getMessage()); } if(isset($_POST['quant']) && isset($_POST['ref']) && isset($_POST['description']) && isset($_POST['prix']) && !$deadLine) { $req = $bdd->prepare('SELECT * FROM article WHERE ref=:ref'); $data = $req->execute(array( 'ref' => $_POST['ref'] )); $id; $data = $req->fetch(); if(isset($data['ref'])) { $req = $bdd->prepare('UPDATE panier SET nombre=:nbr WHERE id=:id'); $req->execute(array( 'nbr' => $_POST['quant'], 'id' => $data['id'] )); } else { $req = $bdd->prepare('INSERT INTO article(ref, description, prix, panierId) VALUES(:ref, :description, :prix, :panierId)'); $req->execute(array( 'ref' => $_POST["ref"], 'description' => $_POST['description'], 'prix' => $_POST['prix'], 'panierId' => $_SESSION['panierId'] )); $id = $bdd->lastInsertId(); $req = $bdd->prepare('INSERT INTO panier(idEtudiant, idArticle, nombre, panierId) VALUES(:idEtudiant, :idAdrticle, :nombre, :panierId)'); $req->execute(array( 'idEtudiant' => $_SESSION["idEtudiant"], 'idAdrticle' => $id, 'nombre' => $_POST['quant'], 'panierId' => $_SESSION['panierId'] )); } } else if(isset($_POST['user']) && isset($_POST['pw'])) { $req = $bdd->prepare('SELECT * FROM etudiant WHERE lower(pseudo)=:pseudo'); $data = $req->execute(array( 'pseudo' => strtolower($_POST['user']) )); $data = $req->fetch(); if($data) { if($data['pw'] == (empty($_POST['pw'])?'':md5($_POST['pw']))) { $_SESSION['idEtudiant'] = $data['id']; $_SESSION['pseudo'] = $data['pseudo']; $_SESSION['admin'] = $data['admin']; $_SESSION['panierId'] = 1; $_SESSION['nomPanier'] = "farnell projet 1"; echo json_encode(array('loggin'=> '1')); } else { echo json_encode(array('loggin'=> '2')); } } else { $req = $bdd->prepare('INSERT INTO etudiant(pseudo,pw) VALUE(:pseudo,:pw)'); $req->execute(array( 'pseudo' => htmlspecialchars($_POST['user']), 'pw' => empty($_POST['pw'])?'':md5($_POST['pw']) )); $id = $bdd->lastInsertId(); $_SESSION['idEtudiant'] = $id; $_SESSION['admin'] = 0; $_SESSION['pseudo'] = $_POST['user']; $_SESSION['admin'] = 0; $_SESSION['panierId'] = 1; $_SESSION['nomPanier'] = "farnell projet 1"; echo json_encode(array('loggin'=> '3')); } } else if(isset($_POST['quant']) && !$deadLine){ if(isset($_POST['idarticle'])) //Pour ma commande j'envois un id { $req = $bdd->prepare('SELECT * FROM panier WHERE id=:id'); $rep = $req->execute(array( 'id' => $_POST['idarticle'] )); $data = $req->fetch(); if(isset($data['idEtudiant']) && $data['idEtudiant'] == $_SESSION['idEtudiant'])//C'est bien le bonne etudiant { $req = $bdd->prepare('UPDATE panier SET nombre=:nbr WHERE id=:id'); $req->execute(array( 'nbr' => $_POST['quant'], 'id' => $_POST['idarticle'] )); } else { echo json_encode("err"); } } else if(isset($_POST['refId']))//quand je passe par la commande globale je passe par la identifiant de la ref { $req = $bdd->prepare('SELECT * FROM panier WHERE idArticle=:refId AND idEtudiant=:idEtudiant');//Tchek si l'etudiant a déja l'article $rep = $req->execute(array( 'refId' => $_POST['refId'], 'idEtudiant' => $_SESSION['idEtudiant'] )); $data = $req->fetch(); if($data) { $req = $bdd->prepare('UPDATE panier SET nombre=:nbr WHERE id=:id'); $req->execute(array( 'nbr' => $_POST['quant'], 'id' => $data['id'] )); } else { $req = $bdd->prepare('INSERT INTO panier(idEtudiant, idArticle, nombre, panierId) VALUES(:idEtudiant, :idAdrticle, :nombre, :panierId)'); $req->execute(array( 'idEtudiant' => $_SESSION["idEtudiant"], 'idAdrticle' => $_POST['refId'], 'nombre' => $_POST['quant'], 'panierId' => $_SESSION['panierId'] )); } } } else if(isset($_POST['quant']) && $deadLine) { http_response_code(401); echo "N'est plus autorisé ! DeadLine Dépaséé !"; } else { session_destroy(); session_start(); $_SESSION['accesOk'] = ""; } ?>