r0r-5chach/CSY2028-assignment-1
r0r-5chach
/
CSY2028-assignment-1
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

updated query functions

This commit is contained in:
Joshua Perry 2022-11-20 18:51:17 +00:00
parent a90bda3896
commit 5a32abce0e
5 changed files with 69 additions and 82 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
functions.php
View File

@ -3,7 +3,7 @@ function fetchCats() {
$pdo = startDB(); $pdo = startDB();
$stmt = $pdo->prepare('SELECT * FROM category'); $stmt = $pdo->prepare('SELECT * FROM category');
$stmt->execute(); $stmt->execute();
$cats = $stmt->fetchAll(); $cats = executeQueryWithoutConstraint('category','*')->fetchAll();
return $cats; return $cats;
} }
@ -35,13 +35,7 @@ function checkListing() {
} }
function getListing() { function getListing() {
$pdo = startDB(); return getFirstAllMatches('auction', 'listing_id', $_GET['listing_id']);
$stmt = $pdo->prepare('SELECT * FROM auction WHERE listing_id = :listing_id');
$values = [
'listing_id' => $_GET['listing_id']
];
$stmt->execute($values);
return $stmt->fetch();
} }
function populateCatSelect() { function populateCatSelect() {
@ -52,4 +46,45 @@ function populateCatSelect() {
} }
return $output; return $output;
} }
function executeQuery($tableName, $colName, $constraintCol, $constraint) {
$pdo = startDB();
$stmt = $pdo->prepare('SELECT '. $colName .' FROM '.$tableName.' WHERE '. $constraintCol .' = :constraint');
$values = [
'constraint' => $constraint
];
$stmt->execute($values);
return $stmt;
}
function executeQueryWithoutConstraint($tableName, $colName) {
$pdo = startDB();
$stmt = $pdo->prepare('SELECT'.$colName.'FROM '.$tableName);
$stmt->execute();
return $stmt;
}
function getFirstMatch($tableName, $colName, $constraintCol, $constraint){
return executeQuery($tableName, $colName, $constraintCol, $constraint)->fetch();
}
function getEveryMatch($tableName, $colName, $constraintCol, $constraint){
return executeQuery($tableName, $colName, $constraintCol, $constraint)->fetchAll();
}
function executeAllQuery($tableName, $constraintCol, $constraint) {
return executeQuery($tableName, '*', $constraintCol, $constraint);
}
function getEveryAllMatches($tableName, $constraintCol, $constraint) {
return executeAllQuery($tableName, $constraintCol, $constraint)->fetchAll();
}
function getFirstAllMatches($tableName, $constraintCol, $constraint) {
return executeAllQuery($tableName, $constraintCol, $constraint)->fetch();
}
?> ?>

10
public/account/addAuction.php
View File

@ -8,7 +8,6 @@ if (!isset($_SESSION['loggedin'])) {
} }
require_once '../../functions.php'; require_once '../../functions.php';
$pdo = startDB();
$pageContent = '<h1>Add auction</h1> $pageContent = '<h1>Add auction</h1>
<form action="addAuction.php" method="POST"> <form action="addAuction.php" method="POST">
@ -21,14 +20,9 @@ $pageContent = '<h1>Add auction</h1>
require '../../layout.php'; require '../../layout.php';
if (isset($_POST['submit'])) { if (isset($_POST['submit'])) {
$stmt = $pdo->prepare('SELECT * FROM users WHERE user_id = :user_id'); $user = getFirstAllMatches('users', 'user_id', $_SESSION['loggedin']);
$values = [
'user_id' => $_SESSION['loggedin']
];
$stmt->execute($values);
$user = $stmt->fetch();
$pdo = startDB();
$stmt = $pdo->prepare('INSERT INTO auction (title, description, endDate, categoryId, email) $stmt = $pdo->prepare('INSERT INTO auction (title, description, endDate, categoryId, email)
VALUES (:title, :description, :endDate, :categoryID, :email)'); VALUES (:title, :description, :endDate, :categoryID, :email)');
$values = [ $values = [

7
public/account/login.php
View File

@ -15,12 +15,7 @@ require_once '../../functions.php';
$pdo = startDB(); $pdo = startDB();
if (isset($_POST['submit'])) { if (isset($_POST['submit'])) {
$stmt = $pdo->prepare('SELECT * FROM users WHERE email = :email'); $user = getFirstAllMatches('users', 'email', $_POST['email']);
$values = [
'email' => $_POST['email']
];
$stmt->execute($values);
$user = $stmt->fetch();
if (password_verify($_POST['password'], $user['password'])) { if (password_verify($_POST['password'], $user['password'])) {
$_SESSION['loggedin'] = $user['user_id']; $_SESSION['loggedin'] = $user['user_id'];
if ($user['admin'] === 'y') { if ($user['admin'] === 'y') {

20
public/index.php
View File

@ -35,28 +35,16 @@ function populateList($category) {
} }
foreach ($listings as &$listing) { foreach ($listings as &$listing) {
$listCat = getFirstAllMatches('category', 'category_id', $listing['categoryId'])['name'];
$bid = getFirstMatch('bids','MAX(amount)', 'listing_id', $listing['listing_id']);
$stmt = $pdo->prepare('SELECT * FROM category WHERE category_id = :category_id');
$values = [
'category_id' => $listing['categoryId']
];
$stmt->execute($values);
$listCat = $stmt->fetch()['name'];
$stmt = $pdo->prepare('SELECT MAX(amount) FROM bids WHERE listing_id = :listing_id');
$values = [
'listing_id' => $listing['listing_id']
];
$stmt->execute($values);
$output .= '<li> $output .= '<li>
<img src="assets/product.png" alt="product name"> <img src="assets/product.png" alt="product name">
<article> <article>
<h2>'. $listing['title'] .'</h2> <h2>'. $listing['title'] .'</h2>
<h3>'. $listCat .'</h3> <h3>'. $listing['categoryId'] .'</h3>
<p>'. $listing['description'] .'</p> <p>'. $listing['description'] .'</p>
<p class="price">Current bid:'. $stmt->fetch()['MAX(amount)'] .'</p> <p class="price">Current bid:'. $bid['MAX(amount)'] .'</p>
<a href="listing.php?listing_id='. $listing['listing_id'] .'" class="more auctionLink">More &gt;&gt;</a> <a href="listing.php?listing_id='. $listing['listing_id'] .'" class="more auctionLink">More &gt;&gt;</a>
</article> </article>
</li>'; </li>';

63
public/listing.php
View File

@ -17,12 +17,7 @@ if (isset($_POST['bidSubmit'])) {
$stmt->execute($values); $stmt->execute($values);
} }
else if (isset($_POST['reviewSubmit'])) { else if (isset($_POST['reviewSubmit'])) {
$stmt = $pdo->prepare('SELECT * FROM users WHERE email = :email'); $user = getFirstAllMatches('users', 'email', $listing['email']);
$values = [
'email' => $listing['email']
];
$stmt->execute($values);
$user = $stmt->fetch();
$stmt = $pdo->prepare('INSERT INTO review (review_user, review_date, review_contents, user_id) $stmt = $pdo->prepare('INSERT INTO review (review_user, review_date, review_contents, user_id)
VALUES (:review_user, :review_date, :review_contents, :user_id)'); VALUES (:review_user, :review_date, :review_contents, :user_id)');
@ -44,28 +39,9 @@ checkListing();
function populateContent($listing) { function populateContent($listing) {
$pdo = startDB(); $category = getFirstAllMatches('category', 'category_id', $listing['categoryId']);
$bid = getFirstMatch('bids','MAX(amount)', 'listing_id', $listing['listing_id']);
$stmt = $pdo->prepare('SELECT * FROM category WHERE category_id = :category_id'); $user = getFirstAllMatches('users', 'email', $listing['email']);
$values = [
'category_id' => $listing['categoryId']
];
$stmt->execute($values);
$category = $stmt->fetch();
$stmt = $pdo->prepare('SELECT MAX(amount) FROM bids WHERE listing_id = :listing_id');
$values = [
'listing_id' => $listing['listing_id']
];
$stmt->execute($values);
$bid = $stmt->fetch();
$stmt = $pdo->prepare('SELECT * FROM users WHERE email = :email');
$values = [
'email' => $listing['email']
];
$stmt->execute($values);
$user = $stmt->fetch();
$output = ' <img src="product.png" alt="product name"> $output = ' <img src="product.png" alt="product name">
<section class="details"> <section class="details">
@ -85,6 +61,10 @@ function populateContent($listing) {
</section>'; </section>';
$output .= '<section class="reviews">
<h2>Bid History </h2>
<ul>'. getBids($listing['listing_id']) .'</ul>';
$output .= '<section class="reviews"> $output .= '<section class="reviews">
<h2>Reviews of '. $user['first_name'].$user['last_name'].' </h2> <h2>Reviews of '. $user['first_name'].$user['last_name'].' </h2>
<ul>'. getReviews($user['user_id']) .'</ul> <ul>'. getReviews($user['user_id']) .'</ul>
@ -106,29 +86,24 @@ function populateContent($listing) {
} }
function getReviews($user_id) { function getReviews($user_id) {
$pdo = startDB(); $reviews = getEveryAllMatches('review', 'user_id', $user_id);
$output = ''; $output = '';
$stmt = $pdo->prepare('SELECT * FROM review WHERE user_id = :user_id');
$values = [
'user_id' => $user_id
];
$stmt->execute($values);
$reviews = $stmt->fetchAll();
foreach ($reviews as &$review) { foreach ($reviews as &$review) {
$stmt = $pdo->prepare('SELECT * FROM users WHERE user_id = :user_id'); $user = getFirstAllMatches('users', 'user_id', $review['review_user']);
$values = [
'user_id' => $review['review_user']
];
$stmt->execute($values);
$user = $stmt->fetch();
$output .= '<li><strong>'.$user['first_name'].$user['last_name'].' said </strong>'.$review['review_contents'].' <em>'. $review['review_date'] .'</em></li>'; $output .= '<li><strong>'.$user['first_name'].$user['last_name'].' said </strong>'.$review['review_contents'].' <em>'. $review['review_date'] .'</em></li>';
} }
return $output; return $output;
} }
function getBids($listing_id){
$bids = getEveryAllMatches('bids', 'listing_id', $listing_id);
$output = '';
foreach ($bids as &$bid) {
$user = getFirstAllMatches('users', 'user_id', $bid['user_id']);
$output .= '<li><strong>'.$user['first_name'].$user['last_name'].' bid </strong>'.$bid['amount'].'</li>';
}
return $output;
}
?> ?>
//TODO: add bid history //TODO: add bid history