<?php require_once "requires/functions.php"; require_once "requires/datasource.php"; if (!isLoggedIn()) { include "headers/publicheader.php"; } else { include "headers/adminheader.php"; } // if was submitted from the contact seller, review, or email submit button // get the seller information to display if (isset($_POST["contactseller"]) || isset($_POST["reviewsubmit"]) || isset($_POST["mailsubmit"])) { $sellerName = $_POST["name"]; $seller = $_POST["seller"]; $itemID = $_POST["item"]; $result = DataSource::getUser("username = '******'"); $row = $result->fetch_assoc(); $email = $row["emailAddress"]; $phone = $row["phoneNumber"]; // if was submitted from the review submit button, create the new // review for the seller if (isset($_POST["reviewsubmit"])) { $newReview = escapeValue(trim($_POST["review"])); $seller = $_POST["seller"]; if (!empty($newReview)) { DataSource::createUserReview($seller, $newReview); } // else if was submitted from the email message button, create // the message and send it to the seller } else { if (isset($_POST["mailsubmit"])) {
class="waves-effect waves-light btn indigo accent-1"> Log In</button> </div> </div> </div> </div> <?php // if was submitted from the log in button, hash the password as md5 // 128 bit format, then compare the username and password in the database // if match, log the user in, else display the error if (isset($_POST["loginsubmit"])) { $username = escapeValue(trim($_POST["username"])); $password = md5(trim($_POST["password"])); $selection = "username = '******' "; $selection .= "AND password = '******';"; $result = DataSource::getUser($selection); $row = $result->fetch_assoc(); if ($row != NULL) { // user found, log in successfully $_SESSION["currentUser"] = $row["username"]; $_SESSION["currentName"] = $row["firstName"] + $row["lastName"]; redirectTo("myitems.php"); } else { echo "<h3>Error: incorrect username/password</h3>"; } } closeConnection(); ?> </form> </div> </div>
include "headers/adminheader.php"; if (isset($_SESSION["currentUser"])) { $username = $_SESSION["currentUser"]; // if the current session has a logged in user // and the update info button was submitted, update // their information if (isset($_POST["updateinfosubmit"])) { $firstName = escapeValue(trim($_POST["firstname"])); $lastName = escapeValue(trim($_POST["lastname"])); $phoneNumber = escapeValue(trim($_POST["phone"])); $emailAddress = escapeValue(trim($_POST["email"])); DataSource::updateUser($username, $firstName, $lastName, $emailAddress, $phoneNumber); // else get current information about the username in the // database to display } else { $result = DataSource::getUser("username = '******'"); $row = $result->fetch_assoc(); $firstName = $row["firstName"]; $lastName = $row["lastName"]; $emailAddress = $row["emailAddress"]; $phoneNumber = $row["phoneNumber"]; } // get the reviews for the username from the database to // display $reviewResult = DataSource::getUserReviews($username); $reviews = array(); if ($reviewResult) { while ($review = $reviewResult->fetch_assoc()) { $reviews[] = $review["reviewDescription"]; } }