOperator::getCategoriesList();
$user = SessionOperator::getUser();
$liveAuctions = $search_result["auctions"];
$categories = $search_result["categories"];
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="">
<meta name="author" content="">
<title>Search Results</title>
<?php
require_once "../classes/class.session_operator.php";
require_once "../classes/class.query_operator.php";
require_once "../scripts/user_session.php";
$user = SessionOperator::getUser();
$liveAuctions = QueryOperator::getSellersLiveAuctions($user->getUserId());
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="">
<meta name="author" content="">
<title>Live Auctions</title>
<!-- Font -->
<link href='https://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'>
<!-- CSS -->
<link href="../css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css">
<link href="../css/animate.css" rel="stylesheet" type="text/css">
<link href="../css/metisMenu.min.css" rel="stylesheet">
<link href="../css/sb-admin-2.css" rel="stylesheet">
<link href="../css/dataTables.bootstrap.css" rel="stylesheet">
<?php
require_once "../classes/class.session_operator.php";
require_once "../classes/class.query_operator.php";
require_once "../scripts/user_session.php";
$user = SessionOperator::getUser();
$didNotWinAuctions = QueryOperator::getEndedAuctionsWhereBuyerHasLost($user->getUserId());
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="">
<meta name="author" content="">
<title>Watched Auctions</title>
<!-- Font -->
<link href='https://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'>
<!-- CSS -->
<link href="../css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css">
<link href="../css/animate.css" rel="stylesheet" type="text/css">
<link href="../css/metisMenu.min.css" rel="stylesheet">
<link href="../css/sb-admin-2.css" rel="stylesheet">
<link href="../css/dataTables.bootstrap.css" rel="stylesheet">
SessionOperator::setNotification(SessionOperator::CHANGED_PASSWORD);
// Send a password changed confirmation email to the user
$mail = new Email($email, $userDetails["firstName"], $userDetails["lastName"]);
$mail->preparePasswordConfirmEmail();
$mail->sentEmail();
HelperOperator::redirectTo("../index.php");
} else {
SessionOperator::setFormInput($passwordFields);
}
HelperOperator::redirectTo("../views/change_password_view.php?email=" . $email);
} else {
if (isset($_POST["changePasswordSignedIn"])) {
// Retrieve Passwords
$passwordFields = ["currentPassword" => $_POST["currentPassword"], "password1" => $_POST["password1"], "password2" => $_POST["password2"]];
// Get current user session
$user = SessionOperator::getUser();
// Current password is correct and both new passwords are valid and match
if (!ValidationOperator::hasEmtpyFields($passwordFields) && ValidationOperator::isCurrentPassword($passwordFields["currentPassword"]) && ValidationOperator::validPasswords($passwordFields["password1"], $passwordFields["password2"])) {
QueryOperator::updatePassword($user->getEmail(), $passwordFields["password2"]);
SessionOperator::setNotification(SessionOperator::CHANGED_PASSWORD);
// Send a password changed confirmation email to the user
$mail = new Email($user->getEmail(), $user->getFirstName(), $user->getLastName());
$mail->preparePasswordConfirmEmail();
$mail->sentEmail();
} else {
SessionOperator::setFormInput($passwordFields);
}
HelperOperator::redirectTo("../views/account_view.php");
}
}
}
<?php
require_once "../classes/class.helper_operator.php";
require_once "../classes/class.session_operator.php";
require_once "../classes/class.user.php";
// Sign in button was clicked
if (isset($_POST["signIn"])) {
require_once "../classes/class.query_operator.php";
require_once "../classes/class.session_operator.php";
$email = trim($_POST["loginEmail"]);
$password = trim($_POST["loginPassword"]);
// Login details correct
if (!is_null($account = QueryOperator::checkAccount($email, $password))) {
// Login user and redirect to home page
SessionOperator::login(new User($account));
HelperOperator::redirectTo("../views/my_live_auctions_view.php");
} else {
// Create a session for the login inputs so that they can be recovered after the page reloads
SessionOperator::setFormInput(["loginEmail" => $email, "loginPassword" => $password]);
// Create a session for incorrect email and user details
$message = "The entered email and password did not match our records, please try again.";
SessionOperator::setInputErrors(["login" => $message]);
}
}
// Sign in button was not clicked or sign in failed
HelperOperator::redirectTo("../index.php");
require_once "../classes/class.validation_operator.php";
require_once "../classes/class.query_operator.php";
// Only process when sign up button was clicked
if (!isset($_POST["signUp"])) {
HelperOperator::redirectTo("../index.php");
}
// Store POST values
$registration = ["username" => $_POST["username"], "email" => $_POST["email"], "firstName" => $_POST["firstName"], "lastName" => $_POST["lastName"], "address" => $_POST["address"], "postcode" => $_POST["postcode"], "city" => $_POST["city"], "country" => $_POST["country"], "password1" => $_POST["password1"], "password2" => $_POST["password2"]];
// Add empty string for default country
if ($registration["country"] == "Country") {
$registration["country"] = "";
}
// Check inputs
if (ValidationOperator::hasEmtpyFields($registration) || ValidationOperator::isTaken($registration["username"], $registration["email"]) || !ValidationOperator::validPasswords($registration["password1"], $registration["password2"])) {
// Create a session for all inputs so that they can be recovered after the page returns
SessionOperator::setFormInput($registration);
} else {
// Create new user
$registration["country"] = QueryOperator::getCountryId($registration["country"]);
$encryptedPassword = password_hash($registration["password1"], PASSWORD_BCRYPT);
$confirmCode = QueryOperator::addAccount(array($registration["username"], $registration["email"], $registration["firstName"], $registration["lastName"], $registration["address"], $registration["postcode"], $registration["city"], $registration["country"], $encryptedPassword));
// Create a session for the successfully submitted registration (account not verified yet)
SessionOperator::setNotification(SessionOperator::SUBMITTED_REGISTRATION);
// Email a verification link to the user - must be verified before accessing the new account
require_once "../classes/class.email.php";
$mail = new Email($registration["email"], $registration["firstName"], $registration["lastName"]);
$mail->prepareVerificationEmail($confirmCode);
$mail->sentEmail();
}
// Redirect back
HelperOperator::redirectTo("../index.php");
}
// Get item category and condition id
$ids = QueryOperator::getItemRelatedIds(addslashes($new_auction["itemCategory"]), $new_auction["itemCondition"]);
// Prepare item parameters
$item[] = SessionOperator::getUser()->getUserId();
$item[] = $new_auction["itemName"];
$item[] = $new_auction["itemBrand"];
$item[] = $ids["categoryId"];
$item[] = $ids["conditionId"];
$item[] = $new_auction["itemDescription"];
$item[] = $newImageName;
// Prepare auction parameters
$startTime = date_create($new_auction["startTime"])->format('Y-m-d H:i:s');
$endTime = date_create($new_auction["endTime"])->format('Y-m-d H:i:s');
$auction[] = "";
$auction[] = $new_auction["quantity"];
$auction[] = $new_auction["startPrice"];
$auction[] = $new_auction["reservePrice"];
$auction[] = $startTime;
$auction[] = $endTime;
// Store auction in database
$ids = QueryOperator::addAuction($item, $auction);
// Set event timer
QueryOperator::addAuctionEvent($endTime, SessionOperator::getUser()->getUserId(), $ids["auctionId"]);
// Store image name in database
QueryOperator::uploadImage($ids["itemId"], $newImageName, "items");
// Set feedback session
SessionOperator::setNotification(SessionOperator::CREATED_AUCTION);
// Return to live auctions page
HelperOperator::redirectTo("../views/my_live_auctions_view.php");
}
<?php
require_once "../classes/class.helper_operator.php";
require_once "../classes/class.session_operator.php";
// Ignore manual calls to 'confirmation.php'
if (isset($_GET["email"]) && isset($_GET["confirm_code"])) {
// Retrieve email and confirmation code from link
$email = $_GET["email"];
$confirm_code = $_GET["confirm_code"];
// Check if email and confirmation code originate from an unverified user account
require_once "../classes/class.query_operator.php";
$result = QueryOperator::checkVerificationLink($email, $confirm_code);
// Verification link is correct
if (!empty($result)) {
// Active user account
QueryOperator::activateAccount($result["userId"]);
// Create a session for completed registration
SessionOperator::setNotification(SessionOperator::COMPLETED_REGISTRATION);
// Email a registration confirmation to the user
require_once "../classes/class.email.php";
$mail = new Email($email, $result["firstName"], $result["lastName"]);
$mail->prepareRegistrationConfirmEmail();
$mail->sentEmail();
}
}
// Redirect to homepage
HelperOperator::redirectTo("../index.php");
$updated_session = [SessionOperator::SORT => $sort];
} else {
HelperOperator::redirectTo("../views/search_view.php");
return;
}
}
}
$cats = getCatIdAndType($searchCategory);
// Set up pagination object
$total = QueryOperator::countFoundAuctions(buildQuery($searchString, $cats, null));
$page = isset($_GET["page"]) ? $_GET["page"] : 1;
$page = $page <= $total ? $page : 1;
$per_page = 15;
$pagination = new Pagination($page, $per_page, $total);
// Get paginated search results
$catsAndAuctions = QueryOperator::searchAuctions(buildQuery($searchString, $cats, $sort, $per_page, $pagination->offset()));
// Update search sessions
$updated_session = array_merge([SessionOperator::SEARCH_RESULT => $catsAndAuctions], $updated_session);
$updated_session = array_merge([SessionOperator::SEARCH_PAGINATION => $pagination], $updated_session);
SessionOperator::setSearch($updated_session);
// Return back to search page
HelperOperator::redirectTo("../views/search_view.php");
function buildQuery($searchString, $searchCategory, $sortOption, $limit = null, $offset = null)
{
$query = null;
// Prepare count query
if (is_null($limit) && is_null($offset)) {
$query = "SELECT COUNT(*) ";
} else {
$query = "SELECT auctions.auctionId, quantity, startPrice, reservePrice, startTime,\n endTime, itemName, itemBrand, itemDescription, items.image, auctions.views,\n item_categories.categoryName as subCategoryName, superCategoryName,\n item_categories.superCategoryId, item_categories.categoryId,\n conditionName, countryName, COUNT(DISTINCT (bids.bidId)) AS numBids,\n COUNT(DISTINCT (auction_watches.watchId)) AS numWatches,\n MAX(bids.bidPrice) AS highestBid,\n case\n when MAX(bids.bidPrice)is not null THEN MAX(bids.bidPrice)\n else startPrice\n end AS currentPrice ";
}
<?php
require_once "../classes/class.session_operator.php";
require_once "../classes/class.query_operator.php";
require_once "../scripts/user_session.php";
$allNotifications = QueryOperator::getNotifications(SessionOperator::getUser()->getUserId());
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="">
<meta name="author" content="">
<title>Notifications</title>
<!-- Font -->
<link href='https://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'>
<!-- CSS -->
<link href="../css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css">
<link href="../css/animate.css" rel="stylesheet" type="text/css">
<link href="../css/metisMenu.min.css" rel="stylesheet">
<link href="../css/sb-admin-2.css" rel="stylesheet">
<link href="../css/dataTables.bootstrap.css" rel="stylesheet">
<link href="../css/main.css" rel="stylesheet">
public static function checkBidPrice($input, $auctionId)
{
$currentHighestBid = QueryOperator::getAuctionBids($auctionId, 1);
// There exists a highest bid
if (!empty($currentHighestBid)) {
$currentHighestBid = $currentHighestBid[0]->getBidPrice();
$currentHighestBid += HelperOperator::getIncrement($currentHighestBid);
} else {
$currentHighestBid = -1;
}
// Invalid bid price
if ($input < $currentHighestBid) {
SessionOperator::setInputErrors(["bidPrice" => self::PRICES[self::INVALID_BID] . $currentHighestBid]);
return false;
}
// No error
return true;
}
}
} else {
$error = [];
if (($upload = ValidationOperator::checkImage()) != null) {
// A user is logged in
if (!is_null($user = SessionOperator::getUser())) {
// Create random image name
$newImageName = UPLOAD_PROFILE_IMAGE . uniqid("", true) . "." . $upload["imageExtension"];
// Upload new profile picture to file system
if (move_uploaded_file($upload["image"], ROOT . $newImageName)) {
// Delete old profile pic (if exists)
if (!empty($imageName = $user->getImage())) {
unlink(ROOT . $imageName);
}
// Store image name in database
QueryOperator::uploadImage($user->getUserId(), $newImageName, "users");
// Update user session
$user = QueryOperator::getAccount($user->getUserId());
SessionOperator::updateUser(new User($user));
// Set feedback session
SessionOperator::setNotification(SessionOperator::UPLOADED_PROFILE_PHOTO);
} else {
$error["upload"] = "Image cannot be uploaded ";
SessionOperator::setInputErrors($error);
}
}
}
}
}
// Redirect back
HelperOperator::redirectTo("../views/profile_view.php");
<?php
require_once "../classes/class.helper_operator.php";
require_once "../classes/class.query_operator.php";
$all = "All";
$searchCategory = SessionOperator::getSearchSetting(SessionOperator::SEARCH_CATEGORY);
$searchString = SessionOperator::getSearchSetting(SessionOperator::SEARCH_STRING);
$superCategories = QueryOperator::getSuperCategoriesList();
$userId = SessionOperator::getUser()->getUserId();
$allAlerts = count(QueryOperator::getNotifications($userId));
$alerts = QueryOperator::getNotifications($userId, QueryOperator::NOTIFICATION_UNSEEN);
$newAlerts = count($alerts);
?>
<script src="../js/custom/navigation.js"></script>
<!-- header start -->
<nav class="navbar navbar-default navbar-static-top navbar-top" role="navigation">
<!-- header start -->
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="../index.php">
<img src="../images/logo_short.png">
</a>
</div>
<!-- header end -->
<?php
require_once "../classes/class.session_operator.php";
require_once "../classes/class.query_operator.php";
$newAlerts = QueryOperator::getNotifications(SessionOperator::getUser()->getUserId(), QueryOperator::NOTIFICATION_UNNOTIFIED);
$alerts = null;
foreach ($newAlerts as $newAlert) {
$alerts .= "\n <li id=\"notification{$newAlert->getNotificationId()}\">\n <a href=\"#\">\n <div>\n <i class=\"{$newAlert->getCategoryIcon()}\"></i> <span style=\"padding-left: 10px\">{$newAlert->getCategoryName()}</span>\n <span class=\"pull-right text-muted small\">{$newAlert->getTime()}</span><br>\n <div style=\"padding-left: 26px; color: #253b52; margin-bottom: 5px; font-style: italic; font-size: 12px\">{$newAlert->getMessage()}</div>\n <span style=\"padding-left: 22px\"><button class=\"btn btn-sm btn-default\" id=\"deleteAlert_{$newAlert->getNotificationId()}\">Delete</button></span>\n </div>\n </a>\n </li>\n <li class=\"divider\" id=\"divider{$newAlert->getNotificationId()}\"></li>\n ";
}
echo $alerts;
$refer[] = "Back to My Watched Auctions";
break;
case "my_current_bids_view.php":
$refer[] = "Back to My Current Bids";
break;
case "my_successful_bids_view.php":
$refer[] = "Back to My Won Auctions";
break;
case "my_unsuccessful_bids_view.php":
$refer[] = "Back to My Lost Auctions";
break;
}
}
$auction = QueryOperator::getLiveAuction($auctionId);
$bids = QueryOperator::getAuctionBids($auction->getAuctionId());
$watches = QueryOperator::getAuctionWatches($auction->getAuctionId());
$isMyAuction = $auction->getSellerUsername() == SessionOperator::getUser()->getUsername();
//increment num_views of auction on database
$dbAuction = DbAuction::find($auctionId);
$dbAuction->setField("views", $dbAuction->getField("views") + 1);
$dbAuction->save();
//increment views displayed on page
$views = $auction->getViews() + 1;
//is user watching this auction
$user = SessionOperator::getUser();
$alreadyWatching = DbAuctionWatch::withConditions("WHERE userId = " . $user->getUserId() . " AND auctionId =" . $auctionId)->exists();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<?php
include_once "../classes/class.session_operator.php";
include_once "../classes/class.query_operator.php";
require_once "../scripts/user_session.php";
$username = null;
$userImage = null;
if (isset($_GET["username"]) && $_GET["username"] != SessionOperator::getUser()->getUsername()) {
$username = $_GET["username"];
$userImage = QueryOperator::getUserImage($username);
} else {
$username = SessionOperator::getUser()->getUsername();
$userImage = SessionOperator::getUser()->getImage();
}
$advancedFeedback = QueryOperator::getFeedback($username);
$buyerActive = empty($advancedFeedback->getFeedbackAsSeller()) && !empty($advancedFeedback->getFeedbackAsBuyer()) ? true : false;
$averageFeedback = $advancedFeedback->getAverage();
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="">
<meta name="author" content="">
<title>My Feedbacks</title>
<!-- Font -->
<?php
require_once "../classes/class.session_operator.php";
require_once "../classes/class.query_operator.php";
require_once "../scripts/user_session.php";
$user = SessionOperator::getUser();
$watchedAuctions = QueryOperator::getWatchedAuctions($user->getUserId());
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="">
<meta name="author" content="">
<title>Watched Auctions</title>
<!-- Font -->
<link href='https://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'>
<!-- CSS -->
<link href="../css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css">
<link href="../css/animate.css" rel="stylesheet" type="text/css">
<link href="../css/metisMenu.min.css" rel="stylesheet">
<link href="../css/sb-admin-2.css" rel="stylesheet">
<link href="../css/dataTables.bootstrap.css" rel="stylesheet">
<?php
require_once "../classes/class.session_operator.php";
require_once "../classes/class.query_operator.php";
require_once "../scripts/user_session.php";
$user = SessionOperator::getUser();
$liveWithBidAuctions = QueryOperator::getLiveAuctionsWhereBuyerHasBid($user->getUserId());
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="">
<meta name="author" content="">
<title>Watched Auctions</title>
<!-- Font -->
<link href='https://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'>
<!-- CSS -->
<link href="../css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css">
<link href="../css/animate.css" rel="stylesheet" type="text/css">
<link href="../css/metisMenu.min.css" rel="stylesheet">
<link href="../css/sb-admin-2.css" rel="stylesheet">
<link href="../css/dataTables.bootstrap.css" rel="stylesheet">
<?php
require_once "../classes/class.session_operator.php";
require_once "../classes/class.query_operator.php";
require_once "../scripts/user_session.php";
$user = SessionOperator::getUser();
$soldAuctions = QueryOperator::getSellersSoldAuctions($user->getUserId());
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="">
<meta name="author" content="">
<title>Sold Auctions</title>
<!-- Font -->
<link href='https://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'>
<!-- CSS -->
<link href="../css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css">
<link href="../css/animate.css" rel="stylesheet" type="text/css">
<link href="../css/metisMenu.min.css" rel="stylesheet">
<link href="../css/sb-admin-2.css" rel="stylesheet">
<link href="../css/dataTables.bootstrap.css" rel="stylesheet">
<?php
require_once "../classes/class.session_operator.php";
require_once "../classes/class.query_operator.php";
require_once "../scripts/user_session.php";
$user = SessionOperator::getUser();
$wonAuctions = QueryOperator::getEndedAuctionsWhereBuyerHasWon($user->getUserId());
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="">
<meta name="author" content="">
<title>Watched Auctions</title>
<!-- Font -->
<link href='https://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'>
<!-- CSS -->
<link href="../css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css">
<link href="../css/animate.css" rel="stylesheet" type="text/css">
<link href="../css/metisMenu.min.css" rel="stylesheet">
<link href="../css/sb-admin-2.css" rel="stylesheet">
<link href="../css/dataTables.bootstrap.css" rel="stylesheet">
$feedback = ["score" => $_POST["score"], "comment" => $_POST["comment"]];
if (ValidationOperator::hasEmtpyFields($feedback)) {
// Create a session for all inputs so that they can be recovered after the page returns
SessionOperator::setFormInput($feedback);
// Redirect back
HelperOperator::redirectTo($redirectUrl);
}
$auctionId = $_POST["auctionId"];
$creatorId = SessionOperator::getUser()->getUserId();
//get the id of receiver
$receiverUsername = $_POST["receiverUsername"];
/* @var DbUser $receiver */
$receiver = DbUser::withConditions("WHERE username = '******'")->first();
//check receiver exists AND there is no existing feedback (we only allow one)
if ($receiver == null or DbFeedback::withConditions("WHERE auctionId = " . $auctionId . " AND creatorId = " . $creatorId . " AND receiverId = " . $receiver->getId())->exists()) {
HelperOperator::redirectTo($redirectUrl);
}
// Create Feedback
$now = new DateTime("now", new DateTimeZone(TIMEZONE));
$feedback = new DbFeedback(array("auctionId" => $_POST["auctionId"], "creatorId" => SessionOperator::getUser()->getUserId(), "receiverId" => $receiver->getId(), "score" => $_POST["score"], "comment" => $_POST["comment"], "time" => $now->format('Y-m-d H:i:s')));
$feedback->create();
// Notify receiver
$auction = DbAuction::find($auctionId);
$item = DbItem::find($auction->getField("itemId"));
$comment = "You received a feedback from \"" . SessionOperator::getUser()->getUserName() . "\" in your participation in \"";
$comment .= $item->getField("itemName") . " - " . $item->getField("itemBrand") . "\".";
QueryOperator::addNotification($receiver->getId(), $comment, QueryOperator::NOTIFICATION_FEEDBACK_RECEIVED);
// Set feedback session
SessionOperator::setNotification(SessionOperator::FEEDBACK_SENT);
// Return to page
HelperOperator::redirectTo($redirectUrl);
<?php
require_once "../classes/class.query_operator.php";
$auctionIds = QueryOperator::test();
foreach ($auctionIds as $auctionId) {
QueryOperator::addAuctionEvent($auctionId["endTime"], $auctionId["userId"], $auctionId["auctionId"]);
}
