//for usercake if (!securePage(htmlspecialchars($_SERVER['PHP_SELF']))) { die; } require_once 'models/Gear.php'; require_once 'models/funcs.php'; $types = getGearTypes(); //define variables and set to empty values $type = ""; //process each variable if ($_SERVER["REQUEST_METHOD"] == "POST") { //NEW GEAR TYPE if (!empty($_POST['type'])) { $type = test_input($_POST['type']); if (!in_array($type, $types)) { newGearType($type); $successes[] = "New gear type, " . $type . ", added"; } else { $errors[] = "Gear type cannot be added. It already exists"; } } elseif (!empty($_POST['deleteTypes'])) { foreach ($_POST['deleteTypes'] as $deleteType) { deleteGearType($deleteType); } $successes[] = "Gear types removed"; } elseif (!empty($_POST['rename'])) { $type = test_input($_POST['rename']); if (empty($_POST['newName'])) { $errors[] = "Cannot rename. No new name provided"; } else { $newName = test_input($_POST['newName']);
$successes[] = "Renamed gear item to {$name}"; } //------------------------ qty changes ------------------------ if (!empty($qty)) { //user changed qty if (is_numeric($qty)) { $gearObject->setQty($qty); $successes[] = "Updated gear qty to {$qty}"; } else { $errors[] = "Could not set quantity to non-numeric value"; } } //------------------------ gear type changes ------------------------ //user provided a new category that doesn't exist already if (!empty($newType)) { $type = newGearType($newType); $successes[] = "Created new gear type, {$newType}"; } //different type chosen. Just change types if ($type != $gearObject->getType()) { $gearObject->setType($type); $successes[] = "Updated gear type"; } //------------------------ disable state (always submits) ------------------------ if ($gearObject->isDisabled() && !$newIsDisabled) { $gearObject->setIsDisabled($newIsDisabled); $successes[] = "Gear enabled for checkouts"; } else { if (!$gearObject->isDisabled() && $newIsDisabled) { $gearObject->setIsDisabled($newIsDisabled); $successes[] = "Gear disabled for checkouts";
$qty = 1; //default qty } else { $qty = test_input($_POST['qty']); if (!is_numeric($qty) || $qty < 1) { $errors[] = "Quantity must be a number larger than 0"; } } // check if Category only contains letters and whitespace if (!empty($_POST['newCategory'])) { //user provided a new category $newCategory = test_input($_POST['newCategory']); if (!preg_match("/^[a-zA-Z ]*\$/", $newCategory)) { $errors[] = "Category name can only contain letters, numbers, and spaces"; } else { $category = newGearType($newCategory); } //create category in DB } else { //new category empty. Use previous category $category = test_input($_POST['category']); } if (!empty($_POST['notes'])) { $notes = test_input($_POST['notes']); } if (empty($errors)) { $gearObject = new Gear(); $gearObject->setName($name); $gearObject->setType($category); $gearObject->setQty($qty); $gearObject->setIsDisabled(false);