Commit entrega 2

This commit is contained in:
janmaroto 2021-12-14 17:19:28 +01:00
parent 01e42279cc
commit 7fc57d4e86
13 changed files with 352 additions and 79 deletions

View File

@ -1,32 +1,25 @@
<!DOCTYPE html>
<html>
<body>
<link rel="stylesheet" href="style/w3.css">
<h2>Fill the input fields to interact</h2>
<div class="w3-col m7 w3-padding">
<div class="w3-display-container" style="height:100%;">
<form action="./data_submit.php" method="post">
<label for="filmid">Film ID</label><br>
<input type="text" id="filmid" name="filmid"><br>
<label for="ftitle">Film Title</label><br>
<input type="text" id="ftitle" name="ftitle"><br>
<label for="fyear">Film Year</label><br>
<input type="text" id="fyear" name="fyear"><br><br>
<label for="foption">Operation</label><br><br>
<select id="foption" name="foption">
<option value="choose" selected>Choose</option>
<option value="select">Select</option>
<option value="insert">Insert</option>
<option value="delete">Delete</option>
<option value="update">Update</option>
</select><br><br><br>
<input type="submit" value="Submit">
</form>
<div class="w3-display-topleft">
<div class="">
<h2>$product_name</h2>
</div>
<div class="">
<p>$product_info</p>
</div>
</div>
<div class="w3-display-bottomright w3-black w3-padding">
<p>$product_owner_name</p>
</div>
</div>
</div>
</body>
</html>
<?php
if (isset($_GET["message"])){
echo $_GET["message"];
}
?>

View File

@ -32,13 +32,21 @@ CREATE TABLE IF NOT EXISTS botiga_php_db.bp_users (
bp_product_img_02 VARCHAR(32),
bp_product_img_03 VARCHAR(32),
bp_product_addDate DATE NOT NULL,
bp_product_owner INT,
PRIMARY KEY (bp_product_id),
FOREIGN KEY (bp_product_category) REFERENCES bp_categories(bp_category_id)
FOREIGN KEY (bp_product_category) REFERENCES bp_categories(bp_category_id),
FOREIGN KEY (bp_product_owner) REFERENCES bp_users(bp_user_id)
);
INSERT INTO `bp_categories` (`bp_category_id`, `bp_category_name`) VALUES (NULL, 'Wooden'), (NULL, 'Brick'), (NULL, 'Stone'), (NULL, 'Alimium'), (NULL, 'Mix');
INSERT INTO bp_products VALUES (NULL, 'Hanni Koroma', 'Japanese designed wooden nordic house', '95000', '1', 'house01.jpg', 'house02.jpg', 'house03.jpg', '2001-11-22');
INSERT INTO bp_products VALUES (NULL, 'Fiskarhedenvillan', 'Classic 20th century English brick house', '200000', '2', 'house04.jpg', 'house05.jpg', 'house06.jpg', '1958-06-20');
INSERT INTO bp_products VALUES (NULL, 'Barn House', 'American aluminium suspended house', '65000', '5', 'house07.jpg', 'house08.jpg', 'house09.jpg', '1994-09-11');
INSERT INTO bp_products VALUES (NULL, 'Hygge', 'Nordic house built with a mix of natural materials', '150000', '5', 'house10.jpg', 'house11.jpg', 'house12.jpg', '2021-11-28');
INSERT INTO bp_users VALUES (NULL, 'jones', '$2y$10$cQ/dbUCwpn70GxHyzLLG8O0KH0o67uagM8x0UASYXToTVplCFq4.m', '2021-12-09');
INSERT INTO bp_users VALUES (NULL, 'jack', '$2y$10$nkeFH50KmNCQKxKrsE/NQu1gx5YMqPxrQyL9e/eRyY1p9j8GrOTe.', '2021-09-12');
INSERT INTO bp_users VALUES (NULL, 'john', '$2y$10$c60U1n5hhploFWTGgnM3SOB5oSH70/f2sGvz1S5H3EZIeEul5x4ZK', '2021-10-11');
INSERT INTO bp_users VALUES (NULL, 'jerry', '$2y$10$gtQrwpRjdydYJTTXLa5jWOK3/CYriXNDuUuHtFqrlQ1o2w7a7893u', '2021-11-10');
INSERT INTO bp_products VALUES (NULL, 'Hanni Koroma', 'Japanese designed wooden nordic house', '95000', '1', 'house01.jpg', 'house02.jpg', 'house03.jpg', '2001-11-22', 1);
INSERT INTO bp_products VALUES (NULL, 'Fiskarhedenvillan', 'Classic 20th century English brick house', '200000', '2', 'house04.jpg', 'house05.jpg', 'house06.jpg', '1958-06-20', 2);
INSERT INTO bp_products VALUES (NULL, 'Barn House', 'American aluminium suspended house', '65000', '5', 'house07.jpg', 'house08.jpg', 'house09.jpg', '1994-09-11', 3);
INSERT INTO bp_products VALUES (NULL, 'Hygge', 'Nordic house built with a mix of natural materials', '150000', '5', 'house10.jpg', 'house11.jpg', 'house12.jpg', '2021-11-28', 4);

View File

@ -1,7 +1,7 @@
<form name="filter" method="POST" action="home.php">
<div class="w3-container-padding">
<div class="w3-third">
<input class="w3-input w3-border" type="text" placeholder="Search by name or description.." id="search">
<input class="w3-input w3-border" type="text" placeholder="Search by name or description.." id="search" name="search">
</div>
<div class="w3-third">
<select class="w3-select w3-border" id="category" name="category">

View File

@ -12,9 +12,9 @@
<a href="home.php" class="w3-bar-item w3-button"><b>Botiga</b> php</a>
<!-- Float links to the right. Hide them on small screens -->
<div class="w3-right w3-hide-small">
<a href="#projects" class="w3-bar-item w3-button">Products</a>
<a href="#about" class="w3-bar-item w3-button">Register</a>
<a href="#contact" class="w3-bar-item w3-button">Login</a>
<a href="my-products.php" class="w3-bar-item w3-button">My Products</a>
<a href="register-page.php" class="w3-bar-item w3-button">Register</a>
<a href="login-page.php" class="w3-bar-item w3-button">Login</a>
</div>
</div>
</div>

View File

@ -1,19 +1,6 @@
<?php
include_once('header.php');
include_once('parameters.php');
//FILTER BUTTON
// if (isset($_POST['submit'])) {
// $uid = $_POST['uid'];
// $date = $_POST['date'];
// $query = "SELECT * FROM uren WHERE DATUM(post_date)='$date'";
// $respost = mysqli_query($mysqli, $query);
// } else {
// $query = "SELECT * FROM uren";
// $respost = mysqli_query($mysqli, $query);
// }
?>
<div class="w3-content w3-padding w3-margin-top" style="max-width:1564px;margin-top:32px">
@ -39,29 +26,33 @@ include_once('parameters.php');
<div class="w3-row-padding">
<?php
echo ($_POST['search'] . $_POST['category'] . $_POST['minPrice'] . $_POST['maxPrice']);
$productName = isset($_POST['search']) ? "%" . $_POST['search'] . "%" : "'%%'";
$productInfo = isset($_POST['search']) ? "%" . $_POST['search'] . "%" : "'%%'";
$productCategory = ($_POST['category'] != "empty") ? $_POST['category'] : "'%%'";
$minProductPrice = ($_POST['minPrice'] != "empty") ? $_POST['minPrice'] : 0;
$maxProductPrice = ($_POST['maxPrice'] != "empty") ? $_POST['maxPrice'] : 999999999999999999;
echo ($productName . $productInfo . $productCategory . $minProductPrice . $maxProductPrice);
if (empty($_POST)) {
$sql = $con->prepare("SELECT bp_product_id, bp_product_name, bp_product_price, bp_product_img_01 FROM bp_products");
if (!empty($_POST)) {
$productName = $_POST['search'];
$productInfo = $_POST['search'];
$productCategory = $_POST['category'];
$minProductPrice = $_POST['minPrice'];
$maxProductPrice = $_POST['maxPrice'];
// echo ($productName . $productInfo . $productCategory . $minProductPrice . $maxProductPrice);
$sqlString = "SELECT bp_product_id, bp_product_name, bp_product_price, bp_product_img_01 FROM bp_products WHERE 22=22";
if (!empty($_POST['search'])) $sqlString .= " AND (bp_product_name LIKE '$productName' OR bp_product_info LIKE '$productInfo')";
if ($productCategory != "empty") $sqlString .= " AND bp_product_category = $productCategory";
if ($minProductPrice != "empty") $sqlString .= " AND bp_product_price >= $minProductPrice";
if ($maxProductPrice != "empty") $sqlString .= " AND bp_product_price <= $maxProductPrice";
echo $sqlString;
} else {
$sqlString = "SELECT bp_product_id, bp_product_name, bp_product_price, bp_product_img_01 FROM bp_products";
$sqlString .= " WHERE (bp_product_name LIKE ? OR bp_product_info LIKE ?)";
$sqlString .= " AND bp_product_category LIKE ?";
$sqlString .= " AND (bp_product_price >= ? AND bp_product_price <= ?);";
echo ($sqlString);
$sql = $con->prepare($sqlString);
$sql->bind_param("ssidd", $productName, $productInfo, $productCategory, $minProductPrice, $maxProductPrice);
echo ($sql);
// $sql->bind_param("ssidd", $productName, $productInfo, $productCategory, $minProductPrice, $maxProductPrice);
} else {
$sql = $con->prepare("SELECT bp_product_id, bp_product_name, bp_product_price, bp_product_img_01 FROM bp_products");
}
$sql->execute();
@ -75,7 +66,7 @@ include_once('parameters.php');
<div class=\"w3-display-topleft w3-black w3-padding\">$bp_product_name</div>
<div class=\"w3-display-bottomright w3-black w3-padding\">$bp_product_price €</div>
<img src=\"img/$bp_product_img_01\" alt=\"House\" style=\"width:100%\">
</div>
</div>
</a>
</div>
");

View File

@ -1,3 +1,5 @@
el fitxer d'inici es el home.php
no he pogut fer un zip ni un 7z, pesa massa
els productes està a la base de dades i estàn lligats a els usuaris del script (ex: jones / jones)

39
login-page.php Normal file
View File

@ -0,0 +1,39 @@
<?php
include_once('header.php');
include_once('parameters.php');
?>
<div class="w3-content w3-padding w3-margin-top" style="max-width:1564px;margin-top:32px">
<!-- Header -->
<header class="w3-display-container w3-content w3-wide" style="max-width:1500px;" id="home">
<img class="w3-image" src="img/banner.jpg" alt="Botiga_php" width="1500" height="400">
<div class="w3-display-middle w3-margin-top w3-center">
<h1 class="w3-xxlarge w3-text-white"><span class="w3-padding w3-black w3-opacity-min"><b>Botiga</b></span> <span class="w3-hide-small w3-text-light-grey">php</span></h1>
</div>
</header>
<div class="w3-container w3-padding-32" id="projects">
<h3 class="w3-border-bottom w3-border-light-grey w3-padding-16">Login</h3>
</div>
<div class="w3-bar w3-margin"></div>
<div class="w3-bar w3-margin"></div>
<div class="w3-row-padding">
<form method="post" action="./login.php">
<label for="username">Username</label><br>
<input type="text" id="username" name="username"><br>
<label for="userpass">Password</label><br>
<input type="text" id="userpass" name="userpass"><br><br>
<input type="submit" value="Submit">
</form>
</div>
</div>
<?php
include('footer.php');
?>

39
login.php Normal file
View File

@ -0,0 +1,39 @@
<?php
include_once('parameters.php');
$username = $_POST['username'];
$userpass = $_POST['userpass'];
//========================================================================================================================================================
// Guardem les dades de lusuari a la bdd
if (loginCheck($username, $userpass, $con)) {
session_start();
$_SESSION['userid']=userDetails($username, $con)['bp_user_id'];
$_SESSION['username']=userDetails($username, $con)['bp_user_name'];
header("Location: ./my-products.php");
} else {
header("Location: ./login-page.php?succes=0");
}
function loginCheck($username, $userpass, $con) {
$sql = $con->prepare("SELECT bp_user_pass FROM bp_users WHERE bp_user_name = ?");
$sql->bind_param("s", $username);
$sql->execute();
$sql->bind_result($encryptedUserpass);
$sql->fetch();
return password_verify($userpass, $encryptedUserpass);
}
function userDetails($username, $con) {
$sql = $con->prepare("SELECT bp_user_id, bp_user_name FROM bp_users WHERE bp_user_name = ?");
$sql->bind_param("s", $username);
$sql->execute();
$sql->bind_result($bp_user_id, $bp_user_name);
$sql->fetch();
return (array("bp_user_id"=>$bp_user_id, "bp_user_name"=>$bp_user_name));
}
?>

98
my-products.php Normal file
View File

@ -0,0 +1,98 @@
<?php
include_once('header.php');
include_once('parameters.php');
session_start();
if (!isset($_SESSION['username'])) {
header("Location: ./home.php");
}
$userid = $_SESSION['userid'];
$username = $_SESSION['username'];
//FILTER BUTTON
// if (isset($_POST['submit'])) {
// $uid = $_POST['uid'];
// $date = $_POST['date'];
// $query = "SELECT * FROM uren WHERE DATUM(post_date)='$date'";
// $respost = mysqli_query($mysqli, $query);
// } else {
// $query = "SELECT * FROM uren";
// $respost = mysqli_query($mysqli, $query);
// }
?>
<div class="w3-content w3-padding w3-margin-top" style="max-width:1564px;margin-top:32px">
<!-- Header -->
<header class="w3-display-container w3-content w3-wide" style="max-width:1500px;" id="home">
<img class="w3-image" src="img/banner.jpg" alt="Botiga_php" width="1500" height="400">
<div class="w3-display-middle w3-margin-top w3-center">
<h1 class="w3-xxlarge w3-text-white"><span class="w3-padding w3-black w3-opacity-min"><b>Botiga</b></span> <span class="w3-hide-small w3-text-light-grey">php</span></h1>
</div>
</header>
<div class="w3-container w3-padding-32" id="projects">
<h3 class="w3-border-bottom w3-border-light-grey w3-padding-16"><?php echo $username . " "?>Products</h3>
</div>
<?php
include_once('form.php');
?>
<div class="w3-bar w3-margin"></div>
<div class="w3-bar w3-margin"></div>
<div class="w3-row-padding">
<?php
if (!empty($_POST)) {
$productName = isset($_POST['search']) ? "%" . $_POST['search'] . "%" : "%%";
$productInfo = isset($_POST['search']) ? "%" . $_POST['search'] . "%" : "%%";
$productCategory = ($_POST['category'] != "empty") ? $_POST['category'] : "%";
$minProductPrice = ($_POST['minPrice'] != "empty") ? $_POST['minPrice'] : 0;
$maxProductPrice = ($_POST['maxPrice'] != "empty") ? $_POST['maxPrice'] : 999999999999999999;
echo ($productName . $productInfo . $productCategory . $minProductPrice . $maxProductPrice);
$sqlString = "SELECT bp_product_id, bp_product_name, bp_product_price, bp_product_img_01 FROM bp_products";
$sqlString .= " WHERE (bp_product_name LIKE ? OR bp_product_info LIKE ?)";
$sqlString .= " AND bp_product_category = ?";
$sqlString .= " AND (bp_product_price >= ? AND bp_product_price <= ?);";
$sql = $con->prepare($sqlString);
$sql->bind_param("ssidd", $productName, $productInfo, $productCategory, $minProductPrice, $maxProductPrice);
} else {
$sqlString = "SELECT bp_product_id, bp_product_name, bp_product_price, bp_product_img_01 FROM bp_products WHERE bp_product_owner = ?";
$sql = $con->prepare($sqlString);
$sql->bind_param("i", $userid);
}
$sql->execute();
$sql->bind_result($bp_product_id, $bp_product_name, $bp_product_price, $bp_product_img_01);
while ($sql->fetch()) {
echo ("
<div class=\"w3-col l3 m6 w3-margin-bottom\">
<a href=\"./productDetail.php?bp_product_id=$bp_product_id\">
<div class=\"w3-display-container\">
<div class=\"w3-display-topleft w3-black w3-padding\">$bp_product_name</div>
<div class=\"w3-display-bottomright w3-black w3-padding\">$bp_product_price €</div>
<img src=\"img/$bp_product_img_01\" alt=\"House\" style=\"width:100%\">
</div>
</a>
</div>
");
}
?>
</div>
</div>
<?php
include('footer.php');
?>

View File

@ -1,4 +1,4 @@
<?php
$con =new mysqli('localhost','admin','admin','botiga_php_db');
$con = new mysqli('localhost','admin','admin','botiga_php_db');
?>

View File

@ -5,14 +5,15 @@ include_once('parameters.php');
if (!(isset($_GET['bp_product_id']))) {
header("Location: home.php");
} else {
$bp_product_id = $_GET['bp_product_id'];
$product_id = $_GET['bp_product_id'];
}
$sqlP = $con->prepare("SELECT * from bp_products where bp_product_id = ?");
$sqlP->bind_param("i", $bp_product_id);
$sqlPString = "SELECT bp_product_name, bp_product_info, bp_product_price, bp_product_category, bp_product_img_01, bp_product_img_02, bp_product_img_03, bp_product_addDate, bp_user_name";
$sqlPString .= " FROM bp_products INNER JOIN bp_users WHERE bp_product_owner = bp_user_id AND bp_product_id = ?";
$sqlP = $con->prepare($sqlPString);
$sqlP->bind_param("i", $product_id);
$sqlP->execute();
$sqlP->bind_result($bp_product_id, $bp_product_name, $bp_product_info, $bp_product_price, $bp_product_category, $bp_product_img_01, $bp_product_img_02, $bp_product_img_03, $bp_product_addDate);
$sqlP->bind_result($product_name, $product_info, $broduct_price, $product_category, $product_img_01, $product_img_02, $product_img_03, $product_addDate, $product_owner_name);
$sqlP->fetch();
@ -28,9 +29,9 @@ $sqlP->fetch();
echo ("
<div class=\"w3-col m5\">
<div class=\"w3-content\" style=\"max-width:800px\">
<img class=\"mySlides\" src=\"img/$bp_product_img_01\" style=\"width:100%\">
<img class=\"mySlides\" src=\"img/$bp_product_img_02\" style=\"width:100%\">
<img class=\"mySlides\" src=\"img/$bp_product_img_03\" style=\"width:100%\">
<img class=\"mySlides\" src=\"img/$product_img_01\" style=\"width:100%\">
<img class=\"mySlides\" src=\"img/$product_img_02\" style=\"width:100%\">
<img class=\"mySlides\" src=\"img/$product_img_03\" style=\"width:100%\">
</div>
<div class=\"w3-center\">
@ -44,9 +45,22 @@ $sqlP->fetch();
</div>
</div>
<div class=\"w3-col m7 w3-padding\">
<h2>$bp_product_name</h2>
<p>$bp_product_info</p>
<div class=\"w3-col m7 w3-padding\" style=\"max-height: 100vh; overflow: auto;\">
<div class=\"w3-display-container\" style=\"height:100%;\">
<div class=\"w3-display-topleft\">
<div class=\"\">
<h2>$product_name</h2>
</div>
<div class=\"\">
<p>$product_info</p>
</div>
</div>
<div class=\"w3-display-bottomright w3-black w3-padding\">
<p>Publisher: &nbsp; &nbsp; $product_owner_name</p>
</div>
</div>
</div>
");

57
register-page.php Normal file
View File

@ -0,0 +1,57 @@
<?php
include_once('header.php');
include_once('parameters.php');
//FILTER BUTTON
// if (isset($_POST['submit'])) {
// $uid = $_POST['uid'];
// $date = $_POST['date'];
// $query = "SELECT * FROM uren WHERE DATUM(post_date)='$date'";
// $respost = mysqli_query($mysqli, $query);
// } else {
// $query = "SELECT * FROM uren";
// $respost = mysqli_query($mysqli, $query);
// }
?>
<div class="w3-content w3-padding w3-margin-top" style="max-width:1564px;margin-top:32px">
<!-- Header -->
<header class="w3-display-container w3-content w3-wide" style="max-width:1500px;" id="home">
<img class="w3-image" src="img/banner.jpg" alt="Botiga_php" width="1500" height="400">
<div class="w3-display-middle w3-margin-top w3-center">
<h1 class="w3-xxlarge w3-text-white"><span class="w3-padding w3-black w3-opacity-min"><b>Botiga</b></span> <span class="w3-hide-small w3-text-light-grey">php</span></h1>
</div>
</header>
<div class="w3-container w3-padding-32" id="projects">
<h3 class="w3-border-bottom w3-border-light-grey w3-padding-16">Register</h3>
</div>
<div class="w3-bar w3-margin"></div>
<div class="w3-bar w3-margin"></div>
<div class="w3-row-padding">
<form method="post" action="./register.php">
<label for="username">Username</label><br>
<input type="text" id="username" name="username"><br>
<label for="userpass">Password</label><br>
<input type="text" id="userpass" name="userpass"><br><br>
<input type="submit" value="Submit">
</form>
<?php
// if (empty($_GET)) {
// }
?>
</div>
</div>
<?php
include('footer.php');
?>

32
register.php Normal file
View File

@ -0,0 +1,32 @@
<?php
include_once('parameters.php');
$username = $_POST['username'];
$userpass = password_hash($_POST['userpass'], PASSWORD_DEFAULT);
//========================================================================================================================================================
// Guardem les dades de lusuari a la bdd
try {
$sql = $con->prepare("INSERT INTO bp_users(bp_user_name, bp_user_pass, bp_user_addDate) VALUES(?, ?, ?);");
$sql->bind_param('sss', $username, $userpass, date("Y-m-d"));
$rs = $sql->execute();
if($rs) {
$response['success'] = true;
} else {
$response['success'] = false;
throw new Exception("Hi ha hagut un error al insertar el registre");
}
// if($rs) {
// echo ("El registre ha estat satisfactori");
// } else {
// echo ("Hi ha hagut un error al insertar el registre");
// }
} catch( Exception $e ) {
$response['message'] = $e->getMessage();
}
echo json_encode($response);
?>