//for usercake
if (!securePage(htmlspecialchars($_SERVER['PHP_SELF']))) {
die;
}
require_once 'models/Gear.php';
require_once 'models/funcs.php';
$types = getGearTypes();
//define variables and set to empty values
$type = "";
//process each variable
if ($_SERVER["REQUEST_METHOD"] == "POST") {
//NEW GEAR TYPE
if (!empty($_POST['type'])) {
$type = test_input($_POST['type']);
if (!in_array($type, $types)) {
newGearType($type);
$successes[] = "New gear type, " . $type . ", added";
} else {
$errors[] = "Gear type cannot be added. It already exists";
}
} elseif (!empty($_POST['deleteTypes'])) {
foreach ($_POST['deleteTypes'] as $deleteType) {
deleteGearType($deleteType);
}
$successes[] = "Gear types removed";
} elseif (!empty($_POST['rename'])) {
$type = test_input($_POST['rename']);
if (empty($_POST['newName'])) {
$errors[] = "Cannot rename. No new name provided";
} else {
$newName = test_input($_POST['newName']);
$successes[] = "Renamed gear item to {$name}";
}
//------------------------ qty changes ------------------------
if (!empty($qty)) {
//user changed qty
if (is_numeric($qty)) {
$gearObject->setQty($qty);
$successes[] = "Updated gear qty to {$qty}";
} else {
$errors[] = "Could not set quantity to non-numeric value";
}
}
//------------------------ gear type changes ------------------------
//user provided a new category that doesn't exist already
if (!empty($newType)) {
$type = newGearType($newType);
$successes[] = "Created new gear type, {$newType}";
}
//different type chosen. Just change types
if ($type != $gearObject->getType()) {
$gearObject->setType($type);
$successes[] = "Updated gear type";
}
//------------------------ disable state (always submits) ------------------------
if ($gearObject->isDisabled() && !$newIsDisabled) {
$gearObject->setIsDisabled($newIsDisabled);
$successes[] = "Gear enabled for checkouts";
} else {
if (!$gearObject->isDisabled() && $newIsDisabled) {
$gearObject->setIsDisabled($newIsDisabled);
$successes[] = "Gear disabled for checkouts";
$qty = 1;
//default qty
} else {
$qty = test_input($_POST['qty']);
if (!is_numeric($qty) || $qty < 1) {
$errors[] = "Quantity must be a number larger than 0";
}
}
// check if Category only contains letters and whitespace
if (!empty($_POST['newCategory'])) {
//user provided a new category
$newCategory = test_input($_POST['newCategory']);
if (!preg_match("/^[a-zA-Z ]*\$/", $newCategory)) {
$errors[] = "Category name can only contain letters, numbers, and spaces";
} else {
$category = newGearType($newCategory);
}
//create category in DB
} else {
//new category empty. Use previous category
$category = test_input($_POST['category']);
}
if (!empty($_POST['notes'])) {
$notes = test_input($_POST['notes']);
}
if (empty($errors)) {
$gearObject = new Gear();
$gearObject->setName($name);
$gearObject->setType($category);
$gearObject->setQty($qty);
$gearObject->setIsDisabled(false);
