finished adding new order

addOrder.php

@@ -21,6 +21,45 @@
     
         exit(0);
     }
-    $data = json_decode(file_get_contents('php://input'), true);
-    print_r($data);
+
+    include 'db_connection.php';
+    session_start();
+    $conn = openCon();
+        mysqli_set_charset($conn, "utf8");
+        $data = json_decode(file_get_contents("php://input"),true);
+        $q = "INSERT INTO `order` (`client_id`, `login_id`, `type`, `start`, `end`, `street`, `adNumber`, `city`, `zipcode`, `post`, `person`, `email`, `phone`)" . sprintf(
+            "VALUES (\"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\")", 
+            $data["clientId"],
+            $_SESSION["id"],
+            $data["type"],
+            $data["startDate"],
+            $data["endDate"],
+            $data["street"],
+            $data["adNumber"],
+            $data["city"],
+            $data["zipcode"],
+            $data["post"],
+            $data["person"],
+            $data["email"],
+            $data["phone"]
+        );
+        mysqli_query($conn, $q);
+        $orderId = mysqli_insert_id($conn);
+        
+        foreach($data["products"] as $product){
+            $q = "INSERT INTO order_product (`order_id`, `product_id`, `prNumber`, `offerPrice`, `maintenance`, `extra`, `lock`, `risk`)" . sprintf(
+            "VALUES (\"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\")",
+            $orderId,
+            $product["productId"],
+            $product["prNumber"],
+            $product["offerPrice"],
+            $product["maintenance"],
+            $product["extra"],
+            $product["lock"],
+            $product["risk"]
+            );
+            mysqli_query($conn, $q);
+        }
+        echo json_encode($orderId);
+    closeCon($conn);
 ?>

login.php

@@ -34,13 +34,13 @@
         $email =  $data["email"];  //"example@email.email";
         $pass = $data["pass"];   //"hasło135$";
 
-        $q = "SELECT login.pass, login.salt FROM login WHERE login.email=\"" . $email . "\"";
+        $q = "SELECT login.id, login.pass, login.salt FROM login WHERE login.email=\"" . $email . "\"";
         $result = mysqli_query($conn, $q) or die("Problemy z odczytem danych!");
         
         $answ;
         while($row = mysqli_fetch_row($result))
             {
-                $answ=["hash"=>$row[0], "salt"=>$row[1]];
+                $answ=["id"=>$row[0], "hash"=>$row[1], "salt"=>$row[2]];
             }
         
         function checkPassword($p, $s, $h){
@@ -48,11 +48,11 @@
             else return false;
         };
         if(isset($answ["salt"]) && checkPassword($pass, $answ["salt"], $answ["hash"])){
-            $_SESSION["email"] = $email;
+            $_SESSION["id"] = $answ["id"];
             echo json_encode(true);
         }
         else {
-            $_SESSION["email"] = null;
+            $_SESSION["id"] = null;
             echo json_encode(false);
         }
     closeCon($conn);

start.php

@@ -23,6 +23,6 @@
     }
 
     session_start();
-    if(!isset($_SESSION["email"])) echo json_encode(false);
+    if(!isset($_SESSION["id"])) echo json_encode(false);
     else echo json_encode(true);
 ?>