$username = USER;
// Mysql username
$password = PASSWORD;
// Mysql password
$db_name = DATABASE;
// Database name
$tbl_name = "books";
// Table name
$sqli = mysqli_connect("{$host}", "{$username}", "{$password}", "{$db_name}") or die('Could not connect: ' . mysqli_connect_error());
$isbn = '0451458737';
$userid = $_SESSION['userid'];
if (isset($_POST['wishlist'])) {
addToList($_SESSION['userid'], $isbn, $link);
}
if (isset($_POST['review'])) {
addReview($_SESSION['userid'], $isbn, $_POST['review'], $link);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="">
<meta name="author" content="">
<title>Alexandria Bookstore </title>
<link rel="stylesheet" href="css/bootstrap.css" type="text/css">
<link rel="stylesheet" href="css/homepage.css">
<link rel="stylesheet" href="css/star.css">
}
if (empty($_POST["rating"])) {
$rating_error = "See väli on kohustuslik";
} else {
// puhastame muutuja võimalikest üleliigsetest sümbolitest
$rating = cleanInput($_POST["rating"]);
}
if (empty($_POST["comment"])) {
$comment_error = "See väli on kohustuslik";
} else {
$comment = cleanInput($_POST["comment"]);
}
if ($picture_error == "" && $rating_error == "" && $comment_error == "") {
// kasutaja loomise funktsioon, failist functions.php
// saadame kaasa muutujad
$message = addReview($picture, $rating, $comment);
if ($message != "") {
// õnnestus, teeme inputi väljad tühjaks
$picture = "";
$rating = "";
$comment = "";
echo $message;
}
}
}
// kasutaja tahab välja logida
if (isset($_GET["logout"])) {
// aadressireal on olemas muutuja logout
//kustutame kõik sessoni muutujad ja peatame sessiooni
session_destroy();
header("Location: login.php");
include 'view/signUp.php';
exit;
}
} else {
$exists = verifyUser($_POST['form-username'], $_POST['form-password']);
if ($exists) {
$reviews = getReviewInfo($_SESSION['logged_in_user']);
$userProfile = getProfileInfo($_SESSION['logged_in_user']);
include 'view/profile.php';
exit;
} else {
$_SESSION['message'] = 'Invalid Credentials';
include 'view/signUp.php';
exit;
}
}
exit;
case 'profile':
if (isset($_SESSION['logged_in_user'])) {
$reviews = getReviewInfo($_SESSION['logged_in_user']);
$userProfile = getProfileInfo($_SESSION['logged_in_user']);
include 'view/profile.php';
exit;
} else {
header('Location: ?action=home');
exit;
}
case 'addReview':
$reviewAdded = addReview($_POST['complex_id'], $_POST['review'], $_SESSION['logged_in_user']);
header('Location: ?action=complexReview&id=' . $_POST['complex_id']);
}
$rating_error = "See väli on kohustuslik";
} else {
//kõik korras, test_input eemaldab pahatahtlikud osad
$rating = test_input($_POST["rating"]);
}
if (empty($_POST["comment"])) {
$comment_error = "See väli on kohustuslik";
} else {
//kõik korras, test_input eemaldab pahatahtlikud osad
$comment = test_input($_POST["comment"]);
}
//kõik on kohustuslikud
if ($medicine_error == "" && $rating_error == "" && $comment_error == "") {
//salvestate ab'i fn kaudu addReview
//message funktsioonist
$message = addReview($medicine, $rating, $comment);
if ($message != "") {
//õnnestus, teeme inputi väljad tühjaks
$medicine = "";
$rating = "";
$comment = "";
echo $message;
}
}
}
if (isset($_GET["logout"])) {
//sessiooni peatus
session_destroy();
header("Location: login.php");
}
function test_input($data)
}
if ($strReview == "" && $fltRating == "") {
return -1;
}
dbn("INSERT INTO locationreview (LocationId, UserId, DateTime, ReviewText, ReviewRating) VALUES ('" . $intLocationId . "', '" . $intUserId . "', '" . Time() . "', '" . $strReview . "', '" . $fltRating . "')");
if ($fltRating > 0.0) {
db("SELECT AVG(ReviewRating) as Average FROM locationreview WHERE LocationId = '" . $intLocationId . "' AND ReviewRating > 0.0");
$avg = dbr();
if ($avg['Average'] != null) {
dbn("UPDATE locations SET LocationRatings = '" . $avg['Average'] . "', LocationUseRatings = '1' WHERE LocationId = '" . $intLocationId . "'");
}
}
return 1;
}
header('');
$intLocationId = isset($_REQUEST['ld']) ? db_escape($_REQUEST['ld']) : "";
$intUserId = isset($_REQUEST['ud']) ? db_escape($_REQUEST['ud']) : "";
$strReview = isset($_REQUEST['rt']) ? db_escape($_REQUEST['rt']) : "";
$fltRating = isset($_REQUEST['rr']) ? db_escape($_REQUEST['rr']) : 3.0;
$action = db_escape($_REQUEST['a']);
switch ($action) {
case "addReview":
$addResult = addReview();
$outputArray = array("success" => true, "result" => $addResult);
echo json_encode($outputArray);
break;
default:
$outputArray = array("success" => false, "result" => -999);
echo json_encode($outputArray);
break;
}
$comments = $_POST['comments'];
if (empty($comments)) {
echo "<p class='center'>Your comments cannot be empty.</p>";
return false;
}
$query = "INSERT INTO comments" . " (order_id, isbn, rating, content) VALUES" . " ({$order_id}, '{$isbn}', {$rating}, '{$comments}');";
$result = mysql_query($query, $connection);
if (!$result) {
echo "<p class='center'>Failed to submit review for this book.</p>";
return false;
}
echo "\n <p class='center'>\n Congratulations! Your review for this book is submitted successfully.\n </p>\n <p class='center'>\n Thank you for sharing!\n </p>";
return true;
}
function addReview()
{
if (empty($_GET['isbn'])) {
echo "<p class='center'>No book is specified.</p>";
return;
}
$isbn = $_GET['isbn'];
$connection = connect();
$topic = showBookDetails($connection, $isbn);
mysql_close($connection);
}
showHeader('Add Customer Review');
addReview();
showFooter();
?>
$exam_error = "See väli on kohustuslik";
} else {
$exam = test_input($_POST["exam"]);
}
if (empty($_POST["grade"])) {
$grade_error = "See väli on kohustuslik";
} else {
$grade = test_input($_POST["grade"]);
}
if (empty($_POST["mistakes"])) {
$mistakes_error = "See väli on kohustuslik";
} else {
$mistakes = test_input($_POST["mistakes"]);
}
if ($exam_error == "" && $grade_error == "" && $mistakes_error == "") {
$message = addReview($exam, $grade, $mistakes);
if ($message != "") {
$exam = "";
$grade = "";
$mistakes = "";
echo $message;
}
}
}
if (isset($_GET["logout"])) {
session_destroy();
header("Location: login.php");
}
function test_input($data)
{
$data = trim($data);
}
if (empty($_POST["feedback"])) {
$feedback_error = "See väli on kohustuslik";
} else {
$feedback = cleanInput($_POST["feedback"]);
}
if (empty($_POST["grade"])) {
$grade_error = "See väli on kohustuslik";
} else {
$grade = cleanInput($_POST["grade"]);
}
// mõlemad on kohustuslikud
if ($location_error == "" && $date_error == "" && $feedback_error == "" && $grade_error == "") {
//salvestan ab
// message funktsioonist
$msg = addReview($location, $date, $feedback, $grade);
if ($msg != "") {
//õnnestus, teeme inputi väljad tühjaks
$location = "";
$date = "";
$feedback = "";
$grade = "";
echo $msg;
}
}
}
function cleanInput($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
function actionAddReview($mysqli)
{
return addReview($mysqli);
}
/**
* Queries the API by the input values from the user
*
* @param $term The search term to query
* @param $location The location of the business to query
*/
function query_api($term, $location)
{
$response = json_decode(search($term, $location));
foreach ($response->businesses as $business) {
$business_id = $business->id;
$business_response = json_decode(get_business($business_id), true);
/*
$id=$business_response['id'];
$name=$business_response['name'];
$phone=$business_response['display_phone'];
$address=$business_response['location']['address'][0];
$rating=$business_response['rating'];
#$businessHours=$business_response['']
#$categories
$reservationURL=$business_response['reservation_url'];
$reviewCount=$business_response['review_count'];
#$price
$imageUrl=$business_response['image_url'];
$city=$business_response['location']['city'];
$postal_code=$business_response['location']['postal_code'];
$snippet_text=$business_response['snippet_text'];
$state=$business_response['location']['state_code'];
$rating_img_url=$business_response['rating_img_url'];
$rating_img_url_small=$business_response['rating_img_url_small'];
$url=$business_response['url'];
addRestaurant($id,$name,$phone,$address,$rating,$reservationURL,$reviewCount,$imageUrl,$city,$postal_code,$snippet_text,$state,$rating_img_url,$rating_img_url_small, $url);
*/
if (is_array($business_response['reviews']) || is_object($business_response['reviews'])) {
foreach ($business_response['reviews'] as $review) {
$id = $review['id'];
echo 'prepare: ' . $review['user']['id'];
addReview($id, $review['rating'], $review['rating_image_url'], $review['rating_image_small_url'], $review['excerpt'], $review['time_created'], $review['user']['id']);
addUser($review['user']['id'], $review['user']['name'], '', '123456', $review['user']['image_url']);
echo 'added';
}
}
}
/*
print sprintf(
"%d businesses found, querying business info for the top result \"%s\"\n\n",
count($response->businesses),
$business_id
);
$response = get_business($business_id);
print sprintf("Result for business \"%s\" found:\n", $business_id);
print "$response\n";
*/
}
}
if (empty($_POST["rating"])) {
$rating_error = "See väli on kohustuslik";
} else {
// puhastame muutuja võimalikest üleliigsetest sümbolitest
$rating = cleanInput($_POST["rating"]);
}
if (empty($_POST["comment"])) {
$comment_error = "See väli on kohustuslik";
} else {
$comment = cleanInput($_POST["comment"]);
}
if ($footballer_error == "" && $rating_error == "" && $comment_error == "") {
// kasutaja loomise funktsioon, failist functions.php
// saadame kaasa muutujad
$message = addReview($footballer, $rating, $comment);
if ($message != "") {
// õnnestus, teeme inputi väljad tühjaks
$footballer = "";
$rating = "";
$comment = "";
echo $message;
}
}
}
// kasutaja tahab välja logida
if (isset($_GET["logout"])) {
// aadressireal on olemas muutuja logout
//kustutame kõik sessoni muutujad ja peatame sessiooni
session_destroy();
header("Location: login.php");