diff options
Diffstat (limited to 'public/cart.php')
-rw-r--r-- | public/cart.php | 77 |
1 files changed, 46 insertions, 31 deletions
diff --git a/public/cart.php b/public/cart.php index 34cccbb..d4dfcc6 100644 --- a/public/cart.php +++ b/public/cart.php @@ -2,24 +2,31 @@ <?php require "../lib/db.php" ?> <?php require "../lib/login.php" ?> <?php if_logged_in(false, "/login.php", true) ?> -<?php -do { +<?php do { if ($_SERVER['REQUEST_METHOD'] !== 'POST') break; + if (!$_POST['type']) break; if (!$_POST['product_id']) break; - // TODO: add product to cart - // $statement = $cursor->prepare("select id, image, price, name, description from webs.product where id = ?"); - // $statement->bind_param("i", $_GET['id']); - // if (!$statement->execute()) refuse(); - // $res = $statement->get_result(); - // if (!mysqli_num_rows($res)) refuse(); - // $product = $res->fetch_object(); - - - // if all guards passed, successful login occurred - cookie_redir($_POST['username'], $_POST['password']); -} while (false); -?> + switch($_POST['type']) { + case "delete": { + $statement = $cursor->prepare("delete from orderproduct where product = ? and `order` = cart(?)"); + $statement->bind_param("ii", $_POST['product_id'], $user_id); + $statement->execute(); + break; + } + case "add": { + // ik wou deze functie eigenlijk in een stored procedure doen maar het + // schijnt dat de knappe koppen bij mysql het geen goed idee vonden om + // gewoon 'return' toe te staan binnen de body van een stored + // procedure??? + $statement = $cursor->prepare("select add_to_cart(?, ?)"); + $statement->bind_param("ii", $_POST['product_id'], $user_id); + $statement->execute(); + $statement->get_result()/*->fetch_object()*/; + break; + } + } +} while (false); ?> <?php function item_template($item) { $image_path = $item->image ? "/img/product/$item->id-thumb.jpg" : "/img/placeholder.png"; @@ -28,8 +35,8 @@ function item_template($item) { <img src="$image_path" alt="productafbeelding"> <span class="name">$item->name</span> <label for="$item->id-count">hoeveelheid:</label> - <input type="number" value="$item->count" min="1" max="20" id="$item->id-count"> - <button id="$item->id-delete">weghalen</button> + <input type="number" value="$item->count" min="1" max="20" id="$item->id-count" disabled> + <button type="submit" value="$item->id" name="product_id">weghalen</button> <span class="price">$item->price</span> </div> EOF; @@ -45,20 +52,28 @@ EOF; <?php include 'navbar.php' ?> <div class="main limwidth"> <h2>dingen in de mand van <?php echo $username ?></h2> - <div class="products"> - <?php do { - global $username; - $statement = $cursor->prepare("select product.id, product.name, product.price, product.image, cart.count from cart join user on user.id = cart.user join product on product.id = cart.product where user.name = ?"); - $statement->bind_param("s", $username); - if (!$statement->execute()) break; - $res = $statement->get_result(); - if (!mysqli_num_rows($res)) { - echo "mandje leeg"; - break; - } - while ($product = $res->fetch_object()) item_template($product); - } while (false); ?> - </div> + <?php do { + global $username; + $statement = $cursor->prepare("select product.id, product.name, product.price, product.image, orderproduct.count from orderproduct join product on product.id = orderproduct.product where `order` = cart(?)"); + $statement->bind_param("i", $user_id); + if (!$statement->execute()) break; + $res = $statement->get_result(); + if (!mysqli_num_rows($res)) { + echo "mandje leeg"; + break; + } + echo <<<"EOF" + <form class="products" method="post"> + <input type="hidden" name="type" value="delete"> + EOF; + while ($product = $res->fetch_object()) item_template($product); + echo <<<"EOF" + </form> + <form class="product-footer" method="post" action="/order-complete.php"> + <input type="submit" value="Bestellen" class="buttonstyle filled"> + </form> + EOF; + } while (false); ?> </div> <?php include 'footer.php' ?> </body> |