<?php
if (isset($_GET['id']) && !empty($_GET['id'])) {
$id = htmlentities($_GET['id']);
$promotion = Promotion::getPromotionById($id);
if (isset($_POST['edit'])) {
if (preg_match("#^([0-9]{1,2}|100)\$#", $_POST['percent'])) {
PDOConnexion::setParameters('phonedeals', 'root', 'root');
$db = PDOConnexion::getInstance();
$sql = "\n\t\t\t\tUPDATE promotion\n\t\t\t\tSET percent = :percent\n\t\t\t\tWHERE id = :id\n\t\t\t";
$sth = $db->prepare($sql);
$sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Promotion');
$sth->execute(array(':id' => $id, ':percent' => $_POST['percent']));
if ($sth) {
App::success('La promotion a bien été modifiée');
}
} else {
App::error("Les champs ne sont pas valides");
}
}
if ($member) {
?>
<div class="col-md-8">
<div class="page-header">
<h1>Éditer une promotion</h1>
</div>
<form action="index.php?page=admin/promotion-edit&id=<?php
echo $id;
?>
" method="POST">
<?php
if (isset($_GET['id']) && !empty($_GET['id'])) {
$id = htmlentities($_GET['id']);
$color = Color::getColorById($id);
if (isset($_POST['edit'])) {
PDOConnexion::setParameters('phonedeals', 'root', 'root');
$db = PDOConnexion::getInstance();
$sql = "\n\t\t\t\tUPDATE color\n\t\t\t\tSET name = :name,\n\t\t\t\t\thex = :hex\n\t\t\t\tWHERE id = :id\n\t\t\t";
$sth = $db->prepare($sql);
$sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Color');
$sth->execute(array(':id' => $id, ':name' => $_POST['name'], ':hex' => $_POST['hex']));
if ($sth) {
App::success('Cette couleur a bien été modifiée');
}
}
if ($color) {
?>
<div class="col-md-8">
<div class="page-header">
<h1>Éditer une couleur</h1>
</div>
<form action="index.php?page=admin/color-edit&id=<?php
echo $id;
?>
" method="POST">
<div class="form-group">
<label for="color-name">Nom</label>
<input type="text" class="form-control" id="color-name" value="<?php
echo $color->name;
<?php
if (isset($_GET['id']) && !empty($_GET['id'])) {
$id = htmlentities($_GET['id']);
$brands = Brand::getBrandById($id);
if (isset($_POST['edit'])) {
if (preg_match("#^[a-zA-Z0-9._-]{2,30}#", $_POST['name'])) {
PDOConnexion::setParameters('phonedeals', 'root', 'root');
$db = PDOConnexion::getInstance();
$sql = "\n\t\t\t\tUPDATE brand\n\t\t\t\tSET name = :name\n\t\t\t\tWHERE id = :id\n\t\t\t";
$sth = $db->prepare($sql);
$sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Brand');
$sth->execute(array(':id' => $id, ':name' => $_POST['name']));
if ($sth) {
App::success('Cette marque a bien été modifiée');
}
} else {
App::error("Le nom de cette marque n'est pas valide");
}
}
if ($brands) {
?>
<div class="col-md-8">
<div class="page-header">
<h1>Éditer une marque</h1>
</div>
<form action="index.php?page=admin/brand-edit&id=<?php
echo $id;
?>
" method="POST">
<?php
if (isset($_POST['add']) && App::isAdmin()) {
if (isset($_POST['name']) && preg_match("#^[a-zA-Z0-9]{2,32}#", $_POST['name']) && isset($_POST['brand']) && preg_match("#^[0-9]{1}#", $_POST['brand']) && isset($_POST['capacity']) && isset($_POST['price']) && preg_match("#^[0-9]#", $_POST['price']) && isset($_POST['color']) && isset($_POST['description']) && preg_match("#^[a-zA-Z0-9._-]#", $_POST['description'])) {
PDOConnexion::setParameters('phonedeals', 'root', 'root');
$db = PDOConnexion::getInstance();
$sql = "\n\t\t\t\t\tINSERT INTO phone(name, brand, capacity, price, color, description)\n\t\t\t\t\t\tVALUES (:name, :brand, :capacity, :price, :color, :description)\n\t\t\t\t";
$sth = $db->prepare($sql);
$sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Phone');
$sth->execute(array(':name' => $_POST['name'], ':brand' => $_POST['brand'], ':capacity' => implode(',', $_POST['capacity']), ':price' => $_POST['price'], ':color' => implode(',', $_POST['color']), ':description' => $_POST['description']));
if ($sth) {
App::success('Ce téléphone a bien été ajouté');
}
} else {
if (!preg_match("#^[a-zA-Z0-9]{2,32}#", $_POST['name'])) {
App::error('Veuillez entrer un nom valide.', 'index.php?page=admin/add-phone');
}
if (!preg_match("#^[0-9]{1}#", $_POST['brand'])) {
App::error('Veuillez choisir une marque valide.', 'index.php?page=admin/add-phone');
}
if (!preg_match("#^[0-9.,]#", $_POST['price'])) {
App::error('Veuillez entrer un prix valide.', 'index.php?page=admin/add-phone');
}
if (!preg_match("#^[a-zA-Z0-9._-]#", $_POST['description'])) {
App::error('Veuillez entrer une description valide.', 'index.php?page=admin/add-phone');
}
}
}
?>
<div class="col-md-8">
<div class="page-header">
<?php
if (isset($_POST['add']) && App::isAdmin()) {
if (isset($_POST['capacity']) && is_numeric($_POST['capacity'])) {
$storage = $_POST['capacity'];
PDOConnexion::setParameters('phonedeals', 'root', 'root');
$db = PDOConnexion::getInstance();
$sql = "\n\t\t\t\t\tINSERT INTO capacity(storage)\n\t\t\t\t\tVALUES (:storage)\n\t\t\t\t";
$sth = $db->prepare($sql);
$sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Capacity');
$sth->execute(array(':storage' => $storage));
if ($sth) {
App::success('Cette capacité a bien été ajouté.', 'index.php?page=admin/capacities-list');
}
} else {
App::error('Veuillez entrer une capacité valide.', 'index.php?page=admin/add-capacity');
}
}
?>
<div class="col-md-8">
<div class="page-header">
<h1>
Ajouter une Capacité
</h1>
</div>
<form action="index.php?page=admin/add-capacity" method="POST" enctype="multipart/form-data">
<div class="form-group">
<label for="capacity">Capacité</label>
<input type="text" class="form-control" id="capacity" required="required" name="capacity" placeholder="Votre capacité">
</div>
<?php
if (isset($_GET['id']) && !empty($_GET['id'])) {
$id = htmlentities($_GET['id']);
$capacity = Capacity::getCapacityById($id);
if (isset($_POST['edit'])) {
PDOConnexion::setParameters('phonedeals', 'root', 'root');
$db = PDOConnexion::getInstance();
$sql = "\n\t\t\t\tUPDATE capacity\n\t\t\t\tSET storage = :storage\n\t\t\t\tWHERE id = :id\n\t\t\t";
$sth = $db->prepare($sql);
$sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Capacity');
$sth->execute(array(':id' => $id, ':storage' => $_POST['storage']));
if ($sth) {
App::success('Cette capacité a bien été modifiée');
}
}
if ($capacity) {
?>
<div class="col-md-8">
<div class="page-header">
<h1>Éditer une capacité</h1>
</div>
<form action="index.php?page=admin/capacity-edit&id=<?php
echo $id;
?>
" method="POST">
<div class="form-group">
<label for="capacity-name">Nom</label>
<input type="text" class="form-control" id="capacity-name" value="<?php
echo $capacity->storage;
<?php
if (isset($_POST['add']) && App::isAdmin()) {
if (isset($_POST['name']) && preg_match("#^[a-zA-Z._-]{2,32}#", $_POST['name'])) {
$name = $_POST['name'];
PDOConnexion::setParameters('phonedeals', 'root', 'root');
$db = PDOConnexion::getInstance();
$sql = "\n\t\t\t\t\tINSERT INTO brand(name)\n\t\t\t\t\tVALUES (:name)\n\t\t\t\t";
$sth = $db->prepare($sql);
$sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Brand');
$sth->execute(array(':name' => $name));
if ($sth) {
App::success('Cette marque a bien été ajouté.', 'index.php?page=admin/brands-list');
}
} else {
App::error('Veuillez entrer une marque valide.', 'index.php?page=admin/add-brand');
}
}
?>
<div class="col-md-8">
<div class="page-header">
<h1>
Ajouter une Marque
</h1>
</div>
<form action="index.php?page=admin/add-brand" method="POST" enctype="multipart/form-data">
<div class="form-group">
<label for="brand-name">Nom</label>
<input type="text" class="form-control" id="brand-name" required="required" name="name" placeholder="Votre marque">
</div>
<?php
if (isset($_POST['add']) && App::isAdmin()) {
if (isset($_POST['phone']) && isset($_POST['pourcentage']) && preg_match("#^([0-9]{1,2}|100)\$#", $_POST['pourcentage'])) {
PDOConnexion::setParameters('phonedeals', 'root', 'root');
$db = PDOConnexion::getInstance();
$sql = "\n\t\t\t\t\tINSERT INTO promotion(phone,percent)\n\t\t\t\t\tVALUES (:phone,:percent)\n\t\t\t\t";
$sth = $db->prepare($sql);
$sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Promotion');
$sth->execute(array(':phone' => $_POST['phone'], ':percent' => $_POST['pourcentage']));
if ($sth) {
App::success('Ce pourcentage a bien été ajouté.', 'index.php?page=admin/promotions-list');
}
} else {
App::error('Veuillez entrer un pourcentage entre 0 et 100.', 'index.php?page=admin/add-promotion');
}
}
?>
<div class="col-md-4">
<div class="page-header">
<h1>
Ajouter un promotion
</h1>
</div>
<form action="index.php?page=admin/add-promotion" method="POST" enctype="multipart/form-data">
<div class="form-group">
<label for="phones" style="width: 100%;">Téléphone</label>
<select name="phone">
<option selected="selected"> Selectionnez un téléphone</option>
<?php
if (isset($_POST['add']) && App::isAdmin()) {
PDOConnexion::setParameters('phonedeals', 'root', 'root');
$db = PDOConnexion::getInstance();
$sql = "\n\t\t\t\tINSERT INTO orders(member, date, paid_price, paid_price_vat, sent_method)\n\t\t\t\t\tVALUES (:member, NOW(), :paid_price, :paid_price_vat, :sent_method)\n\t\t\t";
$sth = $db->prepare($sql);
$sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Order');
$sth->execute(array(':member' => $_POST['member'], ':paid_price' => $_POST['paid_price'], ':paid_price_vat' => $_POST['paid_price_vat'], ':sent_method' => $_POST['sent_method']));
if ($sth) {
App::success('Cette commande a bien été ajouté');
}
}
?>
<div class="col-md-8">
<div class="page-header">
<h1>Ajouter une commande</h1>
</div>
<form action="index.php?page=admin/add-order" method="POST">
<div class="form-group">
<label for="order-member">Client</label>
<select id="order-member" required="required" name="member" class="form-control">
<option value="" disabled selected>Client</option>
<?php
foreach (Member::getMembersList() as $member) {
echo '<option value="' . $member->id . '">' . $member->first_name . ' ' . $member->last_name . '</option>';
}
?>
</select>
<?php
if (isset($_GET['id']) && !empty($_GET['id'])) {
$id = htmlentities($_GET['id']);
$phone = Phone::getPhoneById($id);
$brand = Brand::getBrandById($id);
if (isset($_POST['edit'])) {
if (isset($_POST['name']) && preg_match("#^[a-zA-Z0-9]{2,32}#", $_POST['name']) && isset($_POST['brand']) && preg_match("#^[0-9]{1}#", $_POST['brand']) && isset($_POST['capacity']) && isset($_POST['price']) && preg_match("#^[0-9]#", $_POST['price']) && isset($_POST['color']) && isset($_POST['description']) && preg_match("#^[a-zA-Z0-9._-]#", $_POST['description'])) {
PDOConnexion::setParameters('phonedeals', 'root', 'root');
$db = PDOConnexion::getInstance();
$sql = "\n\t\t\t\t\tUPDATE phone\n\t\t\t\t\tSET name = :name,\n\t\t\t\t\t\tbrand = :brand,\n\t\t\t\t\t\tcapacity = :capacity,\n\t\t\t\t\t\tprice = :price,\n\t\t\t\t\t\tcolor = :color,\n\t\t\t\t\t\tdescription = :description\n\t\t\t\t\tWHERE id = :id\n\t\t\t\t";
$sth = $db->prepare($sql);
$sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Phone');
$sth->execute(array(':id' => $id, ':name' => $_POST['name'], ':brand' => $_POST['brand'], ':capacity' => implode(',', $_POST['capacity']), ':price' => $_POST['price'], ':color' => implode(',', $_POST['color']), ':description' => $_POST['description']));
if ($sth) {
App::success('Ce téléphone a bien été modifié');
}
} else {
if (!preg_match("#^[a-zA-Z0-9]{2,32}#", $_POST['name'])) {
App::error('Veuillez entrer un nom valide.', 'index.php?page=admin/add-phone');
}
if (!preg_match("#^[0-9]{1}#", $_POST['brand'])) {
App::error('Veuillez choisir une marque valide.', 'index.php?page=admin/add-phone');
}
if (!preg_match("#^[0-9.,]#", $_POST['price'])) {
App::error('Veuillez entrer un prix valide.', 'index.php?page=admin/add-phone');
}
if (!preg_match("#^[a-zA-Z0-9._-]#", $_POST['description'])) {
App::error('Veuillez entrer une description valide.', 'index.php?page=admin/add-phone');
}
}
<?php
if (isset($_POST['add']) && App::isAdmin()) {
if (isset($_POST['name']) && preg_match("#^[a-zA-Z]{2,32}#", $_POST['name']) && isset($_POST['hex']) && (preg_match("#^[a-zA-Z0-9]{3}#", $_POST['hex']) || preg_match("#^[a-zA-Z0-9]{6}#", $_POST['hex']))) {
$name = $_POST['name'];
$hex = '#' . $_POST['hex'];
PDOConnexion::setParameters('phonedeals', 'root', 'root');
$db = PDOConnexion::getInstance();
$sql = "\n\t\t\t\t\tINSERT INTO color(name, hex)\n\t\t\t\t\tVALUES (:name, :hex)\n\t\t\t\t";
$sth = $db->prepare($sql);
$sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Color');
$sth->execute(array(':name' => $name, ':hex' => $hex));
if ($sth) {
App::success('Cette couleur a bien été ajouté.', 'index.php?page=admin/color-list');
}
} else {
if (!preg_match("#^[a-zA-Z]{2,32}#", $_POST['name'])) {
App::error('Veuillez entrer une couleur valide.', 'index.php?page=admin/add-color');
}
if (!preg_match("#^[a-zA-Z0-9]{3}#", $_POST['hex']) && !preg_match("#^[a-zA-Z0-9]{6}#", $_POST['hex'])) {
App::error('Veuillez entrer un code hexadecimal valide.', 'index.php?page=admin/add-color');
}
}
}
?>
<div class="col-md-8">
<div class="page-header">
<h1>
Ajouter une Couleur
</h1>
</div>
<?php
if (isset($_GET['id']) && !empty($_GET['id'])) {
$id = htmlentities($_GET['id']);
$member = Member::getMemberById($id);
if (isset($_POST['edit'])) {
if (preg_match("#^[a-zA-Z._-]{2,32}#", $_POST['first_name']) && preg_match("#^[a-zA-Z._-]{2,32}#", $_POST['last_name']) && preg_match("#^[0-9]{1,}\$#", $_POST['way_num']) && preg_match("#^[a-zA-Z0-9._-]{2,30}#", $_POST['way_name']) && preg_match("#^[a-zA-Z0-9._-]{2,30}#", $_POST['city']) && preg_match("#^[0-9]{5}\$#", $_POST['zip_code'])) {
PDOConnexion::setParameters('phonedeals', 'root', 'root');
$db = PDOConnexion::getInstance();
$sql = "\n\t\t\t\tUPDATE member\n\t\t\t\tSET first_name = :first_name,\n last_name = :last_name,\n way_num = :way_num,\n way_type = :way_type,\n way_name = :way_name,\n city = :city,\n zip_code = :zip_code\n\t\t\t\tWHERE id = :id\n\t\t\t";
$sth = $db->prepare($sql);
$sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Member');
$sth->execute(array(':id' => $id, ':first_name' => $_POST['first_name'], ':last_name' => $_POST['last_name'], ':way_num' => $_POST['way_num'], ':way_type' => $_POST['way_type'], ':way_name' => $_POST['way_name'], ':city' => $_POST['city'], ':zip_code' => $_POST['zip_code']));
if ($sth) {
App::success('Le profil de ce membre a bien été modifiée');
}
} else {
App::error("Les champs ne sont pas valides");
}
}
if ($member) {
?>
<div class="col-md-8">
<div class="page-header">
<h1>Éditer une membre</h1>
</div>
<form action="index.php?page=admin/member-edit&id=<?php
echo $id;
?>
" method="POST">
