152 lines
4.6 KiB
PHP
152 lines
4.6 KiB
PHP
<?php
|
|
ini_set('display_errors', 1);
|
|
ini_set('display_startup_errors', 1);
|
|
error_reporting(E_ALL);
|
|
session_start();
|
|
$config = include('config.php');
|
|
$deadLine = $_SESSION['deadLine'];
|
|
|
|
try
|
|
{
|
|
$bdd = new PDO('mysql:host='.$config['host'].';dbname='.$config['dbname'].';charset=utf8', $config['username'], $config['password']);
|
|
}
|
|
catch (Exception $e)
|
|
{
|
|
die('Erreur : ' . $e->getMessage());
|
|
}
|
|
if(isset($_POST['quant']) && isset($_POST['ref']) && isset($_POST['description']) && isset($_POST['prix']) && !$deadLine)
|
|
{
|
|
$req = $bdd->prepare('SELECT * FROM article WHERE ref=:ref');
|
|
$data = $req->execute(array(
|
|
'ref' => $_POST['ref']
|
|
));
|
|
$id;
|
|
$data = $req->fetch();
|
|
if(isset($data['ref']))
|
|
{
|
|
$req = $bdd->prepare('UPDATE panier SET nombre=:nbr WHERE id=:id');
|
|
$req->execute(array(
|
|
'nbr' => $_POST['quant'],
|
|
'id' => $data['id']
|
|
));
|
|
}
|
|
else
|
|
{
|
|
$req = $bdd->prepare('INSERT INTO article(ref, description, prix, panierId) VALUES(:ref, :description, :prix, :panierId)');
|
|
$req->execute(array(
|
|
'ref' => $_POST["ref"],
|
|
'description' => $_POST['description'],
|
|
'prix' => $_POST['prix'],
|
|
'panierId' => $_SESSION['panierId']
|
|
));
|
|
|
|
$id = $bdd->lastInsertId();
|
|
$req = $bdd->prepare('INSERT INTO panier(idEtudiant, idArticle, nombre, panierId) VALUES(:idEtudiant, :idAdrticle, :nombre, :panierId)');
|
|
$req->execute(array(
|
|
'idEtudiant' => $_SESSION["idEtudiant"],
|
|
'idAdrticle' => $id,
|
|
'nombre' => $_POST['quant'],
|
|
'panierId' => $_SESSION['panierId']
|
|
));
|
|
}
|
|
|
|
}
|
|
else if(isset($_POST['user']) && isset($_POST['pw']))
|
|
{
|
|
$req = $bdd->prepare('SELECT * FROM etudiant WHERE lower(pseudo)=:pseudo');
|
|
$data = $req->execute(array(
|
|
'pseudo' => strtolower($_POST['user'])
|
|
));
|
|
$data = $req->fetch();
|
|
if($data)
|
|
{
|
|
if($data['pw'] == (empty($_POST['pw'])?'':md5($_POST['pw'])))
|
|
{
|
|
$_SESSION['idEtudiant'] = $data['id'];
|
|
$_SESSION['pseudo'] = $data['pseudo'];
|
|
$_SESSION['admin'] = $data['admin'];
|
|
$_SESSION['panierId'] = 1;
|
|
$_SESSION['nomPanier'] = "farnell projet 1";
|
|
echo json_encode(array('loggin'=> '1'));
|
|
}
|
|
else
|
|
{
|
|
echo json_encode(array('loggin'=> '2'));
|
|
}
|
|
}
|
|
else
|
|
{
|
|
$req = $bdd->prepare('INSERT INTO etudiant(pseudo,pw) VALUE(:pseudo,:pw)');
|
|
$req->execute(array(
|
|
'pseudo' => htmlspecialchars($_POST['user']),
|
|
'pw' => empty($_POST['pw'])?'':md5($_POST['pw'])
|
|
));
|
|
$id = $bdd->lastInsertId();
|
|
$_SESSION['idEtudiant'] = $id;
|
|
$_SESSION['admin'] = 0;
|
|
$_SESSION['pseudo'] = $_POST['user'];
|
|
$_SESSION['admin'] = 0;
|
|
$_SESSION['panierId'] = 1;
|
|
$_SESSION['nomPanier'] = "farnell projet 1";
|
|
echo json_encode(array('loggin'=> '3'));
|
|
}
|
|
}
|
|
else if(isset($_POST['quant']) && !$deadLine){
|
|
if(isset($_POST['idarticle'])) //Pour ma commande j'envois un id
|
|
{
|
|
$req = $bdd->prepare('SELECT * FROM panier WHERE id=:id');
|
|
$rep = $req->execute(array(
|
|
'id' => $_POST['idarticle']
|
|
));
|
|
$data = $req->fetch();
|
|
if(isset($data['idEtudiant']) && $data['idEtudiant'] == $_SESSION['idEtudiant'])//C'est bien le bonne etudiant
|
|
{
|
|
$req = $bdd->prepare('UPDATE panier SET nombre=:nbr WHERE id=:id');
|
|
$req->execute(array(
|
|
'nbr' => $_POST['quant'],
|
|
'id' => $_POST['idarticle']
|
|
));
|
|
}
|
|
else {
|
|
echo json_encode("err");
|
|
}
|
|
}
|
|
else if(isset($_POST['refId']))//quand je passe par la commande globale je passe par la identifiant de la ref
|
|
{
|
|
$req = $bdd->prepare('SELECT * FROM panier WHERE idArticle=:refId AND idEtudiant=:idEtudiant');//Tchek si l'etudiant a déja l'article
|
|
$rep = $req->execute(array(
|
|
'refId' => $_POST['refId'],
|
|
'idEtudiant' => $_SESSION['idEtudiant']
|
|
));
|
|
$data = $req->fetch();
|
|
if($data)
|
|
{
|
|
$req = $bdd->prepare('UPDATE panier SET nombre=:nbr WHERE id=:id');
|
|
$req->execute(array(
|
|
'nbr' => $_POST['quant'],
|
|
'id' => $data['id']
|
|
));
|
|
}
|
|
else {
|
|
$req = $bdd->prepare('INSERT INTO panier(idEtudiant, idArticle, nombre, panierId) VALUES(:idEtudiant, :idAdrticle, :nombre, :panierId)');
|
|
$req->execute(array(
|
|
'idEtudiant' => $_SESSION["idEtudiant"],
|
|
'idAdrticle' => $_POST['refId'],
|
|
'nombre' => $_POST['quant'],
|
|
'panierId' => $_SESSION['panierId']
|
|
));
|
|
}
|
|
}
|
|
}
|
|
else if(isset($_POST['quant']) && $deadLine)
|
|
{
|
|
http_response_code(401);
|
|
echo "N'est plus autorisé ! DeadLine Dépaséé !";
|
|
}
|
|
else {
|
|
session_destroy();
|
|
session_start();
|
|
$_SESSION['accesOk'] = "";
|
|
}
|
|
?>
|