prepare('INSERT INTO bids(amount, user_id, listing_id)
VALUES(:amount, :user_id, :listing_id)');
$values = [
'amount' => $_POST['bid'],
'user_id' => $_SESSION['loggedin'],
'listing_id' => $listing['listing_id']
];
$stmt->execute($values);
}
else if (isset($_POST['reviewSubmit'])) {
$user = getFirstAllMatches('users', 'email', $listing['email']);
$stmt = $pdo->prepare('INSERT INTO review (review_user, review_date, review_contents, user_id)
VALUES (:review_user, :review_date, :review_contents, :user_id)');
$values = [
'review_user' => $_SESSION['loggedin'],
'review_date' => date('Y-m-d H:i:s'),
'review_contents' => $_POST['reviewtext'],
'user_id' => $user['user_id']
];
$stmt->execute($values);
}
$pageContent = 'Product Page
'. populateContent($listing) .'';
require '../layout.php';
checkListing();
function populateContent($listing) {
$category = getFirstAllMatches('category', 'category_id', $listing['categoryId']);
$bid = getFirstMatch('bids','MAX(amount)', 'listing_id', $listing['listing_id']);
$user = getFirstAllMatches('users', 'email', $listing['email']);
$output = ' 
'. $listing['title'] .'
'. $category['name'] .'
Auction created by '. $user['first_name'].$user['last_name'] .'
Current bid: '. $bid['MAX(amount)'] .'
'. $listing['description'] .'
';
$output .= '
Bid History
'. getBids($listing['listing_id']) .'
';
$output .= '
Reviews of '. $user['first_name'].$user['last_name'].'
'. getReviews($user['user_id']) .'
';
if (isset($_SESSION['loggedin'])) {
if($user['user_id'] === $_SESSION['loggedin']) {
$output .= 'edit';
}
}
return $output;
}
function getReviews($user_id) {
$reviews = getEveryAllMatches('review', 'user_id', $user_id);
$output = '';
foreach ($reviews as &$review) {
$user = getFirstAllMatches('users', 'user_id', $review['review_user']);
$output .= ''.$user['first_name'].$user['last_name'].' said '.$review['review_contents'].' '. $review['review_date'] .'';
}
return $output;
}
function getBids($listing_id){
$bids = getEveryAllMatches('bids', 'listing_id', $listing_id);
$output = '';
foreach ($bids as &$bid) {
$user = getFirstAllMatches('users', 'user_id', $bid['user_id']);
$output .= ''.$user['first_name'].$user['last_name'].' bid '.$bid['amount'].'';
}
return $output;
}
?>