function query_insert_address()
{
global $connection;
//prep values
$address = mysqli_real_escape_string($connection, $_POST['address']);
$city = mysqli_real_escape_string($connection, $_POST['city']);
$postcode = mysqli_real_escape_string($connection, $_POST['postcode']);
$country = mysqli_real_escape_string($connection, $_POST['country']);
$phonenumber = mysqli_real_escape_string($connection, $_POST['phonenumber']);
$street = $address;
/*Unfortunately, userId must be fetched through a query to the database.
* Different methods would involve generating a unique id per user through the
* php logic, but this would probably produce a hexidecimal string, which would
* need to be stored as a VARCHAR at the database level. Performance is not
* critical for this project, so the worst performing solution is opted for.*/
$userId = query_select_last_user()['userId'];
//construct query
$query = "INSERT INTO address ";
$query .= "(user_id, street, zip, city, country, phone) ";
$query .= "VALUES ";
$query .= "({$userId}, '{$street}', '{$postcode}', '{$city}', '{$country}', ";
$query .= "{$phonenumber});";
//execute query
$result = mysqli_query($connection, $query);
//check result
if ($result) {
//Success
return 1;
} else {
//Failure
return 0;
}
}
function query_select_last_user_success()
{
global $connection;
assert(query_select_last_user()['firstName'] == "testname");
}
