aboutsummaryrefslogtreecommitdiff
path: root/public/cart.php
blob: f7ee295c2e9c944aa29ba04c14f34b9e904b6668 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
<!DOCTYPE html>
<?php require "../lib/db.php" ?>
<?php require "../lib/login.php" ?>
<?php if_logged_in(false, "/login.php", true) ?>
<?php do {
	if ($_SERVER['REQUEST_METHOD'] !== 'POST') break;
	if (!$_POST['type']) break;
	if (!$_POST['product_id']) break;

	switch($_POST['type']) {
		case "delete": {
			$statement = $cursor->prepare("delete from orderproduct where product = ? and `order` = cart(?)");
			$statement->bind_param("ii", $_POST['product_id'], $user_id);
			$statement->execute();
			$cart_count = get_cart_count();
			break;
		}
		case "add": {
			// ik wou deze functie eigenlijk in een stored procedure doen maar het
			// schijnt dat de knappe koppen bij mysql het geen goed idee vonden om
			// gewoon 'return' toe te staan binnen de body van een stored
			// procedure???
			$statement = $cursor->prepare("select add_to_cart(?, ?)");
			$statement->bind_param("ii", $_POST['product_id'], $user_id);
			$statement->execute();
			$statement->get_result()/*->fetch_object()*/;
			$cart_count = get_cart_count();
			break;
		}
		case "update": {
			$statement = $cursor->prepare("update orderproduct set count = ? where product = ? and `order` = cart(?)");
			$statement->bind_param("iii", $_POST['count'], $_POST['product_id'], $user_id);
			$statement->execute();
			return; // update requests are only triggered from JS and don't do anything with the response
		}
	}
} while (false); ?>
<?php 
function item_template($item) {
	$image_path = $item->image ? "/img/product/$item->id-thumb.jpg" : "/img/placeholder.png";
	$price = number_format($item->price, 2, ',', '.');
	echo <<<"EOF"
	<div class="product" product-id="$item->id">
		<img src="$image_path" alt="productafbeelding">
		<span class="name">$item->name</span>
		<label for="$item->id-count">hoeveelheid:</label>
		<input type="number" value="$item->count" min="1" max="20" id="$item->id-count" class="count buttonstyle filled" disabled>
		<button type="submit" value="$item->id" name="product_id" class="button outlined">weghalen</button>
		<span class="price">$price</span>
	</div>
EOF;
}
?>
<html>
<head>
	<?php include 'head.php' ?>
	<title>mand</title>
	<link rel="stylesheet" href="cart.css">
	<script defer src="cart.js"></script>
</head>
<body>
	<?php include 'navbar.php' ?>
	<div class="main limwidth">
	<?php do {
		if (($user_privileges & PRIVILEGE_ADMIN) == 0) break;
		echo <<<"EOF"
			<div class="center">
				<form action="/admin-order.php" method="get" class="d-ib">
					<input type="submit" value="Bestellingen beheren" class="button filled">
				</form>
			</div>
		EOF;
	} while (false); ?>
	<h2>dingen in de mand van <?php echo $username ?></h2>
		<?php do {
			global $username;
			$statement = $cursor->prepare("select product.id, product.name, product.price, product.image, orderproduct.count from orderproduct join product on product.id = orderproduct.product where `order` = cart(?)");
			$statement->bind_param("i", $user_id);
			if (!$statement->execute()) break;
			$res = $statement->get_result();
			if (!mysqli_num_rows($res)) {
				echo "mandje leeg";
				break;
			}
			echo <<<"EOF"
				<form id="products" class="products" method="post">
					<input type="hidden" name="type" value="delete">
			EOF;
			while ($product = $res->fetch_object()) item_template($product);

			$statement = $cursor->prepare("select cart_sum(cart(?)) as `sum`");
			$statement->bind_param("i", $user_id);
			if (!$statement->execute()) break;
			$res = $statement->get_result();
			$subtotal = number_format($res->fetch_object()->sum, 2, ',', '.');
			echo <<<"EOF"
				</form>
				<div class="alignright">
					<span class="sum">Subtotaal: <span class="subtotal price">$subtotal</span></span>
				</div>
				<form class="product-footer" method="post" action="/order-complete.php">
					<input type="submit" value="Bestellen" class="buttonstyle filled">
				</form>
			EOF;
		} while (false); ?>
	</div>
	<?php include 'footer.php' ?>
</body>
</html>