<?php session_start(); require 'php_helper/opendb.php'; require 'php_helper/function.php'; $useremail = $_SESSION['user_email']; $movieName = getMovieNameArray($useremail); $movieTime = getMovieTimeArray($useremail); $quantity = getTicketQtyArray($useremail); $reservationID = getReservationIDArray($useremail); $error_array = array(); if (isset($_POST['submit'])) { for ($i = 0; $i < count($movieName); $i++) { $quant = (int) $_POST['quantity' . $i]; $ticketsLeft = 20 - getTotalOrderedTickets($movieTime[$i], $movieName[$i]) + $quantity[$i]; if ($quant <= $ticketsLeft) { if ($quant === 0) { $sql = "DELETE FROM `akcopema`.`reservation`\n WHERE RESERVATION_ID='{$reservationID[$i]}';"; } else { $sql = "UPDATE `akcopema`.`reservation`\n SET `RESERVATION_TICKETNUM` = '{$quant}'\n WHERE `RESERVATION_ID` = '{$reservationID[$i]}'"; } $movieName = getMovieNameArray($useremail); $movieTime = getMovieTimeArray($useremail); $quantity = getTicketQtyArray($useremail); $reservationID = getReservationIDArray($useremail); header("editReservation.php"); } else { $error_string = "Update on {$movieName[$i]} at {$movieTime[$i]} has failed. Number of tickets requested is greater than amount available ({$ticketsLeft}).<br/>\n"; array_push($error_array, $error_string); } $sql = NULL;
<?php session_start(); include "php_helper/function.php"; $movieInfo = getMovieInformation($_GET['name']); $orderedTickets = getTotalOrderedTickets($_GET['id'], $_GET['name']); $ticketsRemaining = 20 - $orderedTickets; //Retrieve varaibles from url $movieTime = $_GET['id']; $movieName = $_GET['name']; $email = $_SESSION['user_email']; if (isset($_POST['selectTickets'])) { require 'php_helper/opendb.php'; $sql = "SELECT showtime.showtime_id\n FROM akcopema.showtime \n JOIN movie_times ON showtime.showtime_id = movie_times.showtime_id\n JOIN movie on movie_times.movie_id = movie.MOVIE_ID\n WHERE TIME_START = '{$movieTime}'\n AND movie.MOVIE_NAME = '{$movieInfo['1']}'"; $result = mysqli_query($conn, $sql) or die(mysql_error()); $row = mysqli_fetch_array($result, MYSQLI_BOTH); $showtime_id = $row[0]; $dateFmt = date('o') . '-' . date('m') . '-' . date('d'); $ticket_number = $_POST['selectTickets']; $sql2 = "INSERT INTO `akcopema`.`reservation`(`USER_EMAIL`,`SHOWTIME_ID`,`RESERVATION_TICKETNUM`,`RESERVATION_CREATION`,`RESERVATION_DATE`)\n VALUES('{$email}','{$showtime_id}','{$ticket_number}','{$dateFmt}','{$dateFmt}');"; if (mysqli_query($conn, $sql2)) { header("location: confirmation.php?name=" . $_GET['name'] . "&id=" . $_GET['id']); } else { echo "Error: " . $sql . "<br>" . mysqli_error($conn); } } ?> <!DOCTYPE html> <html lang="en">