From 53dd39f0654c5d9735068c9ff1883c17b4dbf9f1 Mon Sep 17 00:00:00 2001
From: Joshua Perry <45966243+jpez-development@users.noreply.github.com>
Date: Wed, 2 Nov 2022 15:39:55 +0000
Subject: [PATCH 01/10] register page created an linked to db
---
layout.php | 31 ++++++++++++++++++++----------
public/account/login.php | 32 +++++++++++++++++++++++++++++++
public/account/register.php | 38 +++++++++++++++++++++++++++++++++++++
3 files changed, 91 insertions(+), 10 deletions(-)
diff --git a/layout.php b/layout.php
index 7917cb1..a1ff871 100644
--- a/layout.php
+++ b/layout.php
@@ -1,3 +1,13 @@
+Logout';
+}
+else {
+ $logButton = 'href="account/login.php">Login';
+}
+?>
+
@@ -6,29 +16,30 @@
echo $pageTitle
?>
-
Click here to register
+ Login
+ ';
+$stylesheet = '../assets/ibuy.css';
+require '../../layout.php';
+$server = 'mysql';
+ $username = 'student';
+ $password = 'student';
+ $schema = 'ibuy';
+ $pdo = new PDO('mysql:dbname=' . $schema . ';host=' . $server, $username, $password);
+if (isset($_POST['submit'])) {
+ $stmt = $pdo->prepare('SELECT * FROM users WHERE email = :email');
+ $values = [
+ 'email' => $_POST['email']
+ ];
+ $stmt->execute($values);
+ $user = $stmt->fetch();
+ if (password_verify($_POST['password'], $user['password'])) {
+ $_SESSION['loggedin'] = $user['user_id'];
+ echo'Successful login
';
+ }
+ else {
+ echo 'Unsuccessful Login
';
+ }
+}
+?>
\ No newline at end of file
diff --git a/public/account/register.php b/public/account/register.php
index e69de29..6e35b28 100644
--- a/public/account/register.php
+++ b/public/account/register.php
@@ -0,0 +1,38 @@
+prepare('INSERT INTO users (first_name, last_name, email, password)
+ VALUES (:first_name, :last_name, :email, :password)');
+ $values = [
+ 'first_name' => $_POST['first_name'],
+ 'last_name' => $_POST['last_name'],
+ 'email' => $_POST['email'],
+ 'password' => password_hash($_POST['password'], PASSWORD_DEFAULT)
+ ];
+ $stmt->execute($values);
+}
+
+$pageTitle = 'iBuy - Register';
+$pageContent = 'Already have an account?Click here to Login
+ Register
+ ';
+require '../../layout.php';
+
+
+if (isset($_POST['submit'])) {
+ addUser();
+ echo 'Successful account creation
';
+}
+?>
\ No newline at end of file
From 9555852f388529f99ec41bd52bd07fdcde9ab2e2 Mon Sep 17 00:00:00 2001
From: Joshua Perry <45966243+jpez-development@users.noreply.github.com>
Date: Wed, 2 Nov 2022 15:46:47 +0000
Subject: [PATCH 02/10] logout page created
---
public/account/logout.php | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/public/account/logout.php b/public/account/logout.php
index e69de29..af49c50 100644
--- a/public/account/logout.php
+++ b/public/account/logout.php
@@ -0,0 +1,6 @@
+Logged Out';
+?>
\ No newline at end of file
From 8e12409b5a9b44dec2783c2391bb45f7ae61f95f Mon Sep 17 00:00:00 2001
From: Joshua Perry <45966243+jpez-development@users.noreply.github.com>
Date: Wed, 2 Nov 2022 22:36:20 +0000
Subject: [PATCH 03/10] updated insert query
---
public/account/register.php | 5 +++--
public/account/settings.php | 0
2 files changed, 3 insertions(+), 2 deletions(-)
create mode 100644 public/account/settings.php
diff --git a/public/account/register.php b/public/account/register.php
index 6e35b28..0eead8b 100644
--- a/public/account/register.php
+++ b/public/account/register.php
@@ -7,12 +7,13 @@ function addUser() {
$schema = 'ibuy';
$pdo = new PDO('mysql:dbname=' . $schema . ';host=' . $server, $username, $password);
- $stmt = $pdo->prepare('INSERT INTO users (first_name, last_name, email, password)
- VALUES (:first_name, :last_name, :email, :password)');
+ $stmt = $pdo->prepare('INSERT INTO users (first_name, last_name, email, password, admin)
+ VALUES (:first_name, :last_name, :email, :password, :admin)');
$values = [
'first_name' => $_POST['first_name'],
'last_name' => $_POST['last_name'],
'email' => $_POST['email'],
+ 'admin' => 'n',
'password' => password_hash($_POST['password'], PASSWORD_DEFAULT)
];
$stmt->execute($values);
diff --git a/public/account/settings.php b/public/account/settings.php
new file mode 100644
index 0000000..e69de29
From f8e8bfe05436913f3ad065224868add4ea93f6cb Mon Sep 17 00:00:00 2001
From: Joshua Perry <45966243+jpez-development@users.noreply.github.com>
Date: Tue, 15 Nov 2022 13:40:18 +0000
Subject: [PATCH 04/10] added admin check on login
---
public/account/login.php | 3 +++
1 file changed, 3 insertions(+)
diff --git a/public/account/login.php b/public/account/login.php
index 8afbb39..daeb564 100644
--- a/public/account/login.php
+++ b/public/account/login.php
@@ -24,6 +24,9 @@ if (isset($_POST['submit'])) {
if (password_verify($_POST['password'], $user['password'])) {
$_SESSION['loggedin'] = $user['user_id'];
echo'Successful login
';
+ if ($user['admin'] === 'y') {
+ $_SESSION['loggedin'] = 'y';
+ }
}
else {
echo 'Unsuccessful Login
';
From ecd8c35b8a23e251d5bf6c341d95828a8026ea5e Mon Sep 17 00:00:00 2001
From: Joshua Perry <45966243+jpez-development@users.noreply.github.com>
Date: Tue, 15 Nov 2022 13:59:42 +0000
Subject: [PATCH 05/10] Nav bar now populates from categories db table
---
layout.php | 20 +++++++++++++-------
public/account/login.php | 8 ++++----
2 files changed, 17 insertions(+), 11 deletions(-)
diff --git a/layout.php b/layout.php
index a1ff871..1a07b63 100644
--- a/layout.php
+++ b/layout.php
@@ -32,13 +32,19 @@ else {
diff --git a/public/account/login.php b/public/account/login.php
index daeb564..66b2853 100644
--- a/public/account/login.php
+++ b/public/account/login.php
@@ -10,10 +10,10 @@ $pageContent = 'Don\'t have an account?Click here to
$stylesheet = '../assets/ibuy.css';
require '../../layout.php';
$server = 'mysql';
- $username = 'student';
- $password = 'student';
- $schema = 'ibuy';
- $pdo = new PDO('mysql:dbname=' . $schema . ';host=' . $server, $username, $password);
+$username = 'student';
+$password = 'student';
+$schema = 'ibuy';
+$pdo = new PDO('mysql:dbname=' . $schema . ';host=' . $server, $username, $password);
if (isset($_POST['submit'])) {
$stmt = $pdo->prepare('SELECT * FROM users WHERE email = :email');
$values = [
From dc73e566f6ccd914ec079ac68c33254ce46d64ec Mon Sep 17 00:00:00 2001
From: Joshua Perry <45966243+jpez-development@users.noreply.github.com>
Date: Tue, 15 Nov 2022 14:32:51 +0000
Subject: [PATCH 06/10] Pages now populated based on category or deadline
---
public/index.php | 47 ++++++++++++++++++++++++++++++++++++++---------
1 file changed, 38 insertions(+), 9 deletions(-)
diff --git a/public/index.php b/public/index.php
index aed9c78..689895d 100644
--- a/public/index.php
+++ b/public/index.php
@@ -12,23 +12,52 @@ else {
}
$pageContent = ''.$pageHeading.'
-';
+'.populateList($pageHeading).' ';
require '../layout.php';
-function populateList() { //TODO: This will need to be updated to populate from the database
+function populateList($category) { //TODO: This will need to be updated to populate from the database
$output = '';
- for ($i = 0; $i <= 10; $i++) {
+ $server = 'mysql';
+ $username = 'student';
+ $password = 'student';
+ $schema = 'ibuy';
+ $pdo = new PDO('mysql:dbname=' . $schema . ';host=' . $server, $username, $password);
+
+ if ($category === 'Latest Listings') {
+ $stmt = $pdo->prepare('SELECT * FROM listings WHERE listing_deadline > "'. date("Y-m-d h:i:s"). '" ORDER BY listing_deadline DESC');
+ $stmt->execute();
+ $listings = $stmt->fetchAll();
+ }
+ else {
+ $stmt = $pdo->prepare('SELECT * FROM listings WHERE listing_category = :listing_category');
+ $values = [
+ 'listing_category' => $category
+ ];
+ $stmt->execute($values);
+ $listings = $stmt->fetchAll();
+ }
+
+ foreach ($listings as &$listing) {
+ $stmt = $pdo->prepare('SELECT MAX(amount) FROM bids WHERE listing_id = :listing_id');
+ $values = [
+ 'listing_id' => $listing['listing_id']
+ ];
+ $stmt->execute($values);
+
$output .= '
- Product name
- Product category
- Lorem ipsum dolor sit amet, consectetur adipiscing elit. In sodales ornare purus, non laoreet dolor sagittis id. Vestibulum lobortis laoreet nibh, eu luctus purus volutpat sit amet. Proin nec iaculis nulla. Vivamus nec tempus quam, sed dapibus massa. Etiam metus nunc, cursus vitae ex nec, scelerisque dapibus eros. Donec ac diam a ipsum accumsan aliquet non quis orci. Etiam in sapien non erat dapibus rhoncus porta at lorem. Suspendisse est urna, egestas ut purus quis, facilisis porta tellus. Pellentesque luctus dolor ut quam luctus, nec porttitor risus dictum. Aliquam sed arcu vehicula, tempor velit consectetur, feugiat mauris. Sed non pellentesque quam. Integer in tempus enim.
- Current bid: £123.45
- More >>
+ '. $listing['listing_name'] .'
+ '. $listing['listing_category'] .'
+ '. $listing['listing_description'] .'
+ Current bid:'. $stmt->fetch() .'
+ More >>
- ';
+ ';
}
+
+
+
return $output;
}
?>
\ No newline at end of file
From 978753bfae7092c3fb64c6e28063b91fcbbede55 Mon Sep 17 00:00:00 2001
From: Joshua Perry <45966243+jpez-development@users.noreply.github.com>
Date: Tue, 15 Nov 2022 15:30:12 +0000
Subject: [PATCH 07/10] began populating listings from db
---
public/account/login.php | 2 +-
public/account/register.php | 2 -
public/index.php | 4 +-
public/listing.php | 80 +++++++++++++++++++++++--------------
4 files changed, 52 insertions(+), 36 deletions(-)
diff --git a/public/account/login.php b/public/account/login.php
index 66b2853..031a3b4 100644
--- a/public/account/login.php
+++ b/public/account/login.php
@@ -23,7 +23,7 @@ if (isset($_POST['submit'])) {
$user = $stmt->fetch();
if (password_verify($_POST['password'], $user['password'])) {
$_SESSION['loggedin'] = $user['user_id'];
- echo'Successful login
';
+ echo'';
if ($user['admin'] === 'y') {
$_SESSION['loggedin'] = 'y';
}
diff --git a/public/account/register.php b/public/account/register.php
index 0eead8b..8efff36 100644
--- a/public/account/register.php
+++ b/public/account/register.php
@@ -1,5 +1,4 @@
Already have an account? Click here to L
';
require '../../layout.php';
-
if (isset($_POST['submit'])) {
addUser();
echo 'Successful account creation
';
diff --git a/public/index.php b/public/index.php
index 689895d..4383b37 100644
--- a/public/index.php
+++ b/public/index.php
@@ -1,7 +1,6 @@
'.$pageHeading.'
'.populateList($pageHeading).' ';
require '../layout.php';
+
function populateList($category) { //TODO: This will need to be updated to populate from the database
$output = '';
$server = 'mysql';
@@ -24,7 +24,7 @@ function populateList($category) { //TODO: This will need to be updated to popul
$pdo = new PDO('mysql:dbname=' . $schema . ';host=' . $server, $username, $password);
if ($category === 'Latest Listings') {
- $stmt = $pdo->prepare('SELECT * FROM listings WHERE listing_deadline > "'. date("Y-m-d h:i:s"). '" ORDER BY listing_deadline DESC');
+ $stmt = $pdo->prepare('SELECT * FROM listings WHERE listing_deadline > "'. date("Y-m-d H:i:s"). '" ORDER BY listing_deadline DESC');
$stmt->execute();
$listings = $stmt->fetchAll();
}
diff --git a/public/listing.php b/public/listing.php
index 3d1c473..86b510a 100644
--- a/public/listing.php
+++ b/public/listing.php
@@ -2,42 +2,60 @@
$pageTitle = 'iBuy - Product Listing';
//TODO: have page populate information based on listing in the database
$pageContent = 'Product Page
-
+'. populateContent() .' ';
-
- Product name
- Product category
- Auction created by User.Name
- Current bid: £123.45
- Time left: 8 hours 3 minutes
-
-
-
-
- Lorem ipsum dolor sit amet, consectetur adipiscing elit. In sodales ornare purus, non laoreet dolor sagittis id. Vestibulum lobortis laoreet nibh, eu luctus purus volutpat sit amet. Proin nec iaculis nulla. Vivamus nec tempus quam, sed dapibus massa. Etiam metus nunc, cursus vitae ex nec, scelerisque dapibus eros. Donec ac diam a ipsum accumsan aliquet non quis orci. Etiam in sapien non erat dapibus rhoncus porta at lorem. Suspendisse est urna, egestas ut purus quis, facilisis porta tellus. Pellentesque luctus dolor ut quam luctus, nec porttitor risus dictum. Aliquam sed arcu vehicula, tempor velit consectetur, feugiat mauris. Sed non pellentesque quam. Integer in tempus enim.
+require '../layout.php';
-
-
- Reviews of User.Name
-
- Ali said great ibuyer! Product as advertised and delivery was quick 29/09/2019 Dave said disappointing, product was slightly damaged and arrived slowly.22/07/2019 Susan said great value but the delivery was slow 22/07/2019
+ $stmt->execute($values);
+ $listing = $stmt->fetch();
-
-
- ';
-require '../layout.php'
+
+
+
+
+ Reviews of User.Name
+
+ Ali said great ibuyer! Product as advertised and delivery was quick 29/09/2019 Dave said disappointing, product was slightly damaged and arrived slowly.22/07/2019 Susan said great value but the delivery was slow 22/07/2019
+
+
+ ';
+
+ return $output;
+}
?>
\ No newline at end of file
From f83242e7ae7b051ab61b679b57e102fcf8e9b915 Mon Sep 17 00:00:00 2001
From: Joshua Perry <45966243+jpez-development@users.noreply.github.com>
Date: Tue, 15 Nov 2022 15:38:46 +0000
Subject: [PATCH 08/10] fully populated listings by db
---
public/listing.php | 29 +++++++++++++++++++++++++----
1 file changed, 25 insertions(+), 4 deletions(-)
diff --git a/public/listing.php b/public/listing.php
index 86b510a..96e072b 100644
--- a/public/listing.php
+++ b/public/listing.php
@@ -14,20 +14,41 @@ function populateContent() {
$password = 'student';
$schema = 'ibuy';
$pdo = new PDO('mysql:dbname=' . $schema . ';host=' . $server, $username, $password);
+
$stmt = $pdo->prepare('SELECT * FROM listings WHERE listing_id= :listing_id');
$values = [
'listing_id' => $_GET['listing_id']
];
-
$stmt->execute($values);
$listing = $stmt->fetch();
+
+ $stmt = $pdo->prepare('SELECT * FROM categories WHERE category_id = :category_id');
+ $values = [
+ 'category_id' => $listing['listing_category']
+ ];
+ $stmt->execute($values);
+ $category = $stmt->fetch();
+
+ $stmt = $pdo->prepare('SELECT MAX(amount) FROM bids WHERE listing_id = :listing_id');
+ $values = [
+ 'listing_id' => $listing['listing_id']
+ ];
+ $stmt->execute($values);
+ $bid = $stmt->fetch();
+
+ $stmt = $pdo->prepare('SELECT * FROM users WHERE email = :email');
+ $values = [
+ 'email' => $listing['listing_email']
+ ];
+ $stmt->execute($values);
+ $user = $stmt->fetch();
$output = '
'. $listing['listing_name'] .'
- '. $listing['listing_category'] .'
- Auction created by User.Name
- Current bid: £123.45
+ '. $category['category_name'] .'
+ Auction created by '. $user['first_name'].$user['last_name'] .'
+ Current bid: '. $bid['MAX(amount)'] .'
Time left:'. (strtotime($listing['listing_deadline']) - strtotime(date('Y-m-d H:i:s')))/60 .'
diff --git a/public/account/login.php b/public/account/login.php
index e69de29..8afbb39 100644
--- a/public/account/login.php
+++ b/public/account/login.php
@@ -0,0 +1,32 @@
+Don\'t have an account?
-