aboutsummaryrefslogtreecommitdiff
path: root/public
diff options
context:
space:
mode:
Diffstat (limited to 'public')
-rw-r--r--public/admin-category.php15
-rw-r--r--public/admin-product.php15
-rw-r--r--public/cart.php2
-rw-r--r--public/global.css6
-rw-r--r--public/login.php9
-rw-r--r--public/nav.css14
-rw-r--r--public/navbar.php16
-rw-r--r--public/products.php14
8 files changed, 77 insertions, 14 deletions
diff --git a/public/admin-category.php b/public/admin-category.php
new file mode 100644
index 0000000..d65fc9e
--- /dev/null
+++ b/public/admin-category.php
@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<?php require "../lib/login.php"; ?>
+<html>
+<head>
+ <?php include 'head.php' ?>
+ <title>super secret admin page</title>
+</head>
+<body>
+ <?php include 'navbar.php' ?>
+ <div class="main limwidth">
+ <h2>admin</h2>
+ </div>
+ <?php include 'footer.php' ?>
+</body>
+</html>
diff --git a/public/admin-product.php b/public/admin-product.php
new file mode 100644
index 0000000..d65fc9e
--- /dev/null
+++ b/public/admin-product.php
@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<?php require "../lib/login.php"; ?>
+<html>
+<head>
+ <?php include 'head.php' ?>
+ <title>super secret admin page</title>
+</head>
+<body>
+ <?php include 'navbar.php' ?>
+ <div class="main limwidth">
+ <h2>admin</h2>
+ </div>
+ <?php include 'footer.php' ?>
+</body>
+</html>
diff --git a/public/cart.php b/public/cart.php
index f953880..34cccbb 100644
--- a/public/cart.php
+++ b/public/cart.php
@@ -48,7 +48,7 @@ EOF;
<div class="products">
<?php do {
global $username;
- $statement = $cursor->prepare("select product.id, product.name, product.price, product.image, cart.count from cart join customer on customer.id = cart.customer join product on product.id = cart.product where customer.name = ?");
+ $statement = $cursor->prepare("select product.id, product.name, product.price, product.image, cart.count from cart join user on user.id = cart.user join product on product.id = cart.product where user.name = ?");
$statement->bind_param("s", $username);
if (!$statement->execute()) break;
$res = $statement->get_result();
diff --git a/public/global.css b/public/global.css
index e3fcea0..4add154 100644
--- a/public/global.css
+++ b/public/global.css
@@ -73,3 +73,9 @@ body, html {
font-weight: bold;
cursor: pointer;
}
+
+.center {
+ text-align: center;
+}
+
+.d-ib { display: inline-block; }
diff --git a/public/login.php b/public/login.php
index a8a1021..19d9d17 100644
--- a/public/login.php
+++ b/public/login.php
@@ -4,12 +4,9 @@
<?php
do {
if ($_SERVER['REQUEST_METHOD'] !== 'POST') break;
- if (!$_POST['username']) break;
- if (!$_POST['password']) break;
-
- //TODO: check if user exists in database
-
- // if all guards passed, successful login occurred
+ $username = $_POST['username'];
+ $password = $_POST['password'];
+ if (!check_login($username, $password)) break;
cookie_redir($_POST['username'], $_POST['password']);
} while (false);
?>
diff --git a/public/nav.css b/public/nav.css
index 11815c1..d5f2de3 100644
--- a/public/nav.css
+++ b/public/nav.css
@@ -3,9 +3,6 @@ nav {
border-bottom: 2px dashed currentColor;
}
-nav span { vertical-align: middle; }
-nav a { margin-right: 16px; }
-
nav .site-icon {
height: 48px;
display: inline-block;
@@ -22,3 +19,14 @@ nav .site-icon .icon svg {
width: 24px;
height: 24px;
}
+
+nav .adminmode { opacity: .7; }
+
+nav .nav-item {
+ display: inline-flex;
+ height: 48px;
+ vertical-align: top;
+ align-items: center;
+ margin-right: 16px;
+}
+
diff --git a/public/navbar.php b/public/navbar.php
index a157c76..03f9ca3 100644
--- a/public/navbar.php
+++ b/public/navbar.php
@@ -1,18 +1,26 @@
<?php require_once "../lib/login.php" ?>
<nav>
<div class="limwidth">
- <a href="/" class="site-icon nolinkstyle">
+ <a href="/" class="site-icon nolinkstyle nav-item">
<span class="icon"><?php include "img/cart-outline.svg" ?></span>
<span class="label">winkel</span>
</a>
- <a href="/products.php" class="nolinkstyle"><span>producten</span></a>
- <a href="/login.php" class="nolinkstyle"><span>login</span></a>
- <a href="/cart.php" class="nolinkstyle">
+ <a href="/products.php" class="nolinkstyle nav-item"><span>producten</span></a>
+ <a href="/login.php" class="nolinkstyle nav-item"><span>login</span></a>
+ <a href="/cart.php" class="nolinkstyle nav-item">
<?php
echo "<span>mand";
if ($logged_in) echo " (".$cart_count.")";
echo "</span>";
?>
</a>
+ <?php do {
+ if (($user_privileges & PRIVILEGE_ADMIN) == 0) break;
+ echo <<<"EOF"
+ <div class='nav-item'>
+ <span class='adminmode'>(ingelogd als administrator)</span>
+ </div>
+ EOF;
+ } while (false); ?>
</div>
</nav>
diff --git a/public/products.php b/public/products.php
index 433475f..da337ad 100644
--- a/public/products.php
+++ b/public/products.php
@@ -1,5 +1,6 @@
<!DOCTYPE html>
<?php require "../lib/db.php"; ?>
+<?php require "../lib/login.php"; ?>
<?php
function product_template($product) {
$image_path = $product->image ? "/img/product/$product->id-thumb.jpg" : "/img/placeholder.png";
@@ -22,6 +23,19 @@ EOF;
<?php include 'navbar.php' ?>
<div class="main limwidth">
<h2>lijst met producten:</h2>
+ <?php do {
+ if (($user_privileges & PRIVILEGE_ADMIN) == 0) break;
+ echo <<<"EOF"
+ <div class="center">
+ <form action="/admin-product.php" method="get" class="d-ib">
+ <input type="submit" value="Nieuw product toevoegen" class="button filled">
+ </form>
+ <form action="/admin-category.php" method="get" class="d-ib">
+ <input type="submit" value="Nieuwe categorie toevoegen" class="button filled">
+ </form>
+ </div>
+ EOF;
+ } while (false); ?>
<div class="products">
<?php
$res = $cursor->query("select id, image, price, name from webs.product");