r0r-5chach/CSY2028-assignment-1
r0r-5chach
/
CSY2028-assignment-1
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added reviews and bids

This commit is contained in:
Joshua Perry 2022-11-20 15:38:33 +00:00
parent 5d26b0fada
commit f2a79e6506
1 changed files with 71 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
public/listing.php
View File

@ -2,16 +2,49 @@
session_start(); session_start();
require_once '../functions.php'; require_once '../functions.php';
$pageTitle = 'iBuy - Product Listing'; $pageTitle = 'iBuy - Product Listing';
$listing = getListing();
$pdo = startDB();
if (isset($_POST['bidSubmit'])) {
$stmt = $pdo->prepare('INSERT INTO bids(amount, user_id, listing_id)
VALUES(:amount, :user_id, :listing_id)');
$values = [
'amount' => $_POST['bid'],
'user_id' => $_SESSION['loggedin'],
'listing_id' => $listing['listing_id']
];
$stmt->execute($values);
}
else if (isset($_POST['reviewSubmit'])) {
$stmt = $pdo->prepare('SELECT * FROM users WHERE email = :email');
$values = [
'email' => $listing['email']
];
$stmt->execute($values);
$user = $stmt->fetch();
$stmt = $pdo->prepare('INSERT INTO review (review_user, review_date, review_contents, user_id)
VALUES (:review_user, :review_date, :review_contents, :user_id)');
$values = [
'review_user' => $_SESSION['loggedin'],
'review_date' => date('Y-m-d'),
'review_contents' => $_POST['reviewtext'],
'user_id' => $user['user_id']
];
$stmt->execute($values);
}
$pageContent = '<h1>Product Page</h1> $pageContent = '<h1>Product Page</h1>
<article class="product">'. populateContent() .'</article>'; <article class="product">'. populateContent($listing) .'</article>';
require '../layout.php'; require '../layout.php';
checkListing(); checkListing();
function populateContent() {
function populateContent($listing) {
$pdo = startDB(); $pdo = startDB();
$listing = getListing();
$stmt = $pdo->prepare('SELECT * FROM category WHERE category_id = :category_id'); $stmt = $pdo->prepare('SELECT * FROM category WHERE category_id = :category_id');
$values = [ $values = [
@ -41,40 +74,58 @@ function populateContent() {
<p>Auction created by <a href="#">'. $user['first_name'].$user['last_name'] .'</a></p> <p>Auction created by <a href="#">'. $user['first_name'].$user['last_name'] .'</a></p>
<p class="price">Current bid: '. $bid['MAX(amount)'] .'</p> <p class="price">Current bid: '. $bid['MAX(amount)'] .'</p>
<time>Time left:'. round((strtotime($listing['endDate']) - strtotime(date('Y-m-d H:i:s')))/60/60,1 ) .' Hours</time> <time>Time left:'. round((strtotime($listing['endDate']) - strtotime(date('Y-m-d H:i:s')))/60/60,1 ) .' Hours</time>
<form action="#" class="bid"> <form action="listing.php?listing_id='.$listing['listing_id'].'" class="bid" method="POST">
<input type="text" name="bid" placeholder="Enter bid amount" /> <input type="number" step="0.1" name="bid" value="'. $bid['MAX(amount)'] .'" />
<input type="submit" value="Place bid" /> <input name="bidSubmit" type="submit" value="Place Bid" />
</form> </form>
</section> </section>
<section class="description"> <section class="description">
<p>'. $listing['description'] .'</p> <p>'. $listing['description'] .'</p>
</section> </section>';
<section class="reviews"> $output .= '<section class="reviews">
<h2>Reviews of User.Name </h2> <h2>Reviews of '. $user['first_name'].$user['last_name'].' </h2>
<ul> <ul>'. getReviews($user['user_id']) .'</ul>
<li><strong>Ali said </strong> great ibuyer! Product as advertised and delivery was quick <em>29/09/2019</em></li>
<li><strong>Dave said </strong> disappointing, product was slightly damaged and arrived slowly.<em>22/07/2019</em></li>
<li><strong>Susan said </strong> great value but the delivery was slow <em>22/07/2019</em></li>
</ul> <form action="listing.php?listing_id='.$listing['listing_id'].'" method="POST">
<form>
<label>Add your review</label> <textarea name="reviewtext"></textarea> <label>Add your review</label> <textarea name="reviewtext"></textarea>
<input type="submit" name="reviewSubmit" value="Add Review" />
<input type="submit" name="submit" value="Add Review" />
</form> </form>
</section>'; </section>';
if($user['user_id'] === $_SESSION['loggedin']) { if($user['user_id'] === $_SESSION['loggedin']) {
$output .= '<a href ="account/editAuction.php?listing_id='. $listing['listing_id'] . '">edit</a>'; $output .= '<a href ="account/editAuction.php?listing_id='. $listing['listing_id'] . '">edit</a>';
} }
return $output; return $output;
} }
function getReviews($user_id) {
$pdo = startDB();
$output = '';
$stmt = $pdo->prepare('SELECT * FROM review WHERE user_id = :user_id');
$values = [
'user_id' => $user_id
];
$stmt->execute($values);
$reviews = $stmt->fetchAll();
foreach ($reviews as &$review) {
$stmt = $pdo->prepare('SELECT * FROM users WHERE user_id = :user_id');
$values = [
'user_id' => $review['review_user']
];
$stmt->execute($values);
$user = $stmt->fetch();
$output .= '<li><strong>'.$user['first_name'].$user['last_name'].' said </strong>'.$review['review_content'].' <em>'. $review['review_date'] .'</em></li>';
}
}
?> ?>
//TODO: add functionality for bid form
//TODO: add functionality for review form
//TODO: add bid history //TODO: add bid history