CSY2028-assignment-1/functions.php

<?php
function fetchCats() { //get all categories
	$cats = executeQueryWithoutConstraint('category','*')->fetchAll();
    return $cats;
}

function adminCheck() { //check to see if user is logged in as admin
	if(isset($_SESSION['admin'])) {
		if($_SESSION['admin'] != 'y') {
			echo '<script>window.location.href = "../index.php";</script>'; //redirect
		}
	}
	else {
		echo'<script>window.location.href = "../index.php";</script>'; //redirect
	}
}

function startDB() { //Create a db connection
	// Code for connecting to the database from https://www.sitepoint.com/re-introducing-pdo-the-right-way-to-access-databases-in-php/
	$server = 'mysql';
	$username = 'student';
	$password = 'student';
	$schema = 'assignment1';
	$pdo = new PDO('mysql:dbname=' . $schema . ';host=' . $server, $username, $password);
	return $pdo;
}

function checkListing() { //check if the get variables contains listing_id
	if (!isset($_GET['listing_id'])) {
		echo '<script>window.location.href = "index.php";</script>';
	}
}

function checkId() { //check if the get variables contains user_id
	if (!isset($_GET['user_id'])) {
		echo '<script>window.location.href = "index.php";</script>';
	}
}

function getListing() { //get listing that matches listing_id stored in the get variables
	return getFirstAllMatches('auction', 'listing_id', $_GET['listing_id']);
}

function populateCatSelect() { //Populate a select input with all categories
    $cats = fetchCats();
    $output = '';
	foreach ($cats as &$cat) {
	    $output .= '<option value="'. $cat['category_id'] .'">'. $cat['name'] .'</option>';
    }
    return $output;
}

function executeQuery($tableName, $colName, $constraintCol, $constraint) { //execute a SELECT query that takes one constraint and one column name
	$pdo = startDB();
	$stmt = $pdo->prepare('SELECT '. $colName .' FROM '.$tableName.' WHERE '. $constraintCol .' = :constraint');
	$values = [
		'constraint' => $constraint
	];
	$stmt->execute($values);
	return $stmt;
}

function executeQueryWithoutConstraint($tableName, $colName) { //execute a SELECT query with no constraint and one column name
	$pdo = startDB();
	$stmt = $pdo->prepare('SELECT'.$colName.'FROM '.$tableName);
	$stmt->execute();
	return $stmt;
}

function getFirstMatch($tableName, $colName, $constraintCol, $constraint){ //return the first match of an executeQuery
	return executeQuery($tableName, $colName, $constraintCol, $constraint)->fetch();
}

function getEveryMatch($tableName, $colName, $constraintCol, $constraint){ //return every match of an executeQuery
	return executeQuery($tableName, $colName, $constraintCol, $constraint)->fetchAll();
}

function executeAllQuery($tableName, $constraintCol, $constraint) { //execute a SELECT query with one constraint and all columns
	return executeQuery($tableName, '*', $constraintCol, $constraint);
}

function getEveryAllMatches($tableName, $constraintCol, $constraint) { //return every match of an executeALlQuery
	return executeAllQuery($tableName, $constraintCol, $constraint)->fetchAll();
}

function getFirstAllMatches($tableName, $constraintCol, $constraint) { //return the first match of an executeAllQuery
	return executeAllQuery($tableName, $constraintCol, $constraint)->fetch();
}

function imageUpload($name) { //Code for uploading an image. Modified from https://www.w3schools.com/php/php_file_upload.asp
	$imgDir = 'public/images/auctions/';
	$file = $imgDir . $name;
	$okFlag = true;
	$fileType = strtolower($_FILES['auctionImg']['type']);

	//check if file is actually an image
	if(isset($_POST['submit'])) {
		$sizeCheck = getimagesize($_FILES['auctionImg']['tmp_name']);
		if (!$sizeCheck) {
			$okFlag = false;
            echo 'not an image';
		}
	}

	//check if file exists
	if(file_exists($file)) {
		$okFlag = false;
        echo 'already exists';
	}

	if($_FILES['auctionImg']['size'] > 10000000) {
		$okFlag = false;
        echo 'too big';
	}

	//check filetypes
	$types = array('image/jpg','image/png','image/jpeg','image/gif');
	if(!in_array($fileType, $types)) {
		$okFlag = false;
        echo 'wrong type';
	}

	if($okFlag) {
		if (move_uploaded_file($_FILES['auctionImg']['tmp_name'], '../../'.$file)) {
			return true;
		}
		else {
			echo '<p>There was an error uploading your image</p>';
			return false;
		}
	}
	else {
		echo '<p>There was an error uploading your image</p>';
        return false;
	}
}

function addUser($adminFlag) {
    $pdo = startDB();

    $stmt = $pdo->prepare('INSERT INTO users (first_name, last_name, email, password, admin)
    VALUES (:first_name, :last_name, :email, :password, :admin)');
	if ($adminFlag) {
		$values = [
        	'first_name' => $_POST['first_name'],
        	'last_name' => $_POST['last_name'],
        	'email' => $_POST['email'],
        	'admin' => 'y',
        	'password' => password_hash($_POST['password'], PASSWORD_DEFAULT)
    	];
	}
	else {
    	$values = [
        	'first_name' => $_POST['first_name'],
        	'last_name' => $_POST['last_name'],
        	'email' => $_POST['email'],
        	'admin' => 'n',
        	'password' => password_hash($_POST['password'], PASSWORD_DEFAULT)
    ];
	}
    $stmt->execute($values);
}
?>
added adminCategories 2022-11-16 13:27:51 +00:00			`<?php`
comments 2022-11-20 21:33:42 +00:00			`function fetchCats() { //get all categories`
updated query functions 2022-11-20 18:51:17 +00:00			`$cats = executeQueryWithoutConstraint('category','*')->fetchAll();`
added adminCategories 2022-11-16 13:27:51 +00:00			`return $cats;`
corrections 2022-11-16 19:00:51 +00:00			`}`
addCategory page 2022-11-19 15:38:26 +00:00
comments 2022-11-20 21:33:42 +00:00			`function adminCheck() { //check to see if user is logged in as admin`
addCategory page 2022-11-19 15:38:26 +00:00			`if(isset($_SESSION['admin'])) {`
			`if($_SESSION['admin'] != 'y') {`
comments 2022-11-20 21:33:42 +00:00			`echo '<script>window.location.href = "../index.php";</script>'; //redirect`
addCategory page 2022-11-19 15:38:26 +00:00			`}`
			`}`
			`else {`
comments 2022-11-20 21:33:42 +00:00			`echo'<script>window.location.href = "../index.php";</script>'; //redirect`
addCategory page 2022-11-19 15:38:26 +00:00			`}`
			`}`
updated pdo 2022-11-20 13:20:58 +00:00
comments 2022-11-20 21:33:42 +00:00			`function startDB() { //Create a db connection`
			`// Code for connecting to the database from https://www.sitepoint.com/re-introducing-pdo-the-right-way-to-access-databases-in-php/`
updated pdo 2022-11-20 13:20:58 +00:00			`$server = 'mysql';`
			`$username = 'student';`
			`$password = 'student';`
			`$schema = 'assignment1';`
			`$pdo = new PDO('mysql:dbname=' . $schema . ';host=' . $server, $username, $password);`
			`return $pdo;`
			`}`
added editAuction functionallity 2022-11-20 14:44:18 +00:00
comments 2022-11-20 21:33:42 +00:00			`function checkListing() { //check if the get variables contains listing_id`
added editAuction functionallity 2022-11-20 14:44:18 +00:00			`if (!isset($_GET['listing_id'])) {`
			`echo '<script>window.location.href = "index.php";</script>';`
			`}`
			`}`

comments 2022-11-20 21:33:42 +00:00			`function checkId() { //check if the get variables contains user_id`
final touches 2022-11-20 21:12:58 +00:00			`if (!isset($_GET['user_id'])) {`
			`echo '<script>window.location.href = "index.php";</script>';`
			`}`
			`}`

comments 2022-11-20 21:33:42 +00:00			`function getListing() { //get listing that matches listing_id stored in the get variables`
updated query functions 2022-11-20 18:51:17 +00:00			`return getFirstAllMatches('auction', 'listing_id', $_GET['listing_id']);`
added editAuction functionallity 2022-11-20 14:44:18 +00:00			`}`

comments 2022-11-20 21:33:42 +00:00			`function populateCatSelect() { //Populate a select input with all categories`
added editAuction functionallity 2022-11-20 14:44:18 +00:00			`$cats = fetchCats();`
			`$output = '';`
			`foreach ($cats as &$cat) {`
			`$output .= '<option value="'. $cat['category_id'] .'">'. $cat['name'] .'</option>';`
			`}`
			`return $output;`
			`}`
updated query functions 2022-11-20 18:51:17 +00:00
comments 2022-11-20 21:33:42 +00:00			`function executeQuery($tableName, $colName, $constraintCol, $constraint) { //execute a SELECT query that takes one constraint and one column name`
updated query functions 2022-11-20 18:51:17 +00:00			`$pdo = startDB();`
			`$stmt = $pdo->prepare('SELECT '. $colName .' FROM '.$tableName.' WHERE '. $constraintCol .' = :constraint');`
			`$values = [`
			`'constraint' => $constraint`
			`];`
			`$stmt->execute($values);`
			`return $stmt;`
			`}`

comments 2022-11-20 21:33:42 +00:00			`function executeQueryWithoutConstraint($tableName, $colName) { //execute a SELECT query with no constraint and one column name`
updated query functions 2022-11-20 18:51:17 +00:00			`$pdo = startDB();`
			`$stmt = $pdo->prepare('SELECT'.$colName.'FROM '.$tableName);`
			`$stmt->execute();`
			`return $stmt;`
			`}`

comments 2022-11-20 21:33:42 +00:00			`function getFirstMatch($tableName, $colName, $constraintCol, $constraint){ //return the first match of an executeQuery`
updated query functions 2022-11-20 18:51:17 +00:00			`return executeQuery($tableName, $colName, $constraintCol, $constraint)->fetch();`
			`}`

comments 2022-11-20 21:33:42 +00:00			`function getEveryMatch($tableName, $colName, $constraintCol, $constraint){ //return every match of an executeQuery`
updated query functions 2022-11-20 18:51:17 +00:00			`return executeQuery($tableName, $colName, $constraintCol, $constraint)->fetchAll();`
			`}`

comments 2022-11-20 21:33:42 +00:00			`function executeAllQuery($tableName, $constraintCol, $constraint) { //execute a SELECT query with one constraint and all columns`
updated query functions 2022-11-20 18:51:17 +00:00			`return executeQuery($tableName, '*', $constraintCol, $constraint);`
			`}`

comments 2022-11-20 21:33:42 +00:00			`function getEveryAllMatches($tableName, $constraintCol, $constraint) { //return every match of an executeALlQuery`
updated query functions 2022-11-20 18:51:17 +00:00			`return executeAllQuery($tableName, $constraintCol, $constraint)->fetchAll();`
			`}`

comments 2022-11-20 21:33:42 +00:00			`function getFirstAllMatches($tableName, $constraintCol, $constraint) { //return the first match of an executeAllQuery`
updated query functions 2022-11-20 18:51:17 +00:00			`return executeAllQuery($tableName, $constraintCol, $constraint)->fetch();`
			`}`

added delete button to editAuction 2022-11-20 20:14:56 +00:00			`function imageUpload($name) { //Code for uploading an image. Modified from https://www.w3schools.com/php/php_file_upload.asp`
added image upload 2022-11-20 19:58:30 +00:00			`$imgDir = 'public/images/auctions/';`
			`$file = $imgDir . $name;`
			`$okFlag = true;`
			`$fileType = strtolower($_FILES['auctionImg']['type']);`

			`//check if file is actually an image`
			`if(isset($_POST['submit'])) {`
			`$sizeCheck = getimagesize($_FILES['auctionImg']['tmp_name']);`
			`if (!$sizeCheck) {`
			`$okFlag = false;`
			`echo 'not an image';`
			`}`
			`}`

			`//check if file exists`
			`if(file_exists($file)) {`
			`$okFlag = false;`
			`echo 'already exists';`
			`}`
updated query functions 2022-11-20 18:51:17 +00:00
added image upload 2022-11-20 19:58:30 +00:00			`if($_FILES['auctionImg']['size'] > 10000000) {`
			`$okFlag = false;`
			`echo 'too big';`
			`}`
updated query functions 2022-11-20 18:51:17 +00:00
added image upload 2022-11-20 19:58:30 +00:00			`//check filetypes`
			`$types = array('image/jpg','image/png','image/jpeg','image/gif');`
			`if(!in_array($fileType, $types)) {`
			`$okFlag = false;`
			`echo 'wrong type';`
			`}`
updated query functions 2022-11-20 18:51:17 +00:00
added image upload 2022-11-20 19:58:30 +00:00			`if($okFlag) {`
			`if (move_uploaded_file($_FILES['auctionImg']['tmp_name'], '../../'.$file)) {`
			`return true;`
			`}`
			`else {`
			`echo '<p>There was an error uploading your image</p>';`
			`return false;`
			`}`
			`}`
			`else {`
			`echo '<p>There was an error uploading your image</p>';`
			`return false;`
			`}`
			`}`
final touches 2022-11-20 21:12:58 +00:00
			`function addUser($adminFlag) {`
			`$pdo = startDB();`

			`$stmt = $pdo->prepare('INSERT INTO users (first_name, last_name, email, password, admin)`
			`VALUES (:first_name, :last_name, :email, :password, :admin)');`
			`if ($adminFlag) {`
			`$values = [`
			`'first_name' => $_POST['first_name'],`
			`'last_name' => $_POST['last_name'],`
			`'email' => $_POST['email'],`
			`'admin' => 'y',`
			`'password' => password_hash($_POST['password'], PASSWORD_DEFAULT)`
			`];`
			`}`
			`else {`
			`$values = [`
			`'first_name' => $_POST['first_name'],`
			`'last_name' => $_POST['last_name'],`
			`'email' => $_POST['email'],`
			`'admin' => 'n',`
			`'password' => password_hash($_POST['password'], PASSWORD_DEFAULT)`
			`];`
			`}`
			`$stmt->execute($values);`
			`}`
corrections 2022-11-16 19:00:51 +00:00			`?>`