r0r-5chach/CSY2028-assignment-1
r0r-5chach
/
CSY2028-assignment-1
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added image upload

This commit is contained in:
Joshua Perry 2022-11-20 19:58:30 +00:00
parent 3cb8956637
commit 2a819d575e
7 changed files with 94 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
functions.php
View File

@ -84,7 +84,51 @@ function getFirstAllMatches($tableName, $constraintCol, $constraint) {
return executeAllQuery($tableName, $constraintCol, $constraint)->fetch(); return executeAllQuery($tableName, $constraintCol, $constraint)->fetch();
} }
function imageUpload($name) {
$imgDir = 'public/images/auctions/';
$file = $imgDir . $name;
$okFlag = true;
$fileType = strtolower($_FILES['auctionImg']['type']);
//check if file is actually an image
if(isset($_POST['submit'])) {
$sizeCheck = getimagesize($_FILES['auctionImg']['tmp_name']);
if (!$sizeCheck) {
$okFlag = false;
echo 'not an image';
}
}
//check if file exists
if(file_exists($file)) {
$okFlag = false;
echo 'already exists';
}
if($_FILES['auctionImg']['size'] > 10000000) {
$okFlag = false;
echo 'too big';
}
//check filetypes
$types = array('image/jpg','image/png','image/jpeg','image/gif');
if(!in_array($fileType, $types)) {
$okFlag = false;
echo 'wrong type';
}
if($okFlag) {
if (move_uploaded_file($_FILES['auctionImg']['tmp_name'], '../../'.$file)) {
return true;
}
else {
echo '<p>There was an error uploading your image</p>';
return false;
}
}
else {
echo '<p>There was an error uploading your image</p>';
return false;
}
}
?> ?>

35
public/account/addAuction.php
View File

@ -10,31 +10,34 @@ if (!isset($_SESSION['loggedin'])) {
require_once '../../functions.php'; require_once '../../functions.php';
$pageContent = '<h1>Add auction</h1> $pageContent = '<h1>Add auction</h1>
<form action="addAuction.php" method="POST"> <form action="addAuction.php" method="POST" enctype="multipart/form-data">
<label>Title</label> <input name="title" type="text" placeholder="Auction Title"/> <label>Title</label> <input name="title" type="text" placeholder="Auction Title"/>
<label>Category</label> <select name="category" style="width:420px; margin-bottom: 10px;">'. populateCatSelect() .'</select> <label>Category</label> <select name="category" style="width:420px; margin-bottom: 10px;">'. populateCatSelect() .'</select>
<label>End Date</label> <input name="endDate" type="date"/> <label>End Date</label> <input name="endDate" type="date"/>
<label>Description</label> <textarea name="description" style="width: 438px; height: 249px;" placeholder="description"></textarea> <label>Description</label> <textarea name="description" style="width: 438px; height: 249px;" placeholder="description"></textarea>
<label>Image</label> <input type="file" name="auctionImg"/>
<input name="submit" type="submit" value="Submit" style="margin-top: 10px;"/> <input name="submit" type="submit" value="Submit" style="margin-top: 10px;"/>
</form>'; </form>';
require '../../layout.php'; require '../../layout.php';
if (isset($_POST['submit'])) { if (isset($_POST['submit'])) {
$user = getFirstAllMatches('users', 'user_id', $_SESSION['loggedin']); if(imageUpload($_POST['title'].$_POST['endDate'])) {
$user = getFirstAllMatches('users', 'user_id', $_SESSION['loggedin']);
$pdo = startDB(); $pdo = startDB();
$stmt = $pdo->prepare('INSERT INTO auction (title, description, endDate, categoryId, email) $stmt = $pdo->prepare('INSERT INTO auction (title, description, endDate, categoryId, email, imgUrl)
VALUES (:title, :description, :endDate, :categoryID, :email)'); VALUES (:title, :description, :endDate, :categoryID, :email, :imgUrl)');
$values = [
'title' => $_POST['title'], $values = [
'description' => $_POST['description'], 'title' => $_POST['title'],
'endDate' => $_POST['endDate'], 'description' => $_POST['description'],
'categoryID' => intval($_POST['category']), 'endDate' => $_POST['endDate'],
'email' => $user['email'] 'categoryID' => intval($_POST['category']),
]; 'email' => $user['email'],
$stmt->execute($values); 'imgUrl' => 'public/images/auctions/'.$_POST['title'].$_POST['endDate']
echo '<p>Successful Post</p>'; ];
$stmt->execute($values);
echo '<p>Successful Post</p>';
}
} }
?> ?>

27
public/account/editAuction.php
View File

@ -8,26 +8,31 @@ $pdo = startDB();
$listing = getListing(); $listing = getListing();
$pageContent = '<h1>Edit Auction</h1> $pageContent = '<h1>Edit Auction</h1>
<form action="editAuction.php?listing_id='.$listing['listing_id'].'" method="POST"> <form action="editAuction.php?listing_id='.$listing['listing_id'].'" method="POST" enctype="multipart/form-data">
<label>Title</label> <input name="title" type="text" placeholder="'. $listing['title'] .'"/> <label>Title</label> <input name="title" type="text" placeholder="'. $listing['title'] .'"/>
<label>Category</label> <select name="category" style="width:420px; margin-bottom: 10px;">'. populateCatSelect() .'</select> <label>Category</label> <select name="category" style="width:420px; margin-bottom: 10px;">'. populateCatSelect() .'</select>
<label>End Date</label> <input name="endDate" type="date"/> <label>End Date</label> <input name="endDate" type="date"/>
<label>Description</label> <textarea name="description" style="width: 438px; height: 249px;" placeholder="'. $listing['description'] .'"></textarea> <label>Description</label> <textarea name="description" style="width: 438px; height: 249px;" placeholder="'. $listing['description'] .'"></textarea>
<label>Image</label> <input type="file" name="auctionImg"/>
<input name="submit" type="submit" value="Submit" style="margin-top: 10px;"/> <input name="submit" type="submit" value="Submit" style="margin-top: 10px;"/>
</form>'; </form>';
require '../../layout.php'; require '../../layout.php';
if(isset($_POST['submit'])) { if(isset($_POST['submit'])) {
$stmt = $pdo->prepare('UPDATE auction SET title = :title, categoryId = :categoryId, endDate = :endDate, description = :description WHERE listing_id = :listing_id'); if(imageUpload($_POST['title'].$_POST['endDate'])) {
$values = [
'title' => $_POST['title'], $stmt = $pdo->prepare('UPDATE auction SET title = :title, categoryId = :categoryId, endDate = :endDate, description = :description, imgUrl = :imgUrl WHERE listing_id = :listing_id');
'categoryId' => intval($_POST['category']), $values = [
'endDate' => $_POST['endDate'], 'title' => $_POST['title'],
'description' => $_POST['description'], 'categoryId' => intval($_POST['category']),
'listing_id' => $listing['listing_id'] 'endDate' => $_POST['endDate'],
]; 'description' => $_POST['description'],
$stmt->execute($values); 'listing_id' => $listing['listing_id'],
echo '<script>window.location.href = "../listing.php?listing_id='.$listing['listing_id'].'";</script>'; 'imgUrl' => 'public/images/auctions/'.$_POST['title'].$_POST['endDate']
];
$stmt->execute($values);
echo '<script>window.location.href = "../listing.php?listing_id='.$listing['listing_id'].'";</script>';
}
} }
?> ?>

3
public/admin/editCategory.php
View File

@ -3,10 +3,11 @@ session_start();
$pageTitle = ''; $pageTitle = '';
$stylesheet = '../assets/ibuy.css'; $stylesheet = '../assets/ibuy.css';
require_once '../../functions.php'; require_once '../../functions.php';
$cat = getFirstAllMatches('category', 'category_id', $_GET['category_id']);
adminCheck(); adminCheck();
$pageContent = '<h1> Edit Category</h1> $pageContent = '<h1> Edit Category</h1>
<form action="editCategory.php" method="POST"> <form action="editCategory.php" method="POST">
<label>Name</label> <input name="name" type="text" placeholder="name"/> <label>Name</label> <input name="name" type="text" placeholder="'.$cat.'"/>
<input name="submit" type="submit" value="Submit" /> <input name="submit" type="submit" value="Submit" />
</form>'; </form>';
require '../../layout.php'; require '../../layout.php';

BIN
public/images/auctions/asdasdasd2022-11-30 Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 592 KiB

11
public/index.php
View File

@ -24,6 +24,7 @@ function populateList($category) {
$stmt = $pdo->prepare('SELECT * FROM auction WHERE endDate > "'. date("Y-m-d H:i:s"). '" ORDER BY endDate ASC'); $stmt = $pdo->prepare('SELECT * FROM auction WHERE endDate > "'. date("Y-m-d H:i:s"). '" ORDER BY endDate ASC');
$stmt->execute(); $stmt->execute();
$listings = $stmt->fetchAll(); $listings = $stmt->fetchAll();
$count = 10;
} }
else { else {
$stmt = $pdo->prepare('SELECT * FROM auction WHERE categoryId = (SELECT category_id FROM category WHERE name = :listing_category)'); $stmt = $pdo->prepare('SELECT * FROM auction WHERE categoryId = (SELECT category_id FROM category WHERE name = :listing_category)');
@ -39,7 +40,7 @@ function populateList($category) {
$bid = getFirstMatch('bids','MAX(amount)', 'listing_id', $listing['listing_id']); $bid = getFirstMatch('bids','MAX(amount)', 'listing_id', $listing['listing_id']);
$output .= '<li> $output .= '<li>
<img src="assets/product.png" alt="product name"> <img src="'.$listing['imgUrl'].'" alt="product name">
<article> <article>
<h2>'. $listing['title'] .'</h2> <h2>'. $listing['title'] .'</h2>
<h3>'. $listing['categoryId'] .'</h3> <h3>'. $listing['categoryId'] .'</h3>
@ -48,6 +49,14 @@ function populateList($category) {
<a href="listing.php?listing_id='. $listing['listing_id'] .'" class="more auctionLink">More &gt;&gt;</a> <a href="listing.php?listing_id='. $listing['listing_id'] .'" class="more auctionLink">More &gt;&gt;</a>
</article> </article>
</li>'; </li>';
if ($category === 'Latest Listings') {
$count -= 1;
if ($count <= 0) {
break;
}
}
} }
return $output; return $output;
} }

3
todo.txt Normal file
View File

@ -0,0 +1,3 @@
//TODO: upload images
//TODO: Delete auction button on the editAuction page;
//TODO: userReviews, addAdmin, manageAdmin, search