diff --git a/functions.php b/functions.php index 3d08eb1..56b67a6 100644 --- a/functions.php +++ b/functions.php @@ -3,7 +3,7 @@ function fetchCats() { $pdo = startDB(); $stmt = $pdo->prepare('SELECT * FROM category'); $stmt->execute(); - $cats = $stmt->fetchAll(); + $cats = executeQueryWithoutConstraint('category','*')->fetchAll(); return $cats; } @@ -35,13 +35,7 @@ function checkListing() { } function getListing() { - $pdo = startDB(); - $stmt = $pdo->prepare('SELECT * FROM auction WHERE listing_id = :listing_id'); - $values = [ - 'listing_id' => $_GET['listing_id'] - ]; - $stmt->execute($values); - return $stmt->fetch(); + return getFirstAllMatches('auction', 'listing_id', $_GET['listing_id']); } function populateCatSelect() { @@ -52,4 +46,45 @@ function populateCatSelect() { } return $output; } + +function executeQuery($tableName, $colName, $constraintCol, $constraint) { + $pdo = startDB(); + $stmt = $pdo->prepare('SELECT '. $colName .' FROM '.$tableName.' WHERE '. $constraintCol .' = :constraint'); + $values = [ + 'constraint' => $constraint + ]; + $stmt->execute($values); + return $stmt; +} + +function executeQueryWithoutConstraint($tableName, $colName) { + $pdo = startDB(); + $stmt = $pdo->prepare('SELECT'.$colName.'FROM '.$tableName); + $stmt->execute(); + return $stmt; +} + +function getFirstMatch($tableName, $colName, $constraintCol, $constraint){ + return executeQuery($tableName, $colName, $constraintCol, $constraint)->fetch(); +} + +function getEveryMatch($tableName, $colName, $constraintCol, $constraint){ + return executeQuery($tableName, $colName, $constraintCol, $constraint)->fetchAll(); +} + +function executeAllQuery($tableName, $constraintCol, $constraint) { + return executeQuery($tableName, '*', $constraintCol, $constraint); +} + +function getEveryAllMatches($tableName, $constraintCol, $constraint) { + return executeAllQuery($tableName, $constraintCol, $constraint)->fetchAll(); +} + +function getFirstAllMatches($tableName, $constraintCol, $constraint) { + return executeAllQuery($tableName, $constraintCol, $constraint)->fetch(); +} + + + + ?> \ No newline at end of file diff --git a/public/account/addAuction.php b/public/account/addAuction.php index f3617c8..2c4f669 100644 --- a/public/account/addAuction.php +++ b/public/account/addAuction.php @@ -8,7 +8,6 @@ if (!isset($_SESSION['loggedin'])) { } require_once '../../functions.php'; -$pdo = startDB(); $pageContent = '

Add auction

@@ -21,14 +20,9 @@ $pageContent = '

Add auction

require '../../layout.php'; if (isset($_POST['submit'])) { - $stmt = $pdo->prepare('SELECT * FROM users WHERE user_id = :user_id'); - $values = [ - 'user_id' => $_SESSION['loggedin'] - ]; - $stmt->execute($values); - $user = $stmt->fetch(); - + $user = getFirstAllMatches('users', 'user_id', $_SESSION['loggedin']); + $pdo = startDB(); $stmt = $pdo->prepare('INSERT INTO auction (title, description, endDate, categoryId, email) VALUES (:title, :description, :endDate, :categoryID, :email)'); $values = [ diff --git a/public/account/login.php b/public/account/login.php index 844951f..5f384ee 100644 --- a/public/account/login.php +++ b/public/account/login.php @@ -15,12 +15,7 @@ require_once '../../functions.php'; $pdo = startDB(); if (isset($_POST['submit'])) { - $stmt = $pdo->prepare('SELECT * FROM users WHERE email = :email'); - $values = [ - 'email' => $_POST['email'] - ]; - $stmt->execute($values); - $user = $stmt->fetch(); + $user = getFirstAllMatches('users', 'email', $_POST['email']); if (password_verify($_POST['password'], $user['password'])) { $_SESSION['loggedin'] = $user['user_id']; if ($user['admin'] === 'y') { diff --git a/public/index.php b/public/index.php index 139ebfa..8e59a2d 100644 --- a/public/index.php +++ b/public/index.php @@ -35,28 +35,16 @@ function populateList($category) { } foreach ($listings as &$listing) { - - - $stmt = $pdo->prepare('SELECT * FROM category WHERE category_id = :category_id'); - $values = [ - 'category_id' => $listing['categoryId'] - ]; - $stmt->execute($values); - $listCat = $stmt->fetch()['name']; - - $stmt = $pdo->prepare('SELECT MAX(amount) FROM bids WHERE listing_id = :listing_id'); - $values = [ - 'listing_id' => $listing['listing_id'] - ]; - $stmt->execute($values); + $listCat = getFirstAllMatches('category', 'category_id', $listing['categoryId'])['name']; + $bid = getFirstMatch('bids','MAX(amount)', 'listing_id', $listing['listing_id']); $output .= '
  • product name

    '. $listing['title'] .'

    -

    '. $listCat .'

    +

    '. $listing['categoryId'] .'

    '. $listing['description'] .'

    -

    Current bid:'. $stmt->fetch()['MAX(amount)'] .'

    +

    Current bid:'. $bid['MAX(amount)'] .'

    More >>
    • '; diff --git a/public/listing.php b/public/listing.php index 4288e4d..f737dd1 100644 --- a/public/listing.php +++ b/public/listing.php @@ -17,12 +17,7 @@ if (isset($_POST['bidSubmit'])) { $stmt->execute($values); } else if (isset($_POST['reviewSubmit'])) { - $stmt = $pdo->prepare('SELECT * FROM users WHERE email = :email'); - $values = [ - 'email' => $listing['email'] - ]; - $stmt->execute($values); - $user = $stmt->fetch(); + $user = getFirstAllMatches('users', 'email', $listing['email']); $stmt = $pdo->prepare('INSERT INTO review (review_user, review_date, review_contents, user_id) VALUES (:review_user, :review_date, :review_contents, :user_id)'); @@ -44,28 +39,9 @@ checkListing(); function populateContent($listing) { - $pdo = startDB(); - - $stmt = $pdo->prepare('SELECT * FROM category WHERE category_id = :category_id'); - $values = [ - 'category_id' => $listing['categoryId'] - ]; - $stmt->execute($values); - $category = $stmt->fetch(); - - $stmt = $pdo->prepare('SELECT MAX(amount) FROM bids WHERE listing_id = :listing_id'); - $values = [ - 'listing_id' => $listing['listing_id'] - ]; - $stmt->execute($values); - $bid = $stmt->fetch(); - - $stmt = $pdo->prepare('SELECT * FROM users WHERE email = :email'); - $values = [ - 'email' => $listing['email'] - ]; - $stmt->execute($values); - $user = $stmt->fetch(); + $category = getFirstAllMatches('category', 'category_id', $listing['categoryId']); + $bid = getFirstMatch('bids','MAX(amount)', 'listing_id', $listing['listing_id']); + $user = getFirstAllMatches('users', 'email', $listing['email']); $output = ' product name
    @@ -85,6 +61,10 @@ function populateContent($listing) {
    '; + $output .= '
    +

    Bid History

    + '; + $output .= '

    Reviews of '. $user['first_name'].$user['last_name'].'

      '. getReviews($user['user_id']) .'
    @@ -106,29 +86,24 @@ function populateContent($listing) { } function getReviews($user_id) { - $pdo = startDB(); + $reviews = getEveryAllMatches('review', 'user_id', $user_id); $output = ''; - $stmt = $pdo->prepare('SELECT * FROM review WHERE user_id = :user_id'); - $values = [ - 'user_id' => $user_id - ]; - $stmt->execute($values); - $reviews = $stmt->fetchAll(); - - - foreach ($reviews as &$review) { - $stmt = $pdo->prepare('SELECT * FROM users WHERE user_id = :user_id'); - $values = [ - 'user_id' => $review['review_user'] - ]; - $stmt->execute($values); - $user = $stmt->fetch(); + $user = getFirstAllMatches('users', 'user_id', $review['review_user']); $output .= '
  • '.$user['first_name'].$user['last_name'].' said '.$review['review_contents'].' '. $review['review_date'] .'
    • '; } return $output; } +function getBids($listing_id){ + $bids = getEveryAllMatches('bids', 'listing_id', $listing_id); + $output = ''; + foreach ($bids as &$bid) { + $user = getFirstAllMatches('users', 'user_id', $bid['user_id']); + $output .= '
  • '.$user['first_name'].$user['last_name'].' bid '.$bid['amount'].'
    • '; + } + return $output; +} ?> //TODO: add bid history \ No newline at end of file