$customerID = $_SESSION['customer'];
//$customerID = filter_input(INPUT_POST, 'customerID');
$productCode = filter_input(INPUT_POST, 'productCode');
if ($customerID == NULL || $customerID == FALSE || $productCode == NULL || $productCode == FALSE) {
$error = "Missing or incorrect product or user failed.";
include '../errors/error.php';
} else {
$products = get_products();
$productName = "cows";
foreach ($products as $product) {
if ($productCode == $product['productCode']) {
$productName = $product['name'];
break;
}
}
add_registration($customerID, $productCode);
$message = "Product {$productName} was successfull registered ";
include 'product_register_success.php';
}
} else {
if ($action == 'login') {
//loging in
//get form data
$username = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_STRING);
$password = filter_input(INPUT_POST, 'password', FILTER_SANITIZE_STRING);
if ($username == NULL || $username == FALSE || $password == NULL || $password == FALSE) {
$message = "Login Failed: missing username or passwrod.";
include 'customer_login.php';
} else {
//check password
if (is_valid_customer_login($username, $password)) {
} else {
if ($action == 'login_user') {
$email = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL);
if ($email == null || $email == false) {
$error = "Please enter a valid email.";
include '../errors/error.php';
} else {
$user = get_customer_by_email($email);
if (empty($user)) {
$error = "User not found. Please try again.";
include '../errors/error.php';
} else {
$products = get_products();
include 'product_register.php';
}
}
} else {
if ($action == 'register_product') {
$product_code = filter_input(INPUT_POST, 'product_code');
$customer_id = filter_input(INPUT_POST, 'customer_id', FILTER_VALIDATE_INT);
if ($product_code == null || $customer_id == null || $customer_id == false) {
$error = "Please check your values and try again.";
include '../errors/error.php';
} else {
add_registration($customer_id, $product_code);
$message = "Product (" . $product_code . ") was registered successfully.";
include 'product_register.php';
}
}
}
}
$message = 'Your email does not match our database.';
include 'customer_login.php';
} else {
$_SESSION['customerId'] = $customer['customerID'];
$products = get_products();
include 'product_register.php';
}
}
}
} else {
if ($action == 'register_product') {
$customerID = $_SESSION['customerId'];
$submitted_product = filter_input(INPUT_POST, 'product');
if (!$submitted_product == null) {
if (!is_registered($submitted_product)) {
$inserted = add_registration($customerID, $submitted_product);
if ($inserted) {
$message = 'Product (' . $submitted_product . ') was registered succesfully.';
} else {
$message = 'Product (' . $submitted_product . ') could not be registered.';
}
} else {
$message = 'Product (' . $submitted_product . ') has already been registered.';
}
include 'product_register.php';
}
} else {
if ($action == 'logout') {
// Unset all of the session variables.
$_SESSION = array();
// If it's desired to kill the session, also delete the session cookie.