CSY2028-assignment-1/public/listing.php

<?php
session_start();
require_once '../functions.php';
$pageTitle = 'iBuy - Product Listing'; 

$listing = getListing();

$pdo = startDB();
if (isset($_POST['bidSubmit'])) {
    $stmt = $pdo->prepare('INSERT INTO bids(amount, user_id, listing_id)
    VALUES(:amount, :user_id, :listing_id)');
    $values = [
        'amount' => $_POST['bid'],
        'user_id' => $_SESSION['loggedin'],
        'listing_id' => $listing['listing_id']
    ];
    $stmt->execute($values);
}
else if (isset($_POST['reviewSubmit'])) {
    $user = getFirstAllMatches('users', 'email', $listing['email']);

    $stmt = $pdo->prepare('INSERT INTO review (review_user, review_date, review_contents, user_id)
    VALUES (:review_user, :review_date, :review_contents, :user_id)');
    $values = [
        'review_user' => $_SESSION['loggedin'],
        'review_date' => date('Y-m-d H:i:s'),
        'review_contents' => $_POST['reviewtext'],
        'user_id' => $user['user_id']
    ];
    $stmt->execute($values);
}

$pageContent = '<h1>Product Page</h1>
<article class="product">'. populateContent($listing) .'</article>';

require '../layout.php';

checkListing();


function populateContent($listing) {
    $category = getFirstAllMatches('category', 'category_id', $listing['categoryId']);
    $bid = getFirstMatch('bids','MAX(amount)', 'listing_id', $listing['listing_id']);
    $user = getFirstAllMatches('users', 'email', $listing['email']);

    $output = ' <img src="product.png" alt="product name">
    <section class="details">
        <h2>'. $listing['title'] .'</h2>
        <h3>'. $category['name'] .'</h3>
        <p>Auction created by <a href="#">'. $user['first_name'].$user['last_name'] .'</a></p> 
        <p class="price">Current bid: '. $bid['MAX(amount)'] .'</p>
        <time>Time left:'. round((strtotime($listing['endDate']) - strtotime(date('Y-m-d H:i:s')))/60/60,1 ) .' Hours</time>
        <form action="listing.php?listing_id='.$listing['listing_id'].'" class="bid" method="POST">
            <input type="number" step="0.1" name="bid" value="'. $bid['MAX(amount)'] .'" />
            <input name="bidSubmit" type="submit" value="Place Bid" />
        </form>
    </section>
    <section class="description">
    <p>'. $listing['description'] .'</p>


    </section>';

    $output .= '<section class="reviews">
    <h2>Bid History </h2>
    <ul>'. getBids($listing['listing_id']) .'</ul>';

    $output .= '<section class="reviews">
        <h2>Reviews of '. $user['first_name'].$user['last_name'].' </h2>
        <ul>'. getReviews($user['user_id']) .'</ul>

        <form action="listing.php?listing_id='.$listing['listing_id'].'" method="POST">
            <label>Add your review</label> <textarea name="reviewtext"></textarea>
            <input type="submit" name="reviewSubmit" value="Add Review" />
        </form>
    </section>';

    
    if (isset($_SESSION['loggedin'])) {
        if($user['user_id'] === $_SESSION['loggedin']) {
            $output .= '<a href ="account/editAuction.php?listing_id='. $listing['listing_id'] . '">edit</a>';
        }
    }

    return $output;
}

function getReviews($user_id) {
    $reviews = getEveryAllMatches('review', 'user_id', $user_id);
    $output = '';
    foreach ($reviews as &$review) {
        $user = getFirstAllMatches('users', 'user_id', $review['review_user']);
        $output .= '<li><a href="account/userReviews.php?user_id='.$review['review_user'].'">'.$user['first_name'].$user['last_name'].' said </a>'.$review['review_contents'].' <em>'. $review['review_date'] .'</em></li>';
    }

    return $output;
}

function getBids($listing_id){
    $bids = getEveryAllMatches('bids', 'listing_id', $listing_id);
    $output = '';
    foreach ($bids as &$bid) {
        $user = getFirstAllMatches('users', 'user_id', $bid['user_id']);
        $output .= '<li><strong>'.$user['first_name'].$user['last_name'].' bid </strong>'.$bid['amount'].'</li>';
    }
    return $output;
}
?>
first commit 2022-10-22 15:03:47 +00:00			`<?php`
started auction edit capability 2022-11-20 14:20:17 +00:00			`session_start();`
listing only accessible with id 2022-11-20 13:25:26 +00:00			`require_once '../functions.php';`
first commit 2022-10-22 15:03:47 +00:00			`$pageTitle = 'iBuy - Product Listing';`
added reviews and bids 2022-11-20 15:38:33 +00:00
			`$listing = getListing();`

			`$pdo = startDB();`
			`if (isset($_POST['bidSubmit'])) {`
			`$stmt = $pdo->prepare('INSERT INTO bids(amount, user_id, listing_id)`
			`VALUES(:amount, :user_id, :listing_id)');`
			`$values = [`
			`'amount' => $_POST['bid'],`
			`'user_id' => $_SESSION['loggedin'],`
			`'listing_id' => $listing['listing_id']`
			`];`
			`$stmt->execute($values);`
			`}`
			`else if (isset($_POST['reviewSubmit'])) {`
updated query functions 2022-11-20 18:51:17 +00:00			`$user = getFirstAllMatches('users', 'email', $listing['email']);`
added reviews and bids 2022-11-20 15:38:33 +00:00
			`$stmt = $pdo->prepare('INSERT INTO review (review_user, review_date, review_contents, user_id)`
			`VALUES (:review_user, :review_date, :review_contents, :user_id)');`
			`$values = [`
			`'review_user' => $_SESSION['loggedin'],`
final touches 2022-11-20 21:12:58 +00:00			`'review_date' => date('Y-m-d H:i:s'),`
added reviews and bids 2022-11-20 15:38:33 +00:00			`'review_contents' => $_POST['reviewtext'],`
			`'user_id' => $user['user_id']`
			`];`
			`$stmt->execute($values);`
			`}`

first commit 2022-10-22 15:03:47 +00:00			`$pageContent = '<h1>Product Page</h1>`
added reviews and bids 2022-11-20 15:38:33 +00:00			`<article class="product">'. populateContent($listing) .'</article>';`
began populating listings from db 2022-11-15 15:30:12 +00:00
			`require '../layout.php';`

added editAuction functionallity 2022-11-20 14:44:18 +00:00			`checkListing();`
began populating listings from db 2022-11-15 15:30:12 +00:00
added reviews and bids 2022-11-20 15:38:33 +00:00
			`function populateContent($listing) {`
updated query functions 2022-11-20 18:51:17 +00:00			`$category = getFirstAllMatches('category', 'category_id', $listing['categoryId']);`
			`$bid = getFirstMatch('bids','MAX(amount)', 'listing_id', $listing['listing_id']);`
			`$user = getFirstAllMatches('users', 'email', $listing['email']);`
began populating listings from db 2022-11-15 15:30:12 +00:00
			`$output = ' <img src="product.png" alt="product name">`
			`<section class="details">`
updated db info 2022-11-16 19:25:32 +00:00			`<h2>'. $listing['title'] .'</h2>`
made code constrained to brief db spec 2022-11-16 19:17:35 +00:00			`<h3>'. $category['name'] .'</h3>`
fully populated listings by db 2022-11-15 15:38:46 +00:00			`<p>Auction created by <a href="#">'. $user['first_name'].$user['last_name'] .'</a></p>`
			`<p class="price">Current bid: '. $bid['MAX(amount)'] .'</p>`
added editAuction functionallity 2022-11-20 14:44:18 +00:00			`<time>Time left:'. round((strtotime($listing['endDate']) - strtotime(date('Y-m-d H:i:s')))/60/60,1 ) .' Hours</time>`
added reviews and bids 2022-11-20 15:38:33 +00:00			`<form action="listing.php?listing_id='.$listing['listing_id'].'" class="bid" method="POST">`
			`<input type="number" step="0.1" name="bid" value="'. $bid['MAX(amount)'] .'" />`
			`<input name="bidSubmit" type="submit" value="Place Bid" />`
began populating listings from db 2022-11-15 15:30:12 +00:00			`</form>`
			`</section>`
			`<section class="description">`
made code constrained to brief db spec 2022-11-16 19:17:35 +00:00			`<p>'. $listing['description'] .'</p>`
began populating listings from db 2022-11-15 15:30:12 +00:00

added reviews and bids 2022-11-20 15:38:33 +00:00			`</section>';`
began populating listings from db 2022-11-15 15:30:12 +00:00
updated query functions 2022-11-20 18:51:17 +00:00			`$output .= '<section class="reviews">`
			`<h2>Bid History </h2>`
			`<ul>'. getBids($listing['listing_id']) .'</ul>';`

added reviews and bids 2022-11-20 15:38:33 +00:00			`$output .= '<section class="reviews">`
			`<h2>Reviews of '. $user['first_name'].$user['last_name'].' </h2>`
			`<ul>'. getReviews($user['user_id']) .'</ul>`
began populating listings from db 2022-11-15 15:30:12 +00:00
added reviews and bids 2022-11-20 15:38:33 +00:00			`<form action="listing.php?listing_id='.$listing['listing_id'].'" method="POST">`
began populating listings from db 2022-11-15 15:30:12 +00:00			`<label>Add your review</label> <textarea name="reviewtext"></textarea>`
added reviews and bids 2022-11-20 15:38:33 +00:00			`<input type="submit" name="reviewSubmit" value="Add Review" />`
began populating listings from db 2022-11-15 15:30:12 +00:00			`</form>`
			`</section>';`

added reviews and bids 2022-11-20 15:38:33 +00:00
corrected reviews 2022-11-20 15:48:33 +00:00			`if (isset($_SESSION['loggedin'])) {`
			`if($user['user_id'] === $_SESSION['loggedin']) {`
			`$output .= '<a href ="account/editAuction.php?listing_id='. $listing['listing_id'] . '">edit</a>';`
			`}`
started auction edit capability 2022-11-20 14:20:17 +00:00			`}`

began populating listings from db 2022-11-15 15:30:12 +00:00			`return $output;`
			`}`
added reviews and bids 2022-11-20 15:38:33 +00:00
			`function getReviews($user_id) {`
updated query functions 2022-11-20 18:51:17 +00:00			`$reviews = getEveryAllMatches('review', 'user_id', $user_id);`
added reviews and bids 2022-11-20 15:38:33 +00:00			`$output = '';`
			`foreach ($reviews as &$review) {`
updated query functions 2022-11-20 18:51:17 +00:00			`$user = getFirstAllMatches('users', 'user_id', $review['review_user']);`
final touches 2022-11-20 21:12:58 +00:00			`$output .= '<li><a href="account/userReviews.php?user_id='.$review['review_user'].'">'.$user['first_name'].$user['last_name'].' said </a>'.$review['review_contents'].' <em>'. $review['review_date'] .'</em></li>';`
added reviews and bids 2022-11-20 15:38:33 +00:00			`}`
corrected reviews 2022-11-20 15:48:33 +00:00
			`return $output;`
added reviews and bids 2022-11-20 15:38:33 +00:00			`}`

updated query functions 2022-11-20 18:51:17 +00:00			`function getBids($listing_id){`
			`$bids = getEveryAllMatches('bids', 'listing_id', $listing_id);`
			`$output = '';`
			`foreach ($bids as &$bid) {`
			`$user = getFirstAllMatches('users', 'user_id', $bid['user_id']);`
			`$output .= '<li><strong>'.$user['first_name'].$user['last_name'].' bid </strong>'.$bid['amount'].'</li>';`
			`}`
			`return $output;`
			`}`
removed todo 2022-11-20 18:52:10 +00:00			`?>`