aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorlonkaars <loek@pipeframe.xyz>2023-05-13 15:36:20 +0200
committerlonkaars <loek@pipeframe.xyz>2023-05-13 15:36:20 +0200
commited0594f8f73c6eee8c6eca6ecf6208952ea26cdc (patch)
tree188fb61811a67a9f3d69e7429e45e9b6fa198237
parentd99d91293fe9e9ad683bbd079848df4031f0a77a (diff)
add products working (no image upload working yet)
-rw-r--r--lib/login.php22
-rw-r--r--public/admin-category.php6
-rw-r--r--public/admin-product.php50
-rw-r--r--public/admin.css24
-rw-r--r--public/navbar.php22
-rw-r--r--public/product.php8
6 files changed, 113 insertions, 19 deletions
diff --git a/lib/login.php b/lib/login.php
index 45d4c83..0683031 100644
--- a/lib/login.php
+++ b/lib/login.php
@@ -52,14 +52,26 @@ function get_cart_count() {
$logged_in = check_login($username, $password);
$cart_count = get_cart_count();
+// hansel and gretel crumbs
+function leave_crumb() {
+ $prev = $_SERVER['HTTP_REFERER'];
+ $ONE_HOUR = time() + (60 * 60);
+ setcookie("prev", $prev, $ONE_HOUR, "/");
+}
+
function if_logged_in($is, $redirect, $back = false) {
global $logged_in;
if ($logged_in != $is) return;
- if ($back) {
- $prev = $_SERVER['HTTP_REFERER'];
- $ONE_HOUR = time() + (60 * 60);
- setcookie("prev", $prev, $ONE_HOUR, "/");
- }
+ if ($back) leave_crumb();
+ http_response_code(302);
+ header("Location: ".$redirect);
+ die();
+}
+
+function if_privileged($level, $redirect, $back = false) {
+ global $user_privileges;
+ if (($user_privileges & $level) > 0) return;
+ if ($back) leave_crumb();
http_response_code(302);
header("Location: ".$redirect);
die();
diff --git a/public/admin-category.php b/public/admin-category.php
index d65fc9e..a899b00 100644
--- a/public/admin-category.php
+++ b/public/admin-category.php
@@ -1,14 +1,16 @@
<!DOCTYPE html>
<?php require "../lib/login.php"; ?>
+<?php if_privileged(PRIVILEGE_ADMIN, "/") ?>
<html>
<head>
<?php include 'head.php' ?>
- <title>super secret admin page</title>
+ <title>categorie toevoegen</title>
</head>
<body>
<?php include 'navbar.php' ?>
<div class="main limwidth">
- <h2>admin</h2>
+ <h2>categorie toevoegen</h2>
+
</div>
<?php include 'footer.php' ?>
</body>
diff --git a/public/admin-product.php b/public/admin-product.php
index d65fc9e..a760ebe 100644
--- a/public/admin-product.php
+++ b/public/admin-product.php
@@ -1,14 +1,60 @@
<!DOCTYPE html>
<?php require "../lib/login.php"; ?>
+<?php if_privileged(PRIVILEGE_ADMIN, "/") ?>
+<?php
+$res = $cursor->query("select max(id)+1 as id from webs.product");
+$obj = $res->fetch_object();
+$new_id = $obj->id;
+?>
+<?php
+do {
+ if ($_SERVER['REQUEST_METHOD'] !== 'POST') break;
+ $name = $_POST['name'];
+ $description = $_POST['description'];
+ $image = $_POST['img'];
+ $price = $_POST['price'];
+ $category = $_POST['category'];
+ $image = true;
+ if (!$name) break;
+ if (!$description) break;
+ if (!$price) break;
+ if (!$category) break;
+
+ $statement = $cursor->prepare("insert into webs.product (`name`, `description`, `price`, `category`, `image`) values (?, ?, ?, ?, ?)");
+ $statement->bind_param("ssdii", $name, $description, $price, $category, $image);
+ $statement->execute();
+} while (false);
+?>
<html>
<head>
<?php include 'head.php' ?>
- <title>super secret admin page</title>
+ <title>product toevoegen</title>
+ <link rel="stylesheet" href="admin.css">
</head>
<body>
<?php include 'navbar.php' ?>
<div class="main limwidth">
- <h2>admin</h2>
+ <h2>product toevoegen</h2>
+ <form action="/admin-product.php" method="post">
+ <label for="id">ID (automatisch)</label>
+ <input id="id" type="text" disabled value="<?php echo $new_id; ?>">
+ <label for="name">Naam</label>
+ <input id="name" name="name" type="text" placeholder="Naam">
+ <label for="price">Prijs</label>
+ <input id="price" name="price" type="number" value="0" min="0" max="999.99" step="0.01">
+ <label for="category">Categorie</label>
+ <select id="category" name="category" placeholder="Categorie">
+ <?php
+ $res = $cursor->query("select id, name from webs.category");
+ while ($c = $res->fetch_object()) echo "<option value='$c->id'>$c->name</option>";
+ ?>
+ </select>
+ <label for="description">Beschrijving (ondersteunt HTML)</label>
+ <textarea id="description" name="description" placeholder="Beschrijving" rows="3"></textarea>
+ <label for="img">Productafbeelding</label>
+ <input id="img" name="img" type="file" accept="image/png, image/gif, image/jpeg">
+ <input id="submit" type="submit" value="Toevoegen">
+ </form>
</div>
<?php include 'footer.php' ?>
</body>
diff --git a/public/admin.css b/public/admin.css
new file mode 100644
index 0000000..0892cf1
--- /dev/null
+++ b/public/admin.css
@@ -0,0 +1,24 @@
+form {
+ display: grid;
+ gap: 8px;
+}
+
+@media (min-width: 600px) {
+ form {
+ grid-template-columns: auto 1fr;
+ }
+
+ form label {
+ grid-column: 1;
+ }
+
+ form input,
+ form textarea {
+ grid-column: 2;
+ }
+}
+
+form textarea {
+ font-family: sans-serif;
+ resize: vertical;
+}
diff --git a/public/navbar.php b/public/navbar.php
index 03f9ca3..4b4001d 100644
--- a/public/navbar.php
+++ b/public/navbar.php
@@ -6,14 +6,20 @@
<span class="label">winkel</span>
</a>
<a href="/products.php" class="nolinkstyle nav-item"><span>producten</span></a>
- <a href="/login.php" class="nolinkstyle nav-item"><span>login</span></a>
- <a href="/cart.php" class="nolinkstyle nav-item">
- <?php
- echo "<span>mand";
- if ($logged_in) echo " (".$cart_count.")";
- echo "</span>";
- ?>
- </a>
+ <?php do {
+ if ($logged_in) break;
+ echo <<<"EOF"
+ <a href="/login.php" class="nolinkstyle nav-item"><span>login</span></a>
+ EOF;
+ } while (false); ?>
+ <?php do {
+ if (!$logged_in) break;
+ echo <<<"EOF"
+ <a href="/cart.php" class="nolinkstyle nav-item">
+ <span>mand ($cart_count)</span>
+ </a>
+ EOF;
+ } while (false); ?>
<?php do {
if (($user_privileges & PRIVILEGE_ADMIN) == 0) break;
echo <<<"EOF"
diff --git a/public/product.php b/public/product.php
index 172a30c..70c511d 100644
--- a/public/product.php
+++ b/public/product.php
@@ -26,13 +26,17 @@ $product = $res->fetch_object();
<div class="column left">
<?php
$img = "/img/product/".$product->id."-full.jpg";
- echo "<a href='$img'><img src='$img' alt=''></a>";
+ echo <<<"EOF"
+ <a href="$img" target="_blank">
+ <img src="$img" alt="$product->name">
+ </a>
+ EOF;
?>
</div>
<div class="column right">
<h2><?php echo $product->name ?></h2>
<span class="price"><?php echo $product->price ?></span>
- <span class="info"><?php echo $product->description ?></span>
+ <p class="info"><?php echo $product->description ?></p>
<form action="/cart.php" method="post">
<input type="number" value="<?php echo $product->id ?>" hidden name="product_id">
<input type="submit" value="Toevoegen aan winkelwagen" class="button filled">