add products working (no image upload working yet)

author: lonkaars <loek@pipeframe.xyz> 2023-05-13 15:36:20 +0200
committer: lonkaars <loek@pipeframe.xyz> 2023-05-13 15:36:20 +0200
commit: ed0594f8f73c6eee8c6eca6ecf6208952ea26cdc (patch)
tree: 188fb61811a67a9f3d69e7429e45e9b6fa198237
parent: d99d91293fe9e9ad683bbd079848df4031f0a77a (diff)
6 files changed, 113 insertions, 19 deletions
diff --git a/lib/login.php b/lib/login.php
index 45d4c83..0683031 100644
--- a/lib/login.php
+++ b/lib/login.php
@@ -52,14 +52,26 @@ function get_cart_count() {
 $logged_in = check_login($username, $password);
 $cart_count = get_cart_count();
 
+// hansel and gretel crumbs
+function leave_crumb() {
+	$prev = $_SERVER['HTTP_REFERER'];
+	$ONE_HOUR = time() + (60 * 60);
+	setcookie("prev", $prev, $ONE_HOUR, "/");
+}
+
 function if_logged_in($is, $redirect, $back = false) {
 	global $logged_in;
 	if ($logged_in != $is) return;
-	if ($back) {
-		$prev = $_SERVER['HTTP_REFERER'];
-		$ONE_HOUR = time() + (60 * 60);
-		setcookie("prev", $prev, $ONE_HOUR, "/");
-	}
+	if ($back) leave_crumb();
+	http_response_code(302);
+	header("Location: ".$redirect);
+	die();
+}
+
+function if_privileged($level, $redirect, $back = false) {
+	global $user_privileges;
+	if (($user_privileges & $level) > 0) return;
+	if ($back) leave_crumb();
 	http_response_code(302);
 	header("Location: ".$redirect);
 	die();
diff --git a/public/admin-category.php b/public/admin-category.php
index d65fc9e..a899b00 100644
--- a/public/admin-category.php
+++ b/public/admin-category.php
@@ -1,14 +1,16 @@
 <!DOCTYPE html>
 <?php require "../lib/login.php"; ?>
+<?php if_privileged(PRIVILEGE_ADMIN, "/") ?>
 <html>
 <head>
 	<?php include 'head.php' ?>
-	<title>super secret admin page</title>
+	<title>categorie toevoegen</title>
 </head>
 <body>
 	<?php include 'navbar.php' ?>
 	<div class="main limwidth">
-		<h2>admin</h2>
+		<h2>categorie toevoegen</h2>
+		
 	</div>
 	<?php include 'footer.php' ?>
 </body>
diff --git a/public/admin-product.php b/public/admin-product.php
index d65fc9e..a760ebe 100644
--- a/public/admin-product.php
+++ b/public/admin-product.php
@@ -1,14 +1,60 @@
 <!DOCTYPE html>
 <?php require "../lib/login.php"; ?>
+<?php if_privileged(PRIVILEGE_ADMIN, "/") ?>
+<?php
+$res = $cursor->query("select max(id)+1 as id from webs.product");
+$obj = $res->fetch_object();
+$new_id = $obj->id;
+?>
+<?php
+do {
+	if ($_SERVER['REQUEST_METHOD'] !== 'POST') break;
+	$name = $_POST['name'];
+	$description = $_POST['description'];
+	$image = $_POST['img'];
+	$price = $_POST['price'];
+	$category = $_POST['category'];
+	$image = true;
+	if (!$name) break;
+	if (!$description) break;
+	if (!$price) break;
+	if (!$category) break;
+
+	$statement = $cursor->prepare("insert into webs.product (`name`, `description`, `price`, `category`, `image`) values (?, ?, ?, ?, ?)");
+	$statement->bind_param("ssdii", $name, $description, $price, $category, $image);
+	$statement->execute();
+} while (false);
+?>
 <html>
 <head>
 	<?php include 'head.php' ?>
-	<title>super secret admin page</title>
+	<title>product toevoegen</title>
+	<link rel="stylesheet" href="admin.css">
 </head>
 <body>
 	<?php include 'navbar.php' ?>
 	<div class="main limwidth">
-		<h2>admin</h2>
+		<h2>product toevoegen</h2>
+		<form action="/admin-product.php" method="post">
+			<label for="id">ID (automatisch)</label>
+			<input id="id" type="text" disabled value="<?php echo $new_id; ?>">
+			<label for="name">Naam</label>
+			<input id="name" name="name" type="text" placeholder="Naam">
+			<label for="price">Prijs</label>
+			<input id="price" name="price" type="number" value="0" min="0" max="999.99" step="0.01">
+			<label for="category">Categorie</label>
+			<select id="category" name="category" placeholder="Categorie">
+				<?php
+					$res = $cursor->query("select id, name from webs.category");
+					while ($c = $res->fetch_object()) echo "<option value='$c->id'>$c->name</option>";
+				?>
+			</select>
+			<label for="description">Beschrijving (ondersteunt HTML)</label>
+			<textarea id="description" name="description" placeholder="Beschrijving" rows="3"></textarea>
+			<label for="img">Productafbeelding</label>
+			<input id="img" name="img" type="file" accept="image/png, image/gif, image/jpeg">
+			<input id="submit" type="submit" value="Toevoegen">
+		</form>
 	</div>
 	<?php include 'footer.php' ?>
 </body>
diff --git a/public/admin.css b/public/admin.css
new file mode 100644
index 0000000..0892cf1
--- /dev/null
+++ b/public/admin.css
@@ -0,0 +1,24 @@
+form {
+	display: grid;
+	gap: 8px;
+}
+
+@media (min-width: 600px) {
+	form {
+		grid-template-columns: auto 1fr;
+	}
+
+	form label {
+		grid-column: 1;
+	}
+
+	form input,
+	form textarea {
+		grid-column: 2;
+	}
+}
+
+form textarea {
+	font-family: sans-serif;
+	resize: vertical;
+}
diff --git a/public/navbar.php b/public/navbar.php
index 03f9ca3..4b4001d 100644
--- a/public/navbar.php
+++ b/public/navbar.php
@@ -6,14 +6,20 @@
 			<span class="label">winkel</span>
 		</a>
 		<a href="/products.php" class="nolinkstyle nav-item"><span>producten</span></a>
-		<a href="/login.php" class="nolinkstyle nav-item"><span>login</span></a>
-		<a href="/cart.php" class="nolinkstyle nav-item">
-			<?php 
-				echo "<span>mand";
-				if ($logged_in) echo " (".$cart_count.")";
-				echo "</span>";
-			?>
-		</a>
+		<?php do {
+			if ($logged_in) break;
+			echo <<<"EOF"
+				<a href="/login.php" class="nolinkstyle nav-item"><span>login</span></a>
+			EOF;
+		} while (false); ?>
+		<?php do {
+			if (!$logged_in) break;
+			echo <<<"EOF"
+				<a href="/cart.php" class="nolinkstyle nav-item">
+					<span>mand ($cart_count)</span>
+				</a>
+			EOF;
+		} while (false); ?>
 		<?php do {
 			if (($user_privileges & PRIVILEGE_ADMIN) == 0) break;
 			echo <<<"EOF"
diff --git a/public/product.php b/public/product.php
index 172a30c..70c511d 100644
--- a/public/product.php
+++ b/public/product.php
@@ -26,13 +26,17 @@ $product = $res->fetch_object();
 			<div class="column left">
 				<?php
 					$img = "/img/product/".$product->id."-full.jpg";
-					echo "<a href='$img'><img src='$img' alt=''></a>";
+					echo <<<"EOF"
+						<a href="$img" target="_blank">
+							<img src="$img" alt="$product->name">
+						</a>
+					EOF;
 				?>
 			</div>
 			<div class="column right">
 				<h2><?php echo $product->name ?></h2>
 				<span class="price"><?php echo $product->price ?></span>
-				<span class="info"><?php echo $product->description ?></span>
+				<p class="info"><?php echo $product->description ?></p>
 				<form action="/cart.php" method="post">
 					<input type="number" value="<?php echo $product->id ?>" hidden name="product_id">
 					<input type="submit" value="Toevoegen aan winkelwagen" class="button filled">
author	lonkaars <loek@pipeframe.xyz>	2023-05-13 15:36:20 +0200
committer	lonkaars <loek@pipeframe.xyz>	2023-05-13 15:36:20 +0200
commit	ed0594f8f73c6eee8c6eca6ecf6208952ea26cdc (patch)
tree	188fb61811a67a9f3d69e7429e45e9b6fa198237
parent	d99d91293fe9e9ad683bbd079848df4031f0a77a (diff)