function callDB()
{
$option = $_REQUEST['operation'];
$table = $_REQUEST['target'];
$selectSQL = '';
$loadSql = '';
$newSql = '';
$updateSql = '';
$name = '';
$id = '';
$param = '';
switch ($table) {
case 2:
$tableName = 'project_info';
if ($option == 'read') {
$loadSql = "select p.ID, p.IMAGE,p.IMAGE_PATH, c.Name, p.CAPTION,p.CREATED, p.UPDATED from project_info p inner join category c on p.IMAGE_CATEGORY = c.ID where p.DELETED=0 and c.DELETED=0";
}
if ($option == 'select') {
$id = $_REQUEST['RecId'];
$selectSQL = "select p.ID,p.IMAGE,p.IMAGE_PATH, c.NAME, p.CAPTION from project_info p inner join category c on p.IMAGE_CATEGORY = c.ID where p.ID = {$id}";
}
if ($option == 'new') {
$param = $_REQUEST['name'];
$newSql = "insert into project_info (IMAGE, IMAGE_CATEGORY, CAPTION, IMAGE_PATH) VALUES ('{$param['0']}',(select ID from category where NAME= '{$param['1']}' and DELETED = 0),'{$param['2']}', '{$param['3']}')";
}
if ($option == 'update') {
$param = $_REQUEST['name'];
$id = $_REQUEST['id'];
if (empty($param[3])) {
$updateSql = "update project_info set IMAGE='{$param['0']}',IMAGE_CATEGORY = (select ID from category where Name='{$param['1']}'), CAPTION ='{$param['2']}', UPDATED = now() where ID = {$id} and DELETED=0";
} else {
$updateSql = "update project_info set IMAGE='{$param['0']}',IMAGE_CATEGORY = (select ID from category where Name='{$param['1']}'), CAPTION ='{$param['2']}', IMAGE_PATH = '{$param['3']}', UPDATED = now() where ID = {$id} and DELETED=0";
}
}
break;
case 4:
$tableName = 'slider';
if ($option == 'read') {
$loadSql = "select * from slider where DELETED = 0";
}
if ($option == 'select') {
$id = $_REQUEST['RecId'];
$selectSQL = "select * from slider where ID={$id}";
}
if ($option == 'new') {
$param = $_REQUEST['name'];
$newSql = "insert into slider (IMAGE, HEAD_CAPTION, SUB_CAPTION, IMAGE_PATH) VALUES ('{$param['0']}','{$param['1']}','{$param['2']}', '{$param['3']}')";
//print_r($newSql);
}
if ($option == 'update') {
$param = $_REQUEST['name'];
$id = $_REQUEST['id'];
if (empty($param[3])) {
$updateSql = "update slider set IMAGE = '{$param['0']}', HEAD_CAPTION = '{$param['1']}' , SUB_CAPTION = '{$param['2']}' , UPDATED = now() where ID = {$id} and DELETED= 0 ";
} else {
$updateSql = "update slider set IMAGE = '{$param['0']}', HEAD_CAPTION = '{$param['1']}' , SUB_CAPTION = '{$param['2']}', IMAGE_PATH = '{$param['3']}' , UPDATED = now() where ID = {$id} and DELETED= 0 ";
}
}
break;
}
switch ($option) {
case "read":
//callread();
echo json_encode(readRecords($loadSql));
break;
case "select":
echo json_encode(readRecords($selectSQL));
break;
case "update":
//$date = now();
//echo($date);
updateRecords($updateSql);
if ($table == 2) {
echo "<script>window.location = 'portfolio.php';</script>";
} else {
if ($table == 4) {
echo "<script>window.location = 'slider.php';</script>";
}
}
break;
case "delete":
$id = $_REQUEST['RecId'];
$sql = "update {$tableName} set DELETED = 1 where ID={$id} ";
echo deleteRecords($sql);
break;
case "new":
WriteRecords($newSql);
if ($table == 2) {
echo "<script>window.location = 'portfolio.php';</script>";
} else {
if ($table == 4) {
echo "<script>window.location = 'slider.php';</script>";
}
}
break;
}
}
function createBasketPage($userID)
{
$varsSet = false;
$logged = "Log In";
$loggedLink = "index.php";
if (!empty($_SESSION['userID'])) {
$varsSet = true;
$logged = "Log Out";
$loggedLink = "logout.php";
}
$userID = $_SESSION['userID'];
$firstName = " ";
$lastName = " ";
if ($varsSet) {
$firstName = $_SESSION['firstName'];
$lastName = $_SESSION['lastName'];
}
$scripts = array("Script.js");
$stylesheets = array("indexPage.css", "StyleSheet.css", "bootstrap.css", "basket.css");
$title = "Basket";
require "../local/nbgardens_connection.php";
$basketDetails = readRecordsWhereID("basket", "user_id", $userID);
include "includes/header.php";
?>
<nav>
<div class="container">
<ul class="pull-left" class="nav nav-tabs">
<li><a href="index.php">Home</a></li>
<li><a href="catalogue.php">Catalogue</a></li>
</ul>
<ul class="pull-right" class="nav nav-tabs">
<li class="active"><a href="#">Basket</a></li>
<li><a href=<?php
echo '"' . $loggedLink . '">' . $logged;
?>
</a></li>
<?php
if ($varsSet) {
if ($_SESSION['username'] == 'administrator') {
echo '<li><a href="addProduct.php">Add New Product</a></li>';
}
}
?>
</ul>
</div>
</nav>
<br>
<br>
<h3 id="title">Basket (<?php
echo $firstName . " " . $lastName;
?>
) </h3>
<div id="basket">
<?php
$total = 0;
for ($i = 0; $i < count($basketDetails); $i++) {
$prodID = $basketDetails[$i]['product_id'];
$basketQuantity = $basketDetails[$i]['quantity'];
$productDetails = readRecordsWhereID("products", "product_ID", $prodID);
$productPic = $productDetails[0]['image'];
$productName = $productDetails[0]['name'];
$productPrice = $productDetails[0]['price'];
$subTotal = $productPrice * $basketQuantity;
$total += $subTotal;
if ($basketQuantity > 0) {
?>
<div>
<a href="product.php?prodID=<?php
echo $prodID;
?>
">
<img src="Images/<?php
echo $productPic;
?>
" alt="<?php
echo $productName;
?>
" style="height: 100px; width: 100px"></a>
<p><?php
echo $productName;
?>
: <?php
echo $basketQuantity;
?>
</p>
<p>Cost per Item: £<?php
echo $productPrice;
?>
</p>
<p>SubTotal: £<?php
echo $subTotal;
?>
</p>
<form method="post" action="basket.php">
Remove:<br> <input type="text" name="removeQuantity">
<input type="hidden" name="productID" value="<?php
echo $prodID;
?>
">
<input type="submit" value="Remove" name="removeAmount">
<input type="submit" value="Remove All" name="removeAll">
</form>
</div>
<?php
}
}
?>
<br>
<h4 style="margin-left: 20px;">Total cost of basket: £<?php
echo $total . '</p>';
?>
</div> <?php
if (isset($_POST['removeAmount'])) {
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// collect value of input field
$removeQuantity = $_POST['removeQuantity'];
$prodID = $_POST['productID'];
$columns = ['quantity'];
$productDetails = readRecordsWhereID('basket', 'product_id', $prodID);
$basketQuantity = $productDetails[0]['quantity'];
if ($removeQuantity <= $basketQuantity) {
$basketQuantity -= $removeQuantity;
$query = updateRecords('basket', 'quantity', $basketQuantity, 'product_id', $prodID);
$db = connect();
$db->exec($query);
}
}
} elseif (isset($_POST['removeAll'])) {
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$prodID = $_POST['productID'];
$productDetails = readRecordsWhereID('basket', 'product_id', $prodID);
$query = updateRecords('basket', 'quantity', 0, 'product_id', $prodID);
$db = connect();
$db->exec($query);
}
}
include "includes/footer.php";
}
<?php
require "../local/nbgardens_connection.php";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// collect value of input field
$removeQuantity = $_POST['removeQuantity'];
$prodID = $_POST['productID'];
$columns = ['quantity'];
$productDetails = readRecordsWhereID('basket', 'product_id', $prodID);
$basketQuantity = $productDetails[0]['quantity'];
if ($removeQuantity <= $basketQuantity) {
$basketQuantity -= $removeQuantity;
$query = updateRecords('basket', 'quantity', $basketQuantity, 'product_id', $prodID);
$db = connect();
$db->exec($query);
}
}
function callDB()
{
$option = $_REQUEST['operation'];
//echo('option choosed'.$option);
//$option="update";
//$tableName=$_GET['table'];
//$tableName='category';
$table = $_REQUEST['target'];
$selectSQL;
$loadSql;
$newSql;
$updateSql;
$name;
$id;
$param;
switch ($table) {
case 1:
$tableName = 'category';
//echo ' '.$tableName.' '.$option;
if ($option == 'read') {
$loadSql = "select * from category where DELETED = 0";
}
if ($option == 'select') {
$id = $_REQUEST['RecId'];
$selectSQL = "select * from category where ID={$id}";
}
if ($option == 'update') {
$name = $_REQUEST['name'];
//check same name for current record
$match = "select NAME from category where NAME= '{$name}' and DELETED= 0 ";
$result = readRecords($match);
if ($result) {
echo 'duplicate';
return;
} else {
$id = $_REQUEST['RecId'];
$match = "select NAME from category where NAME = '{$name}' and ID != {$id} and DELETED = 0 ";
$result = readRecords($match);
//print_r($result);
if ($result) {
//echo('in second update');
echo 'duplicate';
return;
} else {
//print_r('in update');
$updateSql = "update category set NAME='{$name}', UPDATED = now() where ID = {$id} and deleted=0";
//print_r($updateSql);
}
}
}
if ($option == "new") {
$name = $_REQUEST['name'];
//check same name for current record
$match = "select NAME from category where NAME= '{$name}' and DELETED= 0 ";
$result = readRecords($match);
if ($result) {
echo 'duplicate';
return;
} else {
$newSql = "insert into category(NAME) values('{$name}')";
}
}
break;
case 3:
$tableName = 'footer_info';
//echo ' '.$tableName.' '.$option;
if ($option == 'read') {
$loadSql = "select * from footer_info where DELETED = 0";
}
if ($option == 'select') {
$id = $_REQUEST['RecId'];
$selectSQL = "select * from footer_info where ID={$id}";
}
if ($option == 'new') {
$name = $_REQUEST['name'];
//echo($name);
$newSql = "insert into footer_info(ABOUT) values('{$name}')";
}
if ($option == 'update') {
$name = $_REQUEST['name'];
$id = $_REQUEST['RecId'];
$updateSql = "update footer_info set ABOUT='{$name}', UPDATED = now() where ID = {$id} and deleted=0";
}
break;
}
//echo($table);
switch ($option) {
case "read":
//callread();
echo json_encode(readRecords($loadSql));
break;
case "select":
echo json_encode(readRecords($selectSQL));
break;
case "update":
//$date = now();
//echo($date);
//echo('in update'); die();
echo updateRecords($updateSql);
//echo "<script>window.location = 'fileUpload.php';</script>";
break;
case "delete":
$id = $_REQUEST['RecId'];
$sql = "update {$tableName} set DELETED = 1 where ID={$id} ";
echo deleteRecords($sql);
break;
case "new":
echo json_encode(WriteRecords($newSql));
break;
}
}
