From e6a2945649b7399b20dc4a53f9f7e2d38cbd5b0c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82?= Date: Fri, 17 Mar 2023 11:14:23 +0100 Subject: [PATCH] finished adding new order --- addOrder.php | 43 +++++++++++++++++++++++++++++++++++++++++-- login.php | 8 ++++---- start.php | 2 +- 3 files changed, 46 insertions(+), 7 deletions(-) diff --git a/addOrder.php b/addOrder.php index 9f8141c..831af14 100644 --- a/addOrder.php +++ b/addOrder.php @@ -21,6 +21,45 @@ exit(0); } - $data = json_decode(file_get_contents('php://input'), true); - print_r($data); + + include 'db_connection.php'; + session_start(); + $conn = openCon(); + mysqli_set_charset($conn, "utf8"); + $data = json_decode(file_get_contents("php://input"),true); + $q = "INSERT INTO `order` (`client_id`, `login_id`, `type`, `start`, `end`, `street`, `adNumber`, `city`, `zipcode`, `post`, `person`, `email`, `phone`)" . sprintf( + "VALUES (\"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\")", + $data["clientId"], + $_SESSION["id"], + $data["type"], + $data["startDate"], + $data["endDate"], + $data["street"], + $data["adNumber"], + $data["city"], + $data["zipcode"], + $data["post"], + $data["person"], + $data["email"], + $data["phone"] + ); + mysqli_query($conn, $q); + $orderId = mysqli_insert_id($conn); + + foreach($data["products"] as $product){ + $q = "INSERT INTO order_product (`order_id`, `product_id`, `prNumber`, `offerPrice`, `maintenance`, `extra`, `lock`, `risk`)" . sprintf( + "VALUES (\"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\")", + $orderId, + $product["productId"], + $product["prNumber"], + $product["offerPrice"], + $product["maintenance"], + $product["extra"], + $product["lock"], + $product["risk"] + ); + mysqli_query($conn, $q); + } + echo json_encode($orderId); + closeCon($conn); ?> \ No newline at end of file diff --git a/login.php b/login.php index c55cac2..c1aac40 100644 --- a/login.php +++ b/login.php @@ -34,13 +34,13 @@ $email = $data["email"]; //"example@email.email"; $pass = $data["pass"]; //"hasło135$"; - $q = "SELECT login.pass, login.salt FROM login WHERE login.email=\"" . $email . "\""; + $q = "SELECT login.id, login.pass, login.salt FROM login WHERE login.email=\"" . $email . "\""; $result = mysqli_query($conn, $q) or die("Problemy z odczytem danych!"); $answ; while($row = mysqli_fetch_row($result)) { - $answ=["hash"=>$row[0], "salt"=>$row[1]]; + $answ=["id"=>$row[0], "hash"=>$row[1], "salt"=>$row[2]]; } function checkPassword($p, $s, $h){ @@ -48,11 +48,11 @@ else return false; }; if(isset($answ["salt"]) && checkPassword($pass, $answ["salt"], $answ["hash"])){ - $_SESSION["email"] = $email; + $_SESSION["id"] = $answ["id"]; echo json_encode(true); } else { - $_SESSION["email"] = null; + $_SESSION["id"] = null; echo json_encode(false); } closeCon($conn); diff --git a/start.php b/start.php index 2a48e1d..8badcae 100644 --- a/start.php +++ b/start.php @@ -23,6 +23,6 @@ } session_start(); - if(!isset($_SESSION["email"])) echo json_encode(false); + if(!isset($_SESSION["id"])) echo json_encode(false); else echo json_encode(true); ?> \ No newline at end of file