Пример #1
0
if (isset($_POST['Movie'])) {
    $_SESSION['movie'] = $_POST['Movie'];
}
if (isset($_POST['Day'])) {
    $_SESSION['day'] = $_POST['Day'];
}
if (isset($_POST['Time'])) {
    $_SESSION['time'] = $_POST['Time'];
}
if (isset($_POST['Seat'])) {
    $_SESSION['seat'] = $_POST['Seat'];
}
if (isset($_POST['order'])) {
    if (isset($_POST['product_id'])) {
        $product_id = $_POST['product_id'];
        addToCart($product_id);
    }
}
?>

        <nav>
            <ul>
                <li><a href="index.php">Home</a></li>
                <li><a href="movies.php">Movies</a></li>
                <li><a class="active" href="booking.php">Booking</a></li>
                <li><a href="contact-us.php">Contact Us</a></li>
            </ul>
        </nav>

        <div class="content-full-height">
            <div class="container-main">
Пример #2
0
<script>
function addToShopCart(itemID)
{
	alert(itemID);
	//alert("<?php 
addToCart(itemID);
?>
");
}
</script>

<?php 
session_start();
function connectToDB()
{
    $ini_array = parse_ini_file("credentials.ini");
    $serverName = $ini_array["servername"];
    $userName = $ini_array["username"];
    $password = $ini_array["password"];
    //echo $password;
    $con = mysqli_connect($serverName, $userName, $password, 'project');
    if (!$con) {
        die("Cannot connect: " . mysqli_connect_error());
    } else {
        //echo "Connection successful.\n\n";
    }
    return $con;
}
function closeDB($con)
{
    mysqli_close($con);
Пример #3
0
<?php

require_once 'functions.php';
$action = strip_tags($_GET["action"]);
switch ($action) {
    case "changeQuantity":
        changeQuantity($_GET['id'], $_GET['val'], $_GET['price']);
        break;
    case "addToCart":
        addToCart($_GET['id'], $_GET['price']);
        break;
    case "getCart":
        getCart();
        break;
    case "del":
        delProduct($_GET['id']);
        break;
    case "complite":
        complite();
        break;
}
<?php

require_once "../includes/LIB-project1.php";
require_once "../includes/Paginator.class.php";
require_once "../includes/Database.class.php";
//open connection
$dbObj = new Database();
//if set, add to cart and unset variable for future use
if (isset($_GET['addToCart'])) {
    addToCart($dbObj, $_GET['addToCart']);
    unset($_GET['addToCart']);
    //unset it so it'll pick up future ones
}
//null = css files
$css = array("main.css", "bootstrap.min.css");
$curr_page = "Home";
//even though the page is Admin, still considered "Account"
//git divs for sales / category
$pageHTML = getSalesCatalog($dbObj, $curr_page);
//include the template
include "../includes/HTML_template.php";
//close everything
$dbObj->closeDbh();
Пример #5
0
    $iid = $_POST['item_id'];
    $item = new Item();
    $item->populatItem($iid);
    $qtty = abs($_POST['qtty']);
    $size = $_POST['price_group'];
    switch ($size) {
        case 'S':
            $price = $item->prices;
            break;
        case 'M':
            $price = $item->pricem;
            break;
        case 'L':
            $price = $item->pricel;
    }
    addToCart($iid, $item->itemname, $qtty, $price, $item->itemCode, $remarks);
    $notice = sprintf(__('Added %s to the cart (Quantity: %s)'), $item->itemname, $qtty);
}
get_top_nav();
//Call the navigation
?>


<div id="wrap">
	<div id="widecb" >
	<div id="additemnav">
			<ul>
				<li><a href="<?php 
echo HOME . 'menu/6';
?>
" title=""><?php 
Пример #6
0
<?php

/**
 * Created by PhpStorm.
 * User: master
 * Date: 2016/7/13
 * Time: 20:47
 */
session_start();
$project = $_SESSION['project'];
$option = $_POST['option'];
$items = $_POST['items'];
//$items = json_decode($items,true);
if ($option == 'add') {
    addToCart($items, $project);
    echo "success";
} else {
    if ($option == 'remove') {
        removeFromCart($items, $project);
        //print_r($_SESSION[$project]['idList']);
        echo "success";
    } else {
        if ($option == 'show') {
            echo json_encode($_SESSION[$project]['idList']);
        } else {
            if ($option = 'removeAll') {
                removeAll($project);
                echo "success";
            }
        }
    }
Пример #7
0
<?php

session_start();
require_once '../includes/helper.php';
require_once '../includes/codemojo.php';
$gamificationService->addAchievements(getUserID(), 'reader');
addToCart($_POST['title'], $_POST['price']);
response(array("code" => 200));
Пример #8
0
<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8">
        <title></title>
    </head>
    <body>
        <?php 
require_once '../includes/session-start.req-inc.php';
require_once '../functions/cart-functions.php';
require_once '../functions/dbConn.php';
require_once '../functions/until.php';
require_once '../functions/category-functions.php';
require_once '../functions/products-functions.php';
startCart();
$allCategories = getAllCategories();
$allProducts = getAllProducts();
$categorySelected = filter_input(INPUT_GET, 'cat');
$action = filter_input(INPUT_POST, 'action');
if ($action === 'buy') {
    $productID = filter_input(INPUT_POST, 'product_id');
    addToCart($productID);
}
include_once '../includes/categories.html.php';
include_once '../includes/products.html.php';
?>
    </body>
</html>
Пример #9
0
/**
 * Функция которая возвращает массив информации
 * о просматриваемой страничка с типом $type
 * и $id
 * @param null $type
 * @param null $id
 * @return array
 */
function getContent($type = null, $id = null)
{
    /*Если параметры null, то выводим страничку по умолчанию*/
    if ($type == null) {
        $type = DEFAULT_PAGE;
    }
    if (isset($_POST['new_submit']) && $_POST['new_submit']) {
        $type = NEW_SUBMIT_TYPE;
    }
    $loginStatus = LOGIN_ALREADY;
    if (isset($_GET['unlogin']) && $_GET['unlogin']) {
        unlogin();
        $loginStatus = LOGIN_EXIT;
    }
    if ($_POST['submit']) {
        $loginStatus = login($_POST['login'], $_POST['password']);
    }
    /*Инициализируем информацию в зависимости от типа */
    $array = array();
    switch ($type) {
        /*Если тип страницы - текстовая*/
        case TEXT_TYPE:
            /*Если id не инициализирован выводим главную.
            		Иначе страницу с id*/
            if ($id == null) {
                $id = MAIN_PAGE_TEXT_ID;
            }
            /*Получаем текст из базы*/
            $page = getTextContent($id);
            $array['content'] = $page['text'];
            break;
        case CATALOG_TYPE:
            /*Если id не инициаизирован */
            if (!($id > 0)) {
                /*Выбираем первый попавшийся театр*/
                $sql = "SELECT id from theatures LIMIT 1";
                $res = mysql_query($sql);
                $row = mysql_fetch_array($res);
                $id = $row['id'];
            }
            /*Получаем спектали из базы*/
            $items = getCatalogItems($id);
            //$parent_item = get;
            /*Вставляем их в ш для красивого вывода*/
            $array['content'] = (include 'templates/content/item/items.php');
            break;
        case ITEM_TYPE:
            $item = getItem($id);
            $array['content'] = (include 'templates/content/item/item_big.php');
            break;
        case NEW_REG_TYPE:
            $array['content'] = (include 'templates/content/login/newreg.php');
            break;
        case NEW_SUBMIT_TYPE:
            //Если пароли совпадают
            if ($_POST['new_password1'] == $_POST['new_password2']) {
                if (addNewUser($_POST['new_login'], $_POST['new_password2'])) {
                    $array['content'] = 'Поздравляем вы зарегистерированы';
                } else {
                    $array['content'] = 'Такой пользователь уже есть';
                }
            } else {
                $array['content'] = 'Пароли не совпадают';
            }
            break;
        case ADD_CART_TYPE:
            addToCart($id);
            $cartItems = getCartItems();
            $sum = calculateCart();
            $array['content'] = (include 'templates/content/cart/cart.php');
            break;
        case CART_TYPE:
            $cartItems = getCartItems();
            $sum = calculateCart();
            $array['content'] = (include 'templates/content/cart/cart.php');
            break;
            /*Удаляем одну штуку*/
        /*Удаляем одну штуку*/
        case REMOVE_CART_TYPE:
            $cartItems = getCartItems();
            $sum = calculateCart();
            removeFromCart($id);
            $array['content'] = (include 'templates/content/cart/cart.php');
            break;
            /*Удаляем весь товар*/
        /*Удаляем весь товар*/
        case REMOVE_ITEM_CART_TYPE:
            $cartItems = getCartItems();
            $sum = calculateCart();
            removeFromCart($id, CART_REMOVE_ALL);
            $array['content'] = (include 'templates/content/cart/cart.php');
            break;
        case CLEAR_CART_TYPE:
            $cartItems = getCartItems();
            $sum = calculateCart();
            clearCart();
            $array['content'] = (include 'templates/content/cart/cart.php');
            break;
    }
    $user = getCurrentUser();
    $array['theatures'] = getCatalogCategories();
    $items = getCatalogCategories();
    $array['leftPanel'] = (include 'templates/content/catalog/catalogCategories.php');
    $array['rightPanel'] = (include 'templates/content/login/login.php');
    $array['banner_word'] = 'Театры';
    $array['title'] = 'Сайт';
    return $array;
}
Пример #10
0
        echo $category['name'];
        ?>
</a>
                    </li>

                <?php 
    }
    ?>
            </ul>
        </div>

        <?php 
    if (isset($_POST['cart'])) {
        loginTime();
        $qty = $_POST['qty'];
        addToCart($_SESSION['customerId'], $product->entity_id, $qty);
    }
    ?>
        <?php 
    if ($product) {
    }
    ?>

        <span><?php 
    echo $product->name;
    ?>
</span>
        <span><?php 
    echo $product->price;
    ?>
</span>
Пример #11
0
include "cart.php";
if (isset($_SESSION['cart'])) {
    $cartSum = 0;
    $cartCount = 0;
    foreach ($_SESSION['cart'] as $itemId => $count) {
        $itemSql = getItem($itemId)[0];
        $cartSum += $itemSql['price'] * $count;
        $cartCount += $count;
    }
} else {
    $cartSum = 0;
    $cartCount = 0;
}
switch ($type) {
    case 4:
        addToCart($id);
        break;
    case 5:
        freeCart();
        header("location: http://" . $_SERVER['HTTP_HOST']);
        break;
    case 6:
        include "cart_out_mail.php";
        include "sendmail.php";
        sendMail('*****@*****.**', $cartOut, 'Информация по заказку');
        freeCart();
        freeCart();
        break;
    case 7:
        deleteOneFromCart($id);
        header("location: http://" . $_SERVER['HTTP_HOST'] . "?type=4");
Пример #12
0
             oci_bind_by_name($s, ':pid_prefix', $plook);
             oci_execute($s);
             //fetch a single row depending on product id
             $res = oci_fetch_assoc($s);
             echo "Product name: ", $res['PRODUCTNAME'], " Price: ", $res['PRODUCTPRICE'];
             echo '<a href="cart.php?del=' . $i . '"> Remove item</a><br>';
         }
     }
     if ($cartLen > 0) {
         echo '<a href="checkout.php">Proceed to checkout</a><br>';
     }
 }
 //if item has been added
 if (isset($_GET['add'])) {
     $pID = $_GET['add'];
     addToCart($pID);
     dispCart();
 }
 //if item has been deleted
 if (isset($_GET['del'])) {
     $val = $_GET['del'];
     unset($_SESSION['cart'][$val]);
     //keep array indexes intact
     $_SESSION['cart'] = array_values($_SESSION['cart']);
 }
 if (!isset($_GET['add'])) {
     dispCart();
 }
 //
 echo '<a href="main.php">Keep shopping</a><br>';
 //echo "<br>$cartLen";
Пример #13
0
<?php

include 'modules.php';
if (!isset($_COOKIE['uid'])) {
    header('Location: index');
}
$pid = $_GET["pid"];
$type = findType($pid);
$uid = $_COOKIE['uid'];
if (isset($_POST['addToWishButton'])) {
    //echo $_COOKIE['uid'];
    addToWish($pid, $uid);
    //exit();
} else {
    if (isset($_POST['addToCartButton'])) {
        addToCart($pid, $uid, $_POST['quantity'], $_POST['filter']);
        //exit();
    }
}
?>
<!DOCTYPE html>
<html>
<head>
	<meta charset="ISO-8859-1">
	<title>Product Page</title>
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<link rel="stylesheet"
	href="http://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css">
	<script
	src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
	<script
Пример #14
0
function addToCart($item_id)
{
    global $test;
    $user = getUserIdByUserName($_SESSION['user']);
    $query = "INSERT into shopping_cart(quantity, item_id, user_id) VALUES(1," . $item_id . "," . $user['user_id'] . ")";
    $statement = $test->prepare($query);
    $statement->execute();
    if ($statement->rowCount()) {
        $_SESSION['cart_msg'] = "item was successfully added";
    } else {
        $_SESSION['cart_msg'] = "Item wasn't added. See your database administrator";
    }
    $statement->closeCursor();
}
function getUserIdByUserName($username)
{
    global $test;
    $query = "SELECT user_id FROM user_name WHERE user_name ='{$username}'";
    $statement = $test->prepare($query);
    $statement->execute();
    $user = $statement->fetch();
    $statement->closeCursor();
    return $user;
}
/*above are shopping-cart functions */
if ($doubles == TRUE) {
    $_SESSION['cart_msg'] = "this item is already in your wish list cart";
} else {
    addToCart($_GET['item']);
}
header("Location: whybuy.php");
Пример #15
0
<?php 
$mini1 = mysql_connect("localhost", "blognadine", "111111") or die(mysql_error());
mysql_select_db("mini1", $mini1);
$sql = "SELECT * FROM items";
$items = mysql_query($sql, $mini1);
//$_SESSION['cart'] = array('name' => array(),'price' => array(),'itemID' => array(),'stock' => array());
while ($row = mysql_fetch_array($items)) {
    echo "<br>" . "<br>";
    addToCart($row['name'], $row['price'], $row['itemID'], $row['stock']);
}
$count = 0;
foreach ($_SESSION['cart'] as $attribute => $values) {
    echo '<h1>' . $attribute . '</h1>';
    echo '<ul>';
    foreach ($values as $shit) {
        echo '<li>' . $shit . '</li>';
    }
    echo '</ul>';
}
?>


<?php 
function addToCart($name, $price, $itemID, $stock)
{
    if (isset($_SESSION['cart'])) {
        array_push($_SESSION['cart']['name'], $name);
        array_push($_SESSION['cart']['price'], $price);
        array_push($_SESSION['cart']['itemID'], $itemID);
        array_push($_SESSION['cart']['stock'], $stock);
Пример #16
0
<?php

include 'config.php';
if (isset($_POST['action'])) {
    if ($_POST['action'] == "addToCart") {
        addToCart($_POST["id"], $_POST["qty"]);
    } else {
        if ($_POST['action'] == "checkout") {
            checkout();
        }
    }
}
function credentialCheck($u, $q)
{
    $con = connect();
    //    $query="select * from userData";
    //
    //    $result = $con->query($query);
    //
    //    echo mysqli_num_rows($result);
    //
    //    $row = mysqli_fetch_row($result);
    if ($stmt = $con->prepare("select id,FirstName from userData where userName=? and Personal_ans=?")) {
        $stmt->bind_param("ss", $u, $q);
        $stmt->execute();
        $stmt->store_result();
        $stmt->bind_result($id, $fname);
        $stmt->fetch();
        if ($stmt->num_rows > 0) {
            setcookie("ccookie", encrypt_decrypt('encrypt', $id), time() + 86400 * 30, "/", null, null, true);
            return false;
Пример #17
0
<!DOCTYPE>
<?php 
include "functions/functions.php";
session_start();
$username = "******";
$password = "";
$database = "eshop";
$response = "empty";
mysql_connect(localhost, $username, $password);
@mysql_select_db($database) or die("Unable to select database");
if (isset($_GET['product'])) {
    addToCart($_GET['product']);
}
if (isset($_GET['logOut'])) {
    session_destroy();
    header('location: test.php');
}
/*if(isset($_POST['signin'])) {
    $response="entered";
    $email = htmlentities($_POST['email']);
    $password = htmlentities($_POST['user_pass']);
    $correct_passwrod = checkUser($email);
    if (is_null($correct_passwrod)){
      echo "user does not exist";
      $response="user does not exist";
    }
    else {
      if ($correct_passwrod == $password) {
        $_SESSION['user'] = getId($email); 
        echo 'okaaaaaaaay';
        $response="okaaaaaaaay";
Пример #18
0
    $mode = 'Books';
}
// casting? to int
$page = intval($page);
$browseNode = intval($browseNode);
// wtf??? no reference for safeString function
$search = safeString($search);
if (!isset($_SESSION['cart'])) {
    session_register('cart');
    $_SESSION['cart'] = [];
}
// instead of three if statements I used switch
// more convenient way
switch ($action) {
    case 'addtocart':
        addToCart($_SESSION['cart'], $ASIN, $mode);
        break;
    case 'deletefromcart':
        deleteFromCart($_SESSION['cart'], $ASIN);
        break;
    case 'emptycart':
        $_SESSION['cart'] = [];
        break;
}
// Page is generating here
// caption generation
require_once 'topbar.php';
// Main part
// or body of the page depends of action which come
// from probably GET or POST
// category list will be shown in most cases
    $mode = 'books';
}
$page = intval($page);
// pages and browseNodes must be integers
$browseNode = intval($browseNode);
// it may cause some confusion, but we are stripping characters out from
// $search it seems only fair to modify it now so it will be displayed
// in the heading
$search = safeString($search);
if (!isset($HTTP_SESSION_VARS['cart'])) {
    session_register('cart');
    $HTTP_SESSION_VARS['cart'] = array();
}
// tasks that need to be done before the top bar is shown
if ($action == 'addtocart') {
    addToCart($HTTP_SESSION_VARS['cart'], $ASIN, $mode);
}
if ($action == 'deletefromcart') {
    deleteFromCart($HTTP_SESSION_VARS['cart'], $ASIN);
}
if ($action == 'emptycart') {
    $HTTP_SESSION_VARS['cart'] = array();
}
// show top bar
require_once 'topbar.php';
// main event loop.  Reacts to user action on the calling page
switch ($action) {
    case 'detail':
        showCategories($mode);
        showDetail($ASIN, $mode);
        break;
Пример #20
0
<?php

session_start();
require_once $_SERVER['DOCUMENT_ROOT'] . '/Config/db.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/Actions/users.php';
require_once $_SERVER['DOCUMENT_ROOT'] . '/Actions/cart.php';
$user = getUser();
$act = $_GET['act'];
switch ($act) {
    case "selectcustomer":
        selectCustomer();
        break;
    case "addtocart":
        addToCart();
        break;
    case "confirmorder":
        confirmOrder();
        break;
}
function selectCustomer()
{
    global $user;
    $managerID = getManagerID($user['id']);
    $query = mysql_query("SELECT COUNT(id) FROM agent_orders WHERE manager_id = '" . $managerID . "' AND status = 0");
    $res = mysql_fetch_array($query);
    if ($res[0] == 0) {
        mysql_query("INSERT INTO agent_orders (manager_id, customer_id, status) VALUES ('" . $managerID . "', '" . $_POST['customerID'] . "', 0)");
    } else {
        $query = mysql_query("SELECT id, customer_id FROM agent_orders WHERE manager_id = '" . $managerID . "' AND status = 0");
        $res = mysql_fetch_array($query);
        $orderID = $res['id'];
Пример #21
0
<?php

//ajax call base rest call handler
session_start();
include '../API/curl_api.php';
include '../../config/config.php';
$cart_action = htmlspecialchars($_POST["cart_action"]);
$token = preg_replace('/\\s+/', '', $_SESSION['authtoken']);
switch ($cart_action) {
    case "addTocart":
        $pet_id = htmlspecialchars($_POST["pet_id"]);
        $pet_price = htmlspecialchars($_POST["pet_price"]);
        $pet_image = htmlspecialchars($_POST["pet_image"]);
        addToCart($pet_id, $pet_price, $pet_image);
        break;
    case "removeFromcart":
        $pet_id = htmlspecialchars($_POST["pet_id"]);
        $cart = $_SESSION['cart'];
        removeFromCart($pet_id, $cart);
        break;
    case "placeOrder":
        $url = 'http://' . TRANSACTION_SERVICE . ':' . TRANSACTION_SERVICE_PORT . '/transaction/';
        $cart = $_SESSION['cart'];
        $cart_ids = array();
        foreach ($cart as $json) {
            array_push($cart_ids, $json['id']);
        }
        $card_number = htmlspecialchars($_POST["card_number"]);
        $card_holder_name = htmlspecialchars($_POST["card_holder_name"]);
        $card_cvc = htmlspecialchars($_POST["card_cvc"]);
        $cart_total = $_SESSION['carttotal'];
Пример #22
0
    $seats = array();
    $seats['SA'] = $_POST['SA'];
    $seats['SP'] = $_POST['SP'];
    $seats['SC'] = $_POST['SC'];
    $seats['FA'] = $_POST['FA'];
    $seats['FC'] = $_POST['FC'];
    $seats['B1'] = $_POST['B1'];
    $seats['B2'] = $_POST['B2'];
    $seats['B3'] = $_POST['B3'];
    $price = calculatePrice($seats, $date);
    foreach ($seats as $k => $v) {
        if ($v == 0) {
            unset($seats[$k]);
        }
    }
    addToCart($movie, $date, $price, $sessiontime, $seats);
}
if (isset($_POST['firstname'])) {
    checkOut($_POST['firstname'], $_POST['lastname'], $_POST['phone'], $_POST['emailaddress']);
    unset($_POST['firstname']);
}
function addToCart($movie, $date, $price, $sessiontime, $seats)
{
    $_SESSION['cart'][$movie]['date'] = $date;
    $_SESSION['cart'][$movie]['sessiontime'] = $sessiontime;
    $_SESSION['cart'][$movie]['price'] = $price;
    $_SESSION['cart'][$movie]['seats'] = $seats;
}
function removeFromCart($movie)
{
    unset($_SESSION['cart'][$movie]);
Пример #23
0
     $cartTotal = $_SESSION['cart'][0]['total'];
     $cartTotal = number_format($cartTotal, 2, '.', '');
     echo "<br>Your cart total is \${$cartTotal}<br>";
     if ($cartLen > 0) {
         echo '<a href="payment_page.php">Proceed to checkout</a><br>';
     }
 }
 //if item has been added
 if (isset($_GET['add'])) {
     /* *** A2 - Cross-Site Scripting. Using reg ex and sanitize functions to remove unwanted get requests. Add value must be a digit with a length of either 3 or 4. 
      * *** A4 - Insecure Direct Object Reference. Validating input using reg ex(numbers only) avoids the use of malicious character sequences.
      */
     if (preg_match('/(^[0-9]{3,4}$)/', $_GET['add'])) {
         $pID = filter_input(INPUT_GET, 'add', FILTER_SANITIZE_SPECIAL_CHARS);
         $pID = strip_tags($pID);
         addToCart($pID, 1);
         dispCart();
     } else {
         //Only allow 'add' request made up of 3 or 4 digits
         die('WARNING: Invalid value entry.<br><a href="main.php">Keep shopping</a>');
     }
 }
 //if item has been deleted
 if (isset($_GET['del'])) {
     /* *** A2 - Cross-Site Scripting. Using reg ex and sanitize functions to remove unwanted delete item requests. 'del' value must be a digit with a length of either 1 or 2.
      * *** A4 - Insecure Direct Object Reference. Validating input using reg ex(numbers only) avoids the use of malicious character sequences.
      */
     if (preg_match('/(^[0-9]{1,2}$)/', $_GET['del'])) {
         $val = filter_input(INPUT_GET, 'del', FILTER_SANITIZE_SPECIAL_CHARS);
         $val = strip_tags($val);
         unset($_SESSION['cart'][$val]);