}
} elseif (!empty($_POST['custom_title'])) {
check_admin_referer('now-reading-manual-add');
$b_author = $wpdb->escape($_POST['custom_author']);
$b_title = $wpdb->escape($_POST['custom_title']);
if (!empty($_POST['custom_image'])) {
$b_image = $wpdb->escape($_POST['custom_image']);
} else {
$b_image = get_option('siteurl') . '/' . PLUGINDIR . '/now-reading-redux/no-image.png';
}
$b_asin = '';
$b_added = date('Y-m-d H:i:s');
$b_status = 'unread';
$b_nice_title = $wpdb->escape(sanitize_title($_POST['custom_title']));
$b_nice_author = $wpdb->escape(sanitize_title($_POST['custom_author']));
foreach ((array) compact('b_author', 'b_title', 'b_image', 'b_asin', 'b_added', 'b_status', 'b_nice_title', 'b_nice_author') as $field => $value) {
$query .= "{$field}={$value}&";
}
$id = add_book($query);
if ($id > 0) {
// wp_redirect($nr_url->urls['add'] . '&added=' . intval($id));
// die;
} else {
// wp_redirect($nr_url->urls['add'] . '&error=true');
// die;
echo '<div>Add books fail</div>';
}
}
?>
<?php
session_start();
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<?php
include 'header.php';
if (isset($_POST['addBook'])) {
add_book();
} elseif (isset($_POST['deleteBook'])) {
delete_book();
} elseif (isset($_POST['addEvent'])) {
add_event();
} elseif (isset($_POST['deleteEvent'])) {
delete_event();
} elseif (isset($_POST['uploadNewsletter'])) {
upload_newsletter();
} elseif (isset($_POST['deleteNewsletter'])) {
delete_newsletter();
} elseif (isset($_POST['uploadReport'])) {
upload_report();
} elseif (isset($_POST['deleteReport'])) {
delete_report();
} else {
echo "Error: Please submit changes to the site first.";
}
// TODO: If logged_user is the admin user, then this page will be available as a link
// TODO: Add following forms:
// ADD/DELETE Books/Events Form
function nr_add()
{
function add_book_form()
{
?>
<form method="post" action="">
<?php
wp_nonce_field('nr_add_book');
?>
<input type="hidden" name="stage" value="2" />
<div class="by_isbn">
<h3>Search by ISBN</h3>
<p class="add_isbn"><label for="isbn">ISBN:</label></p>
<p><input type="text" id="isbn" name="isbn" /></p>
<p><input type="submit" value="Search" /></p>
</div>
<div class="by_title">
<h3>Search by title/author</h3>
<p class="add_title"><label for="title">Title</label></p>
<p><input type="text" id="title" name="title" /></p>
<p class="add_author"><label for="author">Author (optional)</label></p>
<p><input type="text" id="author" name="author" /></p>
<p><input type="submit" value="Search" /></p>
</div>
</form>
<?php
}
$stage = intval($_REQUEST['stage']);
?>
<div class="wrap nr_add">
<h2>Add a Book</h2>
<?php
if (empty($stage) || $stage == 1) {
?>
<p>Enter the details of the book you'd like to find, and Now Reading will search Amazon to try and find it.</p>
<?php
add_book_form();
?>
<?php
} elseif ($stage == 2) {
check_admin_referer('nr_add_book');
$isbn = $_POST['isbn'];
$title = $_POST['title'];
$author = $_POST['author'];
$books = query_amazon("title={$title}&author={$author}&isbn={$isbn}");
if (count($books) > 0) {
?>
<p>I found <?php
echo count($books);
?>
results for your query:</p>
<div class="amazon_results">
<?php
foreach ((array) $books as $book) {
?>
<div class="amazon_result">
<form method="post" action="">
<?php
wp_nonce_field('nr_add_book_' . md5(serialize($book)));
?>
<input type="hidden" name="stage" value="3" />
<input type="hidden" name="book" value="<?php
echo htmlentities(serialize($book));
?>
" />
<img src="<?php
echo $book['image'];
?>
" alt="" />
<h3><?php
echo $book['title'];
?>
</h3>
<p>by <?php
echo $book['author'];
?>
</p>
<p><input type="submit" value="Use this result" /></p>
</form>
</div>
<?php
}
?>
</div>
<p>No good? <a href="?page=add_book">Try searching again</a>.</p>
<?php
} else {
?>
<p>Sorry, I couldn't find any results from Amazon.</p>
<p><a href="?page=add_book">Search again?</a></p>
<?php
}
?>
<?php
} elseif ($stage == 3) {
?>
<?php
check_admin_referer('nr_add_book_' . md5(stripslashes($_POST['book'])));
$book = unserialize(stripslashes($_POST['book']));
$id = add_book($book);
if ($id > 0) {
?>
<br />
<div class="updated"><p><strong>Success! Your book was added.</strong></p></div>
<p>Add another?</p>
<?php
add_book_form();
?>
<?php
} else {
?>
<p>Oops! There was an error adding your book.</p>
<?php
}
?>
<?php
}
?>
</div>
<?php
}
$book['909969'] = array('title' => 'C++', 'price' => '30.50');
$book['912345'] = array('title' => 'AngularJS', 'price' => '29.50');
require_once 'cart.php';
// to performe action
$action = filter_input(INPUT_POST, 'action');
if ($action === NULL) {
$action = filter_input(INPUT_GET, 'action');
if ($action === NULL) {
$action = 'show_add_book';
}
}
//add and update cart
if ($action == 'add') {
$isbn = filter_input(INPUT_POST, 'isbn');
$bookqantity = filter_input(INPUT_POST, 'bookquantity');
add_book($isbn, $bookqantity);
include 'cart_view.php';
} else {
if ($action == 'update') {
$new_qty_list = filter_input(INPUT_POST, 'newqty', FILTER_DEFAULT, FILTER_REQUIRE_ARRAY);
foreach ($new_qty_list as $isbn => $qty) {
if ($_SESSION['shop_cart']['qty'] != $qty) {
update_book($isbn, $qty);
}
}
include 'cart_view.php';
} else {
if ($action == 'show_cart') {
include 'cart_view.php';
} else {
if ($action == 'show_add_book') {
//connect to database
include_once "db/dbcontext.php";
$db = DBContext::getDB();
$pageData->navigation = (include_once "views/navigation_front.php");
$navigationIsClicked = isset($_GET["controller"]);
if ($navigationIsClicked) {
$controller = $_GET["controller"];
} else {
$controller = "guest";
}
$pageData->content = (include_once "controllers/{$controller}/index.php");
include_once "views/page.php";
if ($action == 'add') {
$isbn = filter_input(INPUT_POST, 'isbn');
$bookqty = filter_input(INPUT_POST, 'bookqty');
add_book($isbn, $bookqty);
include 'cart_view.php';
} else {
if ($action == 'update') {
$new_qty_list = filter_input(INPUT_POST, 'newqty', FILTER_DEFAULT, FILTER_REQUIRE_ARRAY);
foreach ($new_qty_list as $isbn => $qty) {
if ($_SESSION['shop_cart'][$isbn]['qty'] != $qty) {
update_book($isbn, $qty);
}
}
include 'cart_view.php';
} elseif ($action == 'show_cart') {
include 'cart_view.php';
} else {
if ($action == 'add_book') {
include 'add_book_view.php';
<?php
require "api.php";
$book_id = add_book($_GET['title'], $_GET['author'], $_GET['description']);
if ($book_id) {
?>
<html>
<head>
</head>
<body>
<h1>Book successfully added!</h1>
Title:<?php
echo $_GET['title'];
?>
<br />
Author:<?php
echo $_GET['author'];
?>
<br />
Description:<?php
echo $_GET['description'];
?>
<br />
<h2>Add version:</h2>
<form method="get" action="submitVersion.php">
} else {
echo "<br />Failure!</p>";
}
} else {
echo '
<form method="get" action="">
<input type="hidden" name="amazon" value="1" />
<p><input type="submit" value="Test Amazon" /></p>
</form>';
}
if ($_GET['books']) {
echo "<p>add_book('title=1984&author=George Orwell')";
$id = add_book('title=1984&author=George Orwell');
if ($id > 0) {
echo "<br />Successfully created book, ID is {$id}.</p>";
} else {
echo "<br />Failure!</p>";
}
echo "<p>get_book({$id})";
$book = get_book($id);
if ($book->ID == $id) {
echo "<br />Successfully fetched book with ID {$id}:<br /><pre>";
var_dump($book);
echo "</pre></p>";
} else {
echo "<br />Failure!</p>";
}
echo "<p>delete_book({$id})";
