public static function addAccount($parameters) { self::getDatabaseInstance(); // SQL query for creating a new user record $registerUserQuery = "INSERT INTO users ( username, email, firstName, lastName, address, postcode, city, countryId, password ) "; $registerUserQuery .= "VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ? )"; $userId = self::$database->issueQuery($registerUserQuery, "sssssssis", $parameters); $confirmCode = rand(100000, 100000000); QueryOperator::addUnverifiedAccount(array($userId, $confirmCode)); return $confirmCode; }
<?php $recommendedAuctions = QueryOperator::getBuyersRecommendedAuctions(SessionOperator::getUser()->getUserId()); if (count($recommendedAuctions) < 20) { $recommendedAuctions = array_merge($recommendedAuctions, QueryOperator::getMostPopularAuctions(20 - count($recommendedAuctions))); } ?> <!-- recommendations start --> <div class="panel panel-default recommendation-box" <?php if ($page == "search") { ?> style="margin-top: 60px"<?php } ?> > <div class="panel-heading"> <h5> <?php /*if ($collaborative){ echo "Recommended auctions inspired by your bidding history"; }else{ echo "The Most popular auctions right now"; }*/ echo "Recommended auctions"; ?> </h5> </div>
<?php require_once "../classes/class.helper_operator.php"; require_once "../config/config.php"; require_once "../classes/class.query_operator.php"; require_once "../classes/class.session_operator.php"; // Delete profile image from file system and image name from database $user = SessionOperator::getUser(); unlink(ROOT . $user->getImage()); QueryOperator::uploadImage($user->getUserId(), null, "users"); // Update user session $user = QueryOperator::getAccount(SessionOperator::getUser()->getUserId()); SessionOperator::updateUser(new User($user)); // Set feedback session SessionOperator::setNotification(SessionOperator::DELETED_PROFILE_PHOTO); HelperOperator::redirectTo("../views/profile_view.php");
echo $value; ?> </option> <?php } ?> </select> </div> <div class="form-group"> <label>Condition</label> <select class="selectpicker form-control" name="itemCondition" data-dropup-auto="false"> <option default>Select</option> <?php $itemCondition = SessionOperator::getFormInput("itemCondition"); $itemConditions = QueryOperator::getConditionsList(); foreach ($itemConditions as $value) { $value = htmlspecialchars($value); $selected = ""; if ($value == $itemCondition) { $selected = "selected"; } ?> <option value="<?php echo $value; ?> " title="<?php echo $value; ?> " <?php echo $selected;
// Prevent sql injection if (!is_numeric($auctionId)) { HelperOperator::redirectTo("../views/my_live_auctions_view.php"); } /* @var User $user */ $user = SessionOperator::getUser(); $userId = $user->getUserId(); /* @var DbAuction $auction */ /* @var DbItem $item */ $auction = DbAuction::find($auctionId); $item = DbItem::find($auction->getField("itemId")); // User owns auction if ($item->getField("userId") == $userId) { // Notifiy current highest bidder $highestBid = QueryOperator::getAuctionBids($auctionId, 1)[0]; if (!empty($highestBid)) { $comment = "The auction \"" . $item->getField("itemName") . " " . $item->getField("itemBrand") . "\" with "; $comment .= "your current highest bid of " . $highestBid->getBidPrice() . " GSP was deleted by " . $user->getUsername() . "."; QueryOperator::addNotification($highestBid->getBidderId(), $comment, QueryOperator::NOTIFICATION_AUCTION_DELETED); } // Delete auction $auction->delete(); if (!empty($imageName = $item->getField("image"))) { unlink(ROOT . $imageName); } // Delete auction event QueryOperator::dropAuctionEvent($auctionId); // Set feedback session SessionOperator::setNotification(SessionOperator::DELETED_AUCTION); } HelperOperator::redirectTo("../views/my_live_auctions_view.php");
$auctionId = (int) $_GET["auctionId"]; $bidPrice = $_GET["bidPrice"]; $auction = QueryOperator::getLiveAuction($auctionId); $user = SessionOperator::getUser(); $userId = (int) $user->getUserId(); // Incorrect inputs if (ValidationOperator::hasEmtpyFields($_GET) || !ValidationOperator::isPositiveNumber($bidPrice, "bidPrice") || !ValidationOperator::checkBidPrice($bidPrice, $auctionId)) { // Create a session for bid price so that it can be recovered after the page returns SessionOperator::setFormInput(["bidPrice" => $bidPrice]); } else { // Notify outbid user (only if it is not the same user) $highestBidderId = $auction->getHighestBidderId(); if (!is_null($highestBidderId) && $highestBidderId != $userId) { $comment = "You were outbid on the auction \"" . $auction->getItemName() . " " . $auction->getItemBrand() . "\" by "; $comment .= "by \"" . $user->getUserName() . "\". The new highest bid is " . $bidPrice . " GSP."; QueryOperator::addNotification($highestBidderId, $comment, QueryOperator::NOTIFICATION_OUTBID); } $comment = "You received a new bid on the auction \"" . $auction->getItemName() . " " . $auction->getItemBrand() . "\" by "; $comment .= "by \"" . $user->getUserName() . "\". The new highest bid is " . $bidPrice . " GSP."; QueryOperator::addNotification($auction->getSellerId(), $comment, QueryOperator::NOTIFICATION_NEW_BID); // Place bid QueryOperator::placeBid($auctionId, $userId, $bidPrice); $dbAuction = DbAuction::find($auctionId); $dbAuction->setField("highestBidderId", $userId); $dbAuction->save(); // Set feedback session SessionOperator::setNotification(SessionOperator::PLACED_BID); } } // Return back to page HelperOperator::redirectTo("../views/open_live_auction_view.php?liveAuction=" . $auctionId . "&s=1");
<?php require_once "../classes/class.session_operator.php"; require_once "../classes/class.query_operator.php"; // Mark notification as seen if (isset($_GET["notificationId"])) { $id = $_GET["notificationId"]; QueryOperator::haveSeen(SessionOperator::getUser()->getUserId(), $id); }
echo 'value = "' . SessionOperator::getFormInput("city") . '"'; ?> > </div> <div class="form-group-lg col-xs-6"> <label class="text-danger">  <?php echo SessionOperator::getInputErrors("country"); ?> </label><br> <select name="country" class="selectpicker form-control" data-dropup-auto="false"> <option default>Country</option> <?php $country = SessionOperator::getFormInput("country"); $countries = QueryOperator::getCountriesList(); foreach ($countries as $value) { $value = htmlspecialchars($value); $selected = ""; if ($value == $country) { $selected = "selected"; } ?> <option value="<?php echo $value; ?> " title="<?php echo $value; ?> " <?php echo $selected;
<?php require_once "../classes/class.session_operator.php"; require_once "../classes/class.query_operator.php"; require_once "../scripts/user_session.php"; require_once "../classes/class.pagination.php"; require_once "../classes/class.db_bid.php"; $search_result = SessionOperator::getSearchSetting(SessionOperator::SEARCH_RESULT); $sort = SessionOperator::getSearchSetting(SessionOperator::SORT); $searchString = SessionOperator::getSearchSetting(SessionOperator::SEARCH_STRING); $searchCategory = SessionOperator::getSearchSetting(SessionOperator::SEARCH_CATEGORY); $pagination = SessionOperator::getSearchSetting(SessionOperator::SEARCH_PAGINATION); $sortOptions = QueryOperator::getSortOptionsList(); $subCategories = QueryOperator::getCategoriesList(); $user = SessionOperator::getUser(); $liveAuctions = $search_result["auctions"]; $categories = $search_result["categories"]; ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="description" content=""> <meta name="author" content=""> <title>Search Results</title>
<?php require_once "../classes/class.session_operator.php"; require_once "../classes/class.query_operator.php"; require_once "../scripts/user_session.php"; $user = SessionOperator::getUser(); $liveAuctions = QueryOperator::getSellersLiveAuctions($user->getUserId()); ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="description" content=""> <meta name="author" content=""> <title>Live Auctions</title> <!-- Font --> <link href='https://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'> <!-- CSS --> <link href="../css/bootstrap.min.css" rel="stylesheet"> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css"> <link href="../css/animate.css" rel="stylesheet" type="text/css"> <link href="../css/metisMenu.min.css" rel="stylesheet"> <link href="../css/sb-admin-2.css" rel="stylesheet"> <link href="../css/dataTables.bootstrap.css" rel="stylesheet">
<?php require_once "../classes/class.session_operator.php"; require_once "../classes/class.query_operator.php"; require_once "../scripts/user_session.php"; $user = SessionOperator::getUser(); $didNotWinAuctions = QueryOperator::getEndedAuctionsWhereBuyerHasLost($user->getUserId()); ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="description" content=""> <meta name="author" content=""> <title>Watched Auctions</title> <!-- Font --> <link href='https://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'> <!-- CSS --> <link href="../css/bootstrap.min.css" rel="stylesheet"> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css"> <link href="../css/animate.css" rel="stylesheet" type="text/css"> <link href="../css/metisMenu.min.css" rel="stylesheet"> <link href="../css/sb-admin-2.css" rel="stylesheet"> <link href="../css/dataTables.bootstrap.css" rel="stylesheet">
SessionOperator::setNotification(SessionOperator::CHANGED_PASSWORD); // Send a password changed confirmation email to the user $mail = new Email($email, $userDetails["firstName"], $userDetails["lastName"]); $mail->preparePasswordConfirmEmail(); $mail->sentEmail(); HelperOperator::redirectTo("../index.php"); } else { SessionOperator::setFormInput($passwordFields); } HelperOperator::redirectTo("../views/change_password_view.php?email=" . $email); } else { if (isset($_POST["changePasswordSignedIn"])) { // Retrieve Passwords $passwordFields = ["currentPassword" => $_POST["currentPassword"], "password1" => $_POST["password1"], "password2" => $_POST["password2"]]; // Get current user session $user = SessionOperator::getUser(); // Current password is correct and both new passwords are valid and match if (!ValidationOperator::hasEmtpyFields($passwordFields) && ValidationOperator::isCurrentPassword($passwordFields["currentPassword"]) && ValidationOperator::validPasswords($passwordFields["password1"], $passwordFields["password2"])) { QueryOperator::updatePassword($user->getEmail(), $passwordFields["password2"]); SessionOperator::setNotification(SessionOperator::CHANGED_PASSWORD); // Send a password changed confirmation email to the user $mail = new Email($user->getEmail(), $user->getFirstName(), $user->getLastName()); $mail->preparePasswordConfirmEmail(); $mail->sentEmail(); } else { SessionOperator::setFormInput($passwordFields); } HelperOperator::redirectTo("../views/account_view.php"); } } }
<?php require_once "../classes/class.helper_operator.php"; require_once "../classes/class.session_operator.php"; require_once "../classes/class.user.php"; // Sign in button was clicked if (isset($_POST["signIn"])) { require_once "../classes/class.query_operator.php"; require_once "../classes/class.session_operator.php"; $email = trim($_POST["loginEmail"]); $password = trim($_POST["loginPassword"]); // Login details correct if (!is_null($account = QueryOperator::checkAccount($email, $password))) { // Login user and redirect to home page SessionOperator::login(new User($account)); HelperOperator::redirectTo("../views/my_live_auctions_view.php"); } else { // Create a session for the login inputs so that they can be recovered after the page reloads SessionOperator::setFormInput(["loginEmail" => $email, "loginPassword" => $password]); // Create a session for incorrect email and user details $message = "The entered email and password did not match our records, please try again."; SessionOperator::setInputErrors(["login" => $message]); } } // Sign in button was not clicked or sign in failed HelperOperator::redirectTo("../index.php");
require_once "../classes/class.validation_operator.php"; require_once "../classes/class.query_operator.php"; // Only process when sign up button was clicked if (!isset($_POST["signUp"])) { HelperOperator::redirectTo("../index.php"); } // Store POST values $registration = ["username" => $_POST["username"], "email" => $_POST["email"], "firstName" => $_POST["firstName"], "lastName" => $_POST["lastName"], "address" => $_POST["address"], "postcode" => $_POST["postcode"], "city" => $_POST["city"], "country" => $_POST["country"], "password1" => $_POST["password1"], "password2" => $_POST["password2"]]; // Add empty string for default country if ($registration["country"] == "Country") { $registration["country"] = ""; } // Check inputs if (ValidationOperator::hasEmtpyFields($registration) || ValidationOperator::isTaken($registration["username"], $registration["email"]) || !ValidationOperator::validPasswords($registration["password1"], $registration["password2"])) { // Create a session for all inputs so that they can be recovered after the page returns SessionOperator::setFormInput($registration); } else { // Create new user $registration["country"] = QueryOperator::getCountryId($registration["country"]); $encryptedPassword = password_hash($registration["password1"], PASSWORD_BCRYPT); $confirmCode = QueryOperator::addAccount(array($registration["username"], $registration["email"], $registration["firstName"], $registration["lastName"], $registration["address"], $registration["postcode"], $registration["city"], $registration["country"], $encryptedPassword)); // Create a session for the successfully submitted registration (account not verified yet) SessionOperator::setNotification(SessionOperator::SUBMITTED_REGISTRATION); // Email a verification link to the user - must be verified before accessing the new account require_once "../classes/class.email.php"; $mail = new Email($registration["email"], $registration["firstName"], $registration["lastName"]); $mail->prepareVerificationEmail($confirmCode); $mail->sentEmail(); } // Redirect back HelperOperator::redirectTo("../index.php");
} // Get item category and condition id $ids = QueryOperator::getItemRelatedIds(addslashes($new_auction["itemCategory"]), $new_auction["itemCondition"]); // Prepare item parameters $item[] = SessionOperator::getUser()->getUserId(); $item[] = $new_auction["itemName"]; $item[] = $new_auction["itemBrand"]; $item[] = $ids["categoryId"]; $item[] = $ids["conditionId"]; $item[] = $new_auction["itemDescription"]; $item[] = $newImageName; // Prepare auction parameters $startTime = date_create($new_auction["startTime"])->format('Y-m-d H:i:s'); $endTime = date_create($new_auction["endTime"])->format('Y-m-d H:i:s'); $auction[] = ""; $auction[] = $new_auction["quantity"]; $auction[] = $new_auction["startPrice"]; $auction[] = $new_auction["reservePrice"]; $auction[] = $startTime; $auction[] = $endTime; // Store auction in database $ids = QueryOperator::addAuction($item, $auction); // Set event timer QueryOperator::addAuctionEvent($endTime, SessionOperator::getUser()->getUserId(), $ids["auctionId"]); // Store image name in database QueryOperator::uploadImage($ids["itemId"], $newImageName, "items"); // Set feedback session SessionOperator::setNotification(SessionOperator::CREATED_AUCTION); // Return to live auctions page HelperOperator::redirectTo("../views/my_live_auctions_view.php"); }
<?php require_once "../classes/class.helper_operator.php"; require_once "../classes/class.session_operator.php"; // Ignore manual calls to 'confirmation.php' if (isset($_GET["email"]) && isset($_GET["confirm_code"])) { // Retrieve email and confirmation code from link $email = $_GET["email"]; $confirm_code = $_GET["confirm_code"]; // Check if email and confirmation code originate from an unverified user account require_once "../classes/class.query_operator.php"; $result = QueryOperator::checkVerificationLink($email, $confirm_code); // Verification link is correct if (!empty($result)) { // Active user account QueryOperator::activateAccount($result["userId"]); // Create a session for completed registration SessionOperator::setNotification(SessionOperator::COMPLETED_REGISTRATION); // Email a registration confirmation to the user require_once "../classes/class.email.php"; $mail = new Email($email, $result["firstName"], $result["lastName"]); $mail->prepareRegistrationConfirmEmail(); $mail->sentEmail(); } } // Redirect to homepage HelperOperator::redirectTo("../index.php");
$updated_session = [SessionOperator::SORT => $sort]; } else { HelperOperator::redirectTo("../views/search_view.php"); return; } } } $cats = getCatIdAndType($searchCategory); // Set up pagination object $total = QueryOperator::countFoundAuctions(buildQuery($searchString, $cats, null)); $page = isset($_GET["page"]) ? $_GET["page"] : 1; $page = $page <= $total ? $page : 1; $per_page = 15; $pagination = new Pagination($page, $per_page, $total); // Get paginated search results $catsAndAuctions = QueryOperator::searchAuctions(buildQuery($searchString, $cats, $sort, $per_page, $pagination->offset())); // Update search sessions $updated_session = array_merge([SessionOperator::SEARCH_RESULT => $catsAndAuctions], $updated_session); $updated_session = array_merge([SessionOperator::SEARCH_PAGINATION => $pagination], $updated_session); SessionOperator::setSearch($updated_session); // Return back to search page HelperOperator::redirectTo("../views/search_view.php"); function buildQuery($searchString, $searchCategory, $sortOption, $limit = null, $offset = null) { $query = null; // Prepare count query if (is_null($limit) && is_null($offset)) { $query = "SELECT COUNT(*) "; } else { $query = "SELECT auctions.auctionId, quantity, startPrice, reservePrice, startTime,\n endTime, itemName, itemBrand, itemDescription, items.image, auctions.views,\n item_categories.categoryName as subCategoryName, superCategoryName,\n item_categories.superCategoryId, item_categories.categoryId,\n conditionName, countryName, COUNT(DISTINCT (bids.bidId)) AS numBids,\n COUNT(DISTINCT (auction_watches.watchId)) AS numWatches,\n MAX(bids.bidPrice) AS highestBid,\n case\n when MAX(bids.bidPrice)is not null THEN MAX(bids.bidPrice)\n else startPrice\n end AS currentPrice "; }
<?php require_once "../classes/class.session_operator.php"; require_once "../classes/class.query_operator.php"; require_once "../scripts/user_session.php"; $allNotifications = QueryOperator::getNotifications(SessionOperator::getUser()->getUserId()); ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="description" content=""> <meta name="author" content=""> <title>Notifications</title> <!-- Font --> <link href='https://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'> <!-- CSS --> <link href="../css/bootstrap.min.css" rel="stylesheet"> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css"> <link href="../css/animate.css" rel="stylesheet" type="text/css"> <link href="../css/metisMenu.min.css" rel="stylesheet"> <link href="../css/sb-admin-2.css" rel="stylesheet"> <link href="../css/dataTables.bootstrap.css" rel="stylesheet"> <link href="../css/main.css" rel="stylesheet">
public static function checkBidPrice($input, $auctionId) { $currentHighestBid = QueryOperator::getAuctionBids($auctionId, 1); // There exists a highest bid if (!empty($currentHighestBid)) { $currentHighestBid = $currentHighestBid[0]->getBidPrice(); $currentHighestBid += HelperOperator::getIncrement($currentHighestBid); } else { $currentHighestBid = -1; } // Invalid bid price if ($input < $currentHighestBid) { SessionOperator::setInputErrors(["bidPrice" => self::PRICES[self::INVALID_BID] . $currentHighestBid]); return false; } // No error return true; }
} } else { $error = []; if (($upload = ValidationOperator::checkImage()) != null) { // A user is logged in if (!is_null($user = SessionOperator::getUser())) { // Create random image name $newImageName = UPLOAD_PROFILE_IMAGE . uniqid("", true) . "." . $upload["imageExtension"]; // Upload new profile picture to file system if (move_uploaded_file($upload["image"], ROOT . $newImageName)) { // Delete old profile pic (if exists) if (!empty($imageName = $user->getImage())) { unlink(ROOT . $imageName); } // Store image name in database QueryOperator::uploadImage($user->getUserId(), $newImageName, "users"); // Update user session $user = QueryOperator::getAccount($user->getUserId()); SessionOperator::updateUser(new User($user)); // Set feedback session SessionOperator::setNotification(SessionOperator::UPLOADED_PROFILE_PHOTO); } else { $error["upload"] = "Image cannot be uploaded "; SessionOperator::setInputErrors($error); } } } } } // Redirect back HelperOperator::redirectTo("../views/profile_view.php");
<?php require_once "../classes/class.helper_operator.php"; require_once "../classes/class.query_operator.php"; $all = "All"; $searchCategory = SessionOperator::getSearchSetting(SessionOperator::SEARCH_CATEGORY); $searchString = SessionOperator::getSearchSetting(SessionOperator::SEARCH_STRING); $superCategories = QueryOperator::getSuperCategoriesList(); $userId = SessionOperator::getUser()->getUserId(); $allAlerts = count(QueryOperator::getNotifications($userId)); $alerts = QueryOperator::getNotifications($userId, QueryOperator::NOTIFICATION_UNSEEN); $newAlerts = count($alerts); ?> <script src="../js/custom/navigation.js"></script> <!-- header start --> <nav class="navbar navbar-default navbar-static-top navbar-top" role="navigation"> <!-- header start --> <div class="navbar-header"> <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse"> <span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="navbar-brand" href="../index.php"> <img src="../images/logo_short.png"> </a> </div> <!-- header end -->
<?php require_once "../classes/class.session_operator.php"; require_once "../classes/class.query_operator.php"; $newAlerts = QueryOperator::getNotifications(SessionOperator::getUser()->getUserId(), QueryOperator::NOTIFICATION_UNNOTIFIED); $alerts = null; foreach ($newAlerts as $newAlert) { $alerts .= "\n <li id=\"notification{$newAlert->getNotificationId()}\">\n <a href=\"#\">\n <div>\n <i class=\"{$newAlert->getCategoryIcon()}\"></i> <span style=\"padding-left: 10px\">{$newAlert->getCategoryName()}</span>\n <span class=\"pull-right text-muted small\">{$newAlert->getTime()}</span><br>\n <div style=\"padding-left: 26px; color: #253b52; margin-bottom: 5px; font-style: italic; font-size: 12px\">{$newAlert->getMessage()}</div>\n <span style=\"padding-left: 22px\"><button class=\"btn btn-sm btn-default\" id=\"deleteAlert_{$newAlert->getNotificationId()}\">Delete</button></span>\n </div>\n </a>\n </li>\n <li class=\"divider\" id=\"divider{$newAlert->getNotificationId()}\"></li>\n "; } echo $alerts;
$refer[] = "Back to My Watched Auctions"; break; case "my_current_bids_view.php": $refer[] = "Back to My Current Bids"; break; case "my_successful_bids_view.php": $refer[] = "Back to My Won Auctions"; break; case "my_unsuccessful_bids_view.php": $refer[] = "Back to My Lost Auctions"; break; } } $auction = QueryOperator::getLiveAuction($auctionId); $bids = QueryOperator::getAuctionBids($auction->getAuctionId()); $watches = QueryOperator::getAuctionWatches($auction->getAuctionId()); $isMyAuction = $auction->getSellerUsername() == SessionOperator::getUser()->getUsername(); //increment num_views of auction on database $dbAuction = DbAuction::find($auctionId); $dbAuction->setField("views", $dbAuction->getField("views") + 1); $dbAuction->save(); //increment views displayed on page $views = $auction->getViews() + 1; //is user watching this auction $user = SessionOperator::getUser(); $alreadyWatching = DbAuctionWatch::withConditions("WHERE userId = " . $user->getUserId() . " AND auctionId =" . $auctionId)->exists(); ?> <!DOCTYPE html> <html lang="en"> <head>
<?php include_once "../classes/class.session_operator.php"; include_once "../classes/class.query_operator.php"; require_once "../scripts/user_session.php"; $username = null; $userImage = null; if (isset($_GET["username"]) && $_GET["username"] != SessionOperator::getUser()->getUsername()) { $username = $_GET["username"]; $userImage = QueryOperator::getUserImage($username); } else { $username = SessionOperator::getUser()->getUsername(); $userImage = SessionOperator::getUser()->getImage(); } $advancedFeedback = QueryOperator::getFeedback($username); $buyerActive = empty($advancedFeedback->getFeedbackAsSeller()) && !empty($advancedFeedback->getFeedbackAsBuyer()) ? true : false; $averageFeedback = $advancedFeedback->getAverage(); ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="description" content=""> <meta name="author" content=""> <title>My Feedbacks</title> <!-- Font -->
<?php require_once "../classes/class.session_operator.php"; require_once "../classes/class.query_operator.php"; require_once "../scripts/user_session.php"; $user = SessionOperator::getUser(); $watchedAuctions = QueryOperator::getWatchedAuctions($user->getUserId()); ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="description" content=""> <meta name="author" content=""> <title>Watched Auctions</title> <!-- Font --> <link href='https://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'> <!-- CSS --> <link href="../css/bootstrap.min.css" rel="stylesheet"> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css"> <link href="../css/animate.css" rel="stylesheet" type="text/css"> <link href="../css/metisMenu.min.css" rel="stylesheet"> <link href="../css/sb-admin-2.css" rel="stylesheet"> <link href="../css/dataTables.bootstrap.css" rel="stylesheet">
<?php require_once "../classes/class.session_operator.php"; require_once "../classes/class.query_operator.php"; require_once "../scripts/user_session.php"; $user = SessionOperator::getUser(); $liveWithBidAuctions = QueryOperator::getLiveAuctionsWhereBuyerHasBid($user->getUserId()); ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="description" content=""> <meta name="author" content=""> <title>Watched Auctions</title> <!-- Font --> <link href='https://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'> <!-- CSS --> <link href="../css/bootstrap.min.css" rel="stylesheet"> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css"> <link href="../css/animate.css" rel="stylesheet" type="text/css"> <link href="../css/metisMenu.min.css" rel="stylesheet"> <link href="../css/sb-admin-2.css" rel="stylesheet"> <link href="../css/dataTables.bootstrap.css" rel="stylesheet">
<?php require_once "../classes/class.session_operator.php"; require_once "../classes/class.query_operator.php"; require_once "../scripts/user_session.php"; $user = SessionOperator::getUser(); $soldAuctions = QueryOperator::getSellersSoldAuctions($user->getUserId()); ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="description" content=""> <meta name="author" content=""> <title>Sold Auctions</title> <!-- Font --> <link href='https://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'> <!-- CSS --> <link href="../css/bootstrap.min.css" rel="stylesheet"> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css"> <link href="../css/animate.css" rel="stylesheet" type="text/css"> <link href="../css/metisMenu.min.css" rel="stylesheet"> <link href="../css/sb-admin-2.css" rel="stylesheet"> <link href="../css/dataTables.bootstrap.css" rel="stylesheet">
<?php require_once "../classes/class.session_operator.php"; require_once "../classes/class.query_operator.php"; require_once "../scripts/user_session.php"; $user = SessionOperator::getUser(); $wonAuctions = QueryOperator::getEndedAuctionsWhereBuyerHasWon($user->getUserId()); ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="description" content=""> <meta name="author" content=""> <title>Watched Auctions</title> <!-- Font --> <link href='https://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'> <!-- CSS --> <link href="../css/bootstrap.min.css" rel="stylesheet"> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css"> <link href="../css/animate.css" rel="stylesheet" type="text/css"> <link href="../css/metisMenu.min.css" rel="stylesheet"> <link href="../css/sb-admin-2.css" rel="stylesheet"> <link href="../css/dataTables.bootstrap.css" rel="stylesheet">
$feedback = ["score" => $_POST["score"], "comment" => $_POST["comment"]]; if (ValidationOperator::hasEmtpyFields($feedback)) { // Create a session for all inputs so that they can be recovered after the page returns SessionOperator::setFormInput($feedback); // Redirect back HelperOperator::redirectTo($redirectUrl); } $auctionId = $_POST["auctionId"]; $creatorId = SessionOperator::getUser()->getUserId(); //get the id of receiver $receiverUsername = $_POST["receiverUsername"]; /* @var DbUser $receiver */ $receiver = DbUser::withConditions("WHERE username = '******'")->first(); //check receiver exists AND there is no existing feedback (we only allow one) if ($receiver == null or DbFeedback::withConditions("WHERE auctionId = " . $auctionId . " AND creatorId = " . $creatorId . " AND receiverId = " . $receiver->getId())->exists()) { HelperOperator::redirectTo($redirectUrl); } // Create Feedback $now = new DateTime("now", new DateTimeZone(TIMEZONE)); $feedback = new DbFeedback(array("auctionId" => $_POST["auctionId"], "creatorId" => SessionOperator::getUser()->getUserId(), "receiverId" => $receiver->getId(), "score" => $_POST["score"], "comment" => $_POST["comment"], "time" => $now->format('Y-m-d H:i:s'))); $feedback->create(); // Notify receiver $auction = DbAuction::find($auctionId); $item = DbItem::find($auction->getField("itemId")); $comment = "You received a feedback from \"" . SessionOperator::getUser()->getUserName() . "\" in your participation in \""; $comment .= $item->getField("itemName") . " - " . $item->getField("itemBrand") . "\"."; QueryOperator::addNotification($receiver->getId(), $comment, QueryOperator::NOTIFICATION_FEEDBACK_RECEIVED); // Set feedback session SessionOperator::setNotification(SessionOperator::FEEDBACK_SENT); // Return to page HelperOperator::redirectTo($redirectUrl);
<?php require_once "../classes/class.query_operator.php"; $auctionIds = QueryOperator::test(); foreach ($auctionIds as $auctionId) { QueryOperator::addAuctionEvent($auctionId["endTime"], $auctionId["userId"], $auctionId["auctionId"]); }