<?php
include '../common.inc.php';
if (!isset($_SESSION)) {
session_start();
}
//If a user is not logged in, kick them out of this page
if (!is_logged_in()) {
header('Location: index.php', 501);
}
//Check the request type
if (isset($_POST['submit'])) {
//Form is being submitted
$errors = array();
$messages = array();
//genre, score, title, date, movie_id
update_movie($_POST['movie_id'], $_POST['genre'], $_POST['score'], $_POST['title'], $_POST['date'], $_POST['movie_id']);
header("Location: movies.php");
} else {
//Pull the values from the database
if (isset($_GET['movie_id'])) {
echo $twig->render('edit_movie.html.twig', array('is_logged_in' => is_logged_in(), 'user' => get_user_from_session(), 'genre_ids' => get_movie_genres(), 'movie' => get_movie_by_id($_GET['movie_id'])));
} else {
header("Location: index.php?error=invalid_movie_id");
}
}
/**
* Main function of the application
*
* This will retrieve movie data from the database based on user specified filters.
*
* The actual query looks like this:
*
* SELECT movie_data.id, title, release_date, score, imdb_id, GROUP_CONCAT(genres.genre) AS genre_id FROM `movie_data`
* JOIN movie_genres ON movie_data.id = movie_genres.movie_id
* JOIN genres ON genres.id = movie_genres.genre_id
* WHERE filters
* GROUP BY movie_data.id ORDER BY `title` LIMIT 30 OFFSET 0
*
*
* @param $params
* @param $resultsPerPage
* @param $page
* @return array
*/
function get_movies($params, $resultsPerPage, $page)
{
$pdo = get_PDO();
$sql = "SELECT movie_data.id, title, release_date, score, imdb_id, GROUP_CONCAT(genres.genre) AS genre_id FROM `movie_data`";
$sql .= " JOIN movie_genres ON movie_data.id = movie_genres.movie_id JOIN genres ON genres.id = movie_genres.genre_id";
if (!empty($params)) {
$sql .= " WHERE ";
$paramLength = sizeof($params);
$paramCount = 0;
}
if (isset($params['genre_id'])) {
$paramCount++;
$sql .= sprintf("%s=%s", 'genres.id', intval($params['genre_id']));
if ($paramCount < $paramLength) {
$sql .= " AND ";
}
}
if (isset($params['title'])) {
$paramCount++;
$sql .= sprintf("%s='%s'", 'movie_data.title', $params['title']);
if ($paramCount < $paramLength) {
$sql .= " AND ";
}
}
if (isset($params['releasedFrom']) && isset($params['releasedTo'])) {
$sql .= sprintf("%s BETWEEN '%s' AND '%s'", 'movie_data.release_date', $params['releasedFrom'], $params['releasedTo']);
}
$sql .= " GROUP BY movie_data.id ORDER BY `title`";
$countQuery = $pdo->query($sql);
$sql .= " LIMIT :limit OFFSET :offset";
$query = $pdo->prepare($sql);
$offset = $page * $resultsPerPage;
$query->bindParam(':limit', $resultsPerPage, PDO::PARAM_INT);
$query->bindParam(':offset', $offset, PDO::PARAM_INT);
$query->execute();
return array('results' => $query->fetchAll(), 'result_count' => $countQuery->rowCount(), 'genres' => get_movie_genres(), 'current_page' => $page, 'pages' => ceil($countQuery->rowCount() / $resultsPerPage), 'results_per_page' => $resultsPerPage, 'params' => $params);
}
<?php
include '../common.inc.php';
ini_set("file_uploads", "On");
if (!isset($_SESSION)) {
session_start();
}
//If a user is not logged in, kick them out of this page
if (!is_logged_in()) {
header('Location: index.php', 501);
}
//Check the request type
if (isset($_POST['submit'])) {
//Grab the values from the request, validate and save to DB then redirect to movies page
if (isset($_POST['genre']) && isset($_POST['title']) && isset($_POST['date']) && isset($_POST['score']) && isset($_POST['imdb_id']) && isset($_FILES['poster'])) {
$operation = add_movie($_POST['genre'], $_POST['title'], $_POST['date'], $_POST['score'], $_POST['imdb_id'], $_FILES['poster']);
}
}
echo $twig->render('add_movie.html.twig', array('is_logged_in' => is_logged_in(), 'user' => get_user_from_session(), 'genre_ids' => get_movie_genres()));