isetPanier/post.php

152 lines
4.6 KiB
PHP
Raw Permalink Normal View History

2017-05-21 14:59:04 +02:00
<?php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
session_start();
$config = include('config.php');
$deadLine = $_SESSION['deadLine'];
try
{
$bdd = new PDO('mysql:host='.$config['host'].';dbname='.$config['dbname'].';charset=utf8', $config['username'], $config['password']);
}
catch (Exception $e)
{
die('Erreur : ' . $e->getMessage());
}
if(isset($_POST['quant']) && isset($_POST['ref']) && isset($_POST['description']) && isset($_POST['prix']) && !$deadLine)
{
$req = $bdd->prepare('SELECT * FROM article WHERE ref=:ref');
$data = $req->execute(array(
'ref' => $_POST['ref']
));
$id;
$data = $req->fetch();
if(isset($data['ref']))
{
$req = $bdd->prepare('UPDATE panier SET nombre=:nbr WHERE id=:id');
$req->execute(array(
'nbr' => $_POST['quant'],
'id' => $data['id']
));
}
else
{
$req = $bdd->prepare('INSERT INTO article(ref, description, prix, panierId) VALUES(:ref, :description, :prix, :panierId)');
$req->execute(array(
'ref' => $_POST["ref"],
'description' => $_POST['description'],
'prix' => $_POST['prix'],
'panierId' => $_SESSION['panierId']
));
$id = $bdd->lastInsertId();
$req = $bdd->prepare('INSERT INTO panier(idEtudiant, idArticle, nombre, panierId) VALUES(:idEtudiant, :idAdrticle, :nombre, :panierId)');
$req->execute(array(
'idEtudiant' => $_SESSION["idEtudiant"],
'idAdrticle' => $id,
'nombre' => $_POST['quant'],
'panierId' => $_SESSION['panierId']
));
}
}
else if(isset($_POST['user']) && isset($_POST['pw']))
{
$req = $bdd->prepare('SELECT * FROM etudiant WHERE lower(pseudo)=:pseudo');
$data = $req->execute(array(
'pseudo' => strtolower($_POST['user'])
));
$data = $req->fetch();
if($data)
{
if($data['pw'] == (empty($_POST['pw'])?'':md5($_POST['pw'])))
{
$_SESSION['idEtudiant'] = $data['id'];
$_SESSION['pseudo'] = $data['pseudo'];
$_SESSION['admin'] = $data['admin'];
$_SESSION['panierId'] = 1;
$_SESSION['nomPanier'] = "farnell projet 1";
echo json_encode(array('loggin'=> '1'));
}
else
{
echo json_encode(array('loggin'=> '2'));
}
}
else
{
$req = $bdd->prepare('INSERT INTO etudiant(pseudo,pw) VALUE(:pseudo,:pw)');
$req->execute(array(
'pseudo' => htmlspecialchars($_POST['user']),
'pw' => empty($_POST['pw'])?'':md5($_POST['pw'])
));
$id = $bdd->lastInsertId();
$_SESSION['idEtudiant'] = $id;
$_SESSION['admin'] = 0;
$_SESSION['pseudo'] = $_POST['user'];
$_SESSION['admin'] = 0;
$_SESSION['panierId'] = 1;
$_SESSION['nomPanier'] = "farnell projet 1";
echo json_encode(array('loggin'=> '3'));
}
}
else if(isset($_POST['quant']) && !$deadLine){
if(isset($_POST['idarticle'])) //Pour ma commande j'envois un id
{
$req = $bdd->prepare('SELECT * FROM panier WHERE id=:id');
$rep = $req->execute(array(
'id' => $_POST['idarticle']
));
$data = $req->fetch();
if(isset($data['idEtudiant']) && $data['idEtudiant'] == $_SESSION['idEtudiant'])//C'est bien le bonne etudiant
{
$req = $bdd->prepare('UPDATE panier SET nombre=:nbr WHERE id=:id');
$req->execute(array(
'nbr' => $_POST['quant'],
'id' => $_POST['idarticle']
));
}
else {
echo json_encode("err");
}
}
else if(isset($_POST['refId']))//quand je passe par la commande globale je passe par la identifiant de la ref
{
$req = $bdd->prepare('SELECT * FROM panier WHERE idArticle=:refId AND idEtudiant=:idEtudiant');//Tchek si l'etudiant a déja l'article
$rep = $req->execute(array(
'refId' => $_POST['refId'],
'idEtudiant' => $_SESSION['idEtudiant']
));
$data = $req->fetch();
if($data)
{
$req = $bdd->prepare('UPDATE panier SET nombre=:nbr WHERE id=:id');
$req->execute(array(
'nbr' => $_POST['quant'],
'id' => $data['id']
));
}
else {
$req = $bdd->prepare('INSERT INTO panier(idEtudiant, idArticle, nombre, panierId) VALUES(:idEtudiant, :idAdrticle, :nombre, :panierId)');
$req->execute(array(
'idEtudiant' => $_SESSION["idEtudiant"],
'idAdrticle' => $_POST['refId'],
'nombre' => $_POST['quant'],
'panierId' => $_SESSION['panierId']
));
}
}
}
else if(isset($_POST['quant']) && $deadLine)
{
http_response_code(401);
echo "N'est plus autorisé ! DeadLine Dépaséé !";
}
else {
session_destroy();
session_start();
$_SESSION['accesOk'] = "";
}
?>