<?php if (isset($_GET['id']) && !empty($_GET['id'])) { $id = htmlentities($_GET['id']); $promotion = Promotion::getPromotionById($id); if (isset($_POST['edit'])) { if (preg_match("#^([0-9]{1,2}|100)\$#", $_POST['percent'])) { PDOConnexion::setParameters('phonedeals', 'root', 'root'); $db = PDOConnexion::getInstance(); $sql = "\n\t\t\t\tUPDATE promotion\n\t\t\t\tSET percent = :percent\n\t\t\t\tWHERE id = :id\n\t\t\t"; $sth = $db->prepare($sql); $sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Promotion'); $sth->execute(array(':id' => $id, ':percent' => $_POST['percent'])); if ($sth) { App::success('La promotion a bien été modifiée'); } } else { App::error("Les champs ne sont pas valides"); } } if ($member) { ?> <div class="col-md-8"> <div class="page-header"> <h1>Éditer une promotion</h1> </div> <form action="index.php?page=admin/promotion-edit&id=<?php echo $id; ?> " method="POST">
<?php if (isset($_GET['id']) && !empty($_GET['id'])) { $id = htmlentities($_GET['id']); $color = Color::getColorById($id); if (isset($_POST['edit'])) { PDOConnexion::setParameters('phonedeals', 'root', 'root'); $db = PDOConnexion::getInstance(); $sql = "\n\t\t\t\tUPDATE color\n\t\t\t\tSET name = :name,\n\t\t\t\t\thex = :hex\n\t\t\t\tWHERE id = :id\n\t\t\t"; $sth = $db->prepare($sql); $sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Color'); $sth->execute(array(':id' => $id, ':name' => $_POST['name'], ':hex' => $_POST['hex'])); if ($sth) { App::success('Cette couleur a bien été modifiée'); } } if ($color) { ?> <div class="col-md-8"> <div class="page-header"> <h1>Éditer une couleur</h1> </div> <form action="index.php?page=admin/color-edit&id=<?php echo $id; ?> " method="POST"> <div class="form-group"> <label for="color-name">Nom</label> <input type="text" class="form-control" id="color-name" value="<?php echo $color->name;
<?php if (isset($_GET['id']) && !empty($_GET['id'])) { $id = htmlentities($_GET['id']); $brands = Brand::getBrandById($id); if (isset($_POST['edit'])) { if (preg_match("#^[a-zA-Z0-9._-]{2,30}#", $_POST['name'])) { PDOConnexion::setParameters('phonedeals', 'root', 'root'); $db = PDOConnexion::getInstance(); $sql = "\n\t\t\t\tUPDATE brand\n\t\t\t\tSET name = :name\n\t\t\t\tWHERE id = :id\n\t\t\t"; $sth = $db->prepare($sql); $sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Brand'); $sth->execute(array(':id' => $id, ':name' => $_POST['name'])); if ($sth) { App::success('Cette marque a bien été modifiée'); } } else { App::error("Le nom de cette marque n'est pas valide"); } } if ($brands) { ?> <div class="col-md-8"> <div class="page-header"> <h1>Éditer une marque</h1> </div> <form action="index.php?page=admin/brand-edit&id=<?php echo $id; ?> " method="POST">
<?php if (isset($_POST['add']) && App::isAdmin()) { if (isset($_POST['name']) && preg_match("#^[a-zA-Z0-9]{2,32}#", $_POST['name']) && isset($_POST['brand']) && preg_match("#^[0-9]{1}#", $_POST['brand']) && isset($_POST['capacity']) && isset($_POST['price']) && preg_match("#^[0-9]#", $_POST['price']) && isset($_POST['color']) && isset($_POST['description']) && preg_match("#^[a-zA-Z0-9._-]#", $_POST['description'])) { PDOConnexion::setParameters('phonedeals', 'root', 'root'); $db = PDOConnexion::getInstance(); $sql = "\n\t\t\t\t\tINSERT INTO phone(name, brand, capacity, price, color, description)\n\t\t\t\t\t\tVALUES (:name, :brand, :capacity, :price, :color, :description)\n\t\t\t\t"; $sth = $db->prepare($sql); $sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Phone'); $sth->execute(array(':name' => $_POST['name'], ':brand' => $_POST['brand'], ':capacity' => implode(',', $_POST['capacity']), ':price' => $_POST['price'], ':color' => implode(',', $_POST['color']), ':description' => $_POST['description'])); if ($sth) { App::success('Ce téléphone a bien été ajouté'); } } else { if (!preg_match("#^[a-zA-Z0-9]{2,32}#", $_POST['name'])) { App::error('Veuillez entrer un nom valide.', 'index.php?page=admin/add-phone'); } if (!preg_match("#^[0-9]{1}#", $_POST['brand'])) { App::error('Veuillez choisir une marque valide.', 'index.php?page=admin/add-phone'); } if (!preg_match("#^[0-9.,]#", $_POST['price'])) { App::error('Veuillez entrer un prix valide.', 'index.php?page=admin/add-phone'); } if (!preg_match("#^[a-zA-Z0-9._-]#", $_POST['description'])) { App::error('Veuillez entrer une description valide.', 'index.php?page=admin/add-phone'); } } } ?> <div class="col-md-8"> <div class="page-header">
<?php if (isset($_POST['add']) && App::isAdmin()) { if (isset($_POST['capacity']) && is_numeric($_POST['capacity'])) { $storage = $_POST['capacity']; PDOConnexion::setParameters('phonedeals', 'root', 'root'); $db = PDOConnexion::getInstance(); $sql = "\n\t\t\t\t\tINSERT INTO capacity(storage)\n\t\t\t\t\tVALUES (:storage)\n\t\t\t\t"; $sth = $db->prepare($sql); $sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Capacity'); $sth->execute(array(':storage' => $storage)); if ($sth) { App::success('Cette capacité a bien été ajouté.', 'index.php?page=admin/capacities-list'); } } else { App::error('Veuillez entrer une capacité valide.', 'index.php?page=admin/add-capacity'); } } ?> <div class="col-md-8"> <div class="page-header"> <h1> Ajouter une Capacité </h1> </div> <form action="index.php?page=admin/add-capacity" method="POST" enctype="multipart/form-data"> <div class="form-group"> <label for="capacity">Capacité</label> <input type="text" class="form-control" id="capacity" required="required" name="capacity" placeholder="Votre capacité"> </div>
<?php if (isset($_GET['id']) && !empty($_GET['id'])) { $id = htmlentities($_GET['id']); $capacity = Capacity::getCapacityById($id); if (isset($_POST['edit'])) { PDOConnexion::setParameters('phonedeals', 'root', 'root'); $db = PDOConnexion::getInstance(); $sql = "\n\t\t\t\tUPDATE capacity\n\t\t\t\tSET storage = :storage\n\t\t\t\tWHERE id = :id\n\t\t\t"; $sth = $db->prepare($sql); $sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Capacity'); $sth->execute(array(':id' => $id, ':storage' => $_POST['storage'])); if ($sth) { App::success('Cette capacité a bien été modifiée'); } } if ($capacity) { ?> <div class="col-md-8"> <div class="page-header"> <h1>Éditer une capacité</h1> </div> <form action="index.php?page=admin/capacity-edit&id=<?php echo $id; ?> " method="POST"> <div class="form-group"> <label for="capacity-name">Nom</label> <input type="text" class="form-control" id="capacity-name" value="<?php echo $capacity->storage;
<?php if (isset($_POST['add']) && App::isAdmin()) { if (isset($_POST['name']) && preg_match("#^[a-zA-Z._-]{2,32}#", $_POST['name'])) { $name = $_POST['name']; PDOConnexion::setParameters('phonedeals', 'root', 'root'); $db = PDOConnexion::getInstance(); $sql = "\n\t\t\t\t\tINSERT INTO brand(name)\n\t\t\t\t\tVALUES (:name)\n\t\t\t\t"; $sth = $db->prepare($sql); $sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Brand'); $sth->execute(array(':name' => $name)); if ($sth) { App::success('Cette marque a bien été ajouté.', 'index.php?page=admin/brands-list'); } } else { App::error('Veuillez entrer une marque valide.', 'index.php?page=admin/add-brand'); } } ?> <div class="col-md-8"> <div class="page-header"> <h1> Ajouter une Marque </h1> </div> <form action="index.php?page=admin/add-brand" method="POST" enctype="multipart/form-data"> <div class="form-group"> <label for="brand-name">Nom</label> <input type="text" class="form-control" id="brand-name" required="required" name="name" placeholder="Votre marque"> </div>
<?php if (isset($_POST['add']) && App::isAdmin()) { if (isset($_POST['phone']) && isset($_POST['pourcentage']) && preg_match("#^([0-9]{1,2}|100)\$#", $_POST['pourcentage'])) { PDOConnexion::setParameters('phonedeals', 'root', 'root'); $db = PDOConnexion::getInstance(); $sql = "\n\t\t\t\t\tINSERT INTO promotion(phone,percent)\n\t\t\t\t\tVALUES (:phone,:percent)\n\t\t\t\t"; $sth = $db->prepare($sql); $sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Promotion'); $sth->execute(array(':phone' => $_POST['phone'], ':percent' => $_POST['pourcentage'])); if ($sth) { App::success('Ce pourcentage a bien été ajouté.', 'index.php?page=admin/promotions-list'); } } else { App::error('Veuillez entrer un pourcentage entre 0 et 100.', 'index.php?page=admin/add-promotion'); } } ?> <div class="col-md-4"> <div class="page-header"> <h1> Ajouter un promotion </h1> </div> <form action="index.php?page=admin/add-promotion" method="POST" enctype="multipart/form-data"> <div class="form-group"> <label for="phones" style="width: 100%;">Téléphone</label> <select name="phone"> <option selected="selected"> Selectionnez un téléphone</option>
<?php if (isset($_POST['add']) && App::isAdmin()) { PDOConnexion::setParameters('phonedeals', 'root', 'root'); $db = PDOConnexion::getInstance(); $sql = "\n\t\t\t\tINSERT INTO orders(member, date, paid_price, paid_price_vat, sent_method)\n\t\t\t\t\tVALUES (:member, NOW(), :paid_price, :paid_price_vat, :sent_method)\n\t\t\t"; $sth = $db->prepare($sql); $sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Order'); $sth->execute(array(':member' => $_POST['member'], ':paid_price' => $_POST['paid_price'], ':paid_price_vat' => $_POST['paid_price_vat'], ':sent_method' => $_POST['sent_method'])); if ($sth) { App::success('Cette commande a bien été ajouté'); } } ?> <div class="col-md-8"> <div class="page-header"> <h1>Ajouter une commande</h1> </div> <form action="index.php?page=admin/add-order" method="POST"> <div class="form-group"> <label for="order-member">Client</label> <select id="order-member" required="required" name="member" class="form-control"> <option value="" disabled selected>Client</option> <?php foreach (Member::getMembersList() as $member) { echo '<option value="' . $member->id . '">' . $member->first_name . ' ' . $member->last_name . '</option>'; } ?> </select>
<?php if (isset($_GET['id']) && !empty($_GET['id'])) { $id = htmlentities($_GET['id']); $phone = Phone::getPhoneById($id); $brand = Brand::getBrandById($id); if (isset($_POST['edit'])) { if (isset($_POST['name']) && preg_match("#^[a-zA-Z0-9]{2,32}#", $_POST['name']) && isset($_POST['brand']) && preg_match("#^[0-9]{1}#", $_POST['brand']) && isset($_POST['capacity']) && isset($_POST['price']) && preg_match("#^[0-9]#", $_POST['price']) && isset($_POST['color']) && isset($_POST['description']) && preg_match("#^[a-zA-Z0-9._-]#", $_POST['description'])) { PDOConnexion::setParameters('phonedeals', 'root', 'root'); $db = PDOConnexion::getInstance(); $sql = "\n\t\t\t\t\tUPDATE phone\n\t\t\t\t\tSET name = :name,\n\t\t\t\t\t\tbrand = :brand,\n\t\t\t\t\t\tcapacity = :capacity,\n\t\t\t\t\t\tprice = :price,\n\t\t\t\t\t\tcolor = :color,\n\t\t\t\t\t\tdescription = :description\n\t\t\t\t\tWHERE id = :id\n\t\t\t\t"; $sth = $db->prepare($sql); $sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Phone'); $sth->execute(array(':id' => $id, ':name' => $_POST['name'], ':brand' => $_POST['brand'], ':capacity' => implode(',', $_POST['capacity']), ':price' => $_POST['price'], ':color' => implode(',', $_POST['color']), ':description' => $_POST['description'])); if ($sth) { App::success('Ce téléphone a bien été modifié'); } } else { if (!preg_match("#^[a-zA-Z0-9]{2,32}#", $_POST['name'])) { App::error('Veuillez entrer un nom valide.', 'index.php?page=admin/add-phone'); } if (!preg_match("#^[0-9]{1}#", $_POST['brand'])) { App::error('Veuillez choisir une marque valide.', 'index.php?page=admin/add-phone'); } if (!preg_match("#^[0-9.,]#", $_POST['price'])) { App::error('Veuillez entrer un prix valide.', 'index.php?page=admin/add-phone'); } if (!preg_match("#^[a-zA-Z0-9._-]#", $_POST['description'])) { App::error('Veuillez entrer une description valide.', 'index.php?page=admin/add-phone'); } }
<?php if (isset($_POST['add']) && App::isAdmin()) { if (isset($_POST['name']) && preg_match("#^[a-zA-Z]{2,32}#", $_POST['name']) && isset($_POST['hex']) && (preg_match("#^[a-zA-Z0-9]{3}#", $_POST['hex']) || preg_match("#^[a-zA-Z0-9]{6}#", $_POST['hex']))) { $name = $_POST['name']; $hex = '#' . $_POST['hex']; PDOConnexion::setParameters('phonedeals', 'root', 'root'); $db = PDOConnexion::getInstance(); $sql = "\n\t\t\t\t\tINSERT INTO color(name, hex)\n\t\t\t\t\tVALUES (:name, :hex)\n\t\t\t\t"; $sth = $db->prepare($sql); $sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Color'); $sth->execute(array(':name' => $name, ':hex' => $hex)); if ($sth) { App::success('Cette couleur a bien été ajouté.', 'index.php?page=admin/color-list'); } } else { if (!preg_match("#^[a-zA-Z]{2,32}#", $_POST['name'])) { App::error('Veuillez entrer une couleur valide.', 'index.php?page=admin/add-color'); } if (!preg_match("#^[a-zA-Z0-9]{3}#", $_POST['hex']) && !preg_match("#^[a-zA-Z0-9]{6}#", $_POST['hex'])) { App::error('Veuillez entrer un code hexadecimal valide.', 'index.php?page=admin/add-color'); } } } ?> <div class="col-md-8"> <div class="page-header"> <h1> Ajouter une Couleur </h1> </div>
<?php if (isset($_GET['id']) && !empty($_GET['id'])) { $id = htmlentities($_GET['id']); $member = Member::getMemberById($id); if (isset($_POST['edit'])) { if (preg_match("#^[a-zA-Z._-]{2,32}#", $_POST['first_name']) && preg_match("#^[a-zA-Z._-]{2,32}#", $_POST['last_name']) && preg_match("#^[0-9]{1,}\$#", $_POST['way_num']) && preg_match("#^[a-zA-Z0-9._-]{2,30}#", $_POST['way_name']) && preg_match("#^[a-zA-Z0-9._-]{2,30}#", $_POST['city']) && preg_match("#^[0-9]{5}\$#", $_POST['zip_code'])) { PDOConnexion::setParameters('phonedeals', 'root', 'root'); $db = PDOConnexion::getInstance(); $sql = "\n\t\t\t\tUPDATE member\n\t\t\t\tSET first_name = :first_name,\n last_name = :last_name,\n way_num = :way_num,\n way_type = :way_type,\n way_name = :way_name,\n city = :city,\n zip_code = :zip_code\n\t\t\t\tWHERE id = :id\n\t\t\t"; $sth = $db->prepare($sql); $sth->setFetchMode(PDO::FETCH_CLASS | PDO::FETCH_PROPS_LATE, 'Member'); $sth->execute(array(':id' => $id, ':first_name' => $_POST['first_name'], ':last_name' => $_POST['last_name'], ':way_num' => $_POST['way_num'], ':way_type' => $_POST['way_type'], ':way_name' => $_POST['way_name'], ':city' => $_POST['city'], ':zip_code' => $_POST['zip_code'])); if ($sth) { App::success('Le profil de ce membre a bien été modifiée'); } } else { App::error("Les champs ne sont pas valides"); } } if ($member) { ?> <div class="col-md-8"> <div class="page-header"> <h1>Éditer une membre</h1> </div> <form action="index.php?page=admin/member-edit&id=<?php echo $id; ?> " method="POST">