Skip to content

CS123A_GroupC_FoodBuddy
CS123A_GroupC_FoodBuddy
Commit 05f9623d authored by Jose Emmanuel Torrijos's avatar Jose Emmanuel Torrijos
Browse files
Options

Food Buddy 

Food Buddy Source Code and Final Paper
parents
Hide whitespace changes
Inline Side-by-side
Showing with 5060 additions and 0 deletions
add_to_cart.php 0 → 100644
View file @ 05f9623d
<?php
session_start();
$mysqli = new mysqli("localhost","root","","dbadmin");
if (isset($_GET['id']))
{
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
} else
{
#protection
$id = $_GET['id'];
$qty = $_GET['qty'];
$sessID = stripslashes($_COOKIE['PHPSESSID']);
$sessID = mysqli_real_escape_string($mysqli,$sessID);
$total_price_query = "SELECT price FROM item WHERE item_id = " .$id;
$total_price_result = mysqli_query($mysqli,$total_price_query);
$tpArray = mysqli_fetch_array($total_price_result, MYSQLI_ASSOC);
$tp = $tpArray['price'];
$tp = $tp*$qty;
#username has to be unique!
$sql = "INSERT INTO tracker (session_id,item_id,item_qty,total_price) VALUES ('".$sessID. "', " .$id.", " .$qty.", " .$tp.")";
$result = mysqli_query($mysqli,$sql);
//$count = mysqli_num_rows($result);
if ($result === TRUE)
{
echo "A record has been inserted.";
header("Location:menu.php");
exit;
}
else {
printf("Could not insert record: %s\n", mysqli_error($mysqli));
}
}
mysqli_close($mysqli);
}
else{
echo"wew";
}
?>
\ No newline at end of file
checkPassEdit.php 0 → 100644
View file @ 05f9623d
<?php
session_start();
$mysqli = new mysqli("localhost","root","","dbadmin");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
else
{
echo "<html><head><title>Changing FooBu Password</title>";
echo "</head><link href = 'styles.css' type = 'text/css' rel = 'stylesheet'/>";
echo "<body>";
$old_pass = $_POST["old_password"];
$new_pass = $_POST["password1"];
#protection
$old_pass = stripslashes($old_pass);
$old_pass = mysqli_real_escape_string($mysqli,$old_pass);
$new_pass = stripslashes($new_pass);
$new_pass = mysqli_real_escape_string($mysqli,$new_pass);
$id = $_SESSION['account_id'];
$sql = "SELECT * FROM account a
LEFT JOIN mall b ON a.mall_id = b.mall_id
LEFT JOIN restaurant c ON a.rest_id = c.rest_id
where a.account_id = ". $id;
$result = mysqli_query($mysqli,$sql);
$count = mysqli_num_rows($result);
if($result)
{
$newArray = mysqli_fetch_array($result, MYSQLI_ASSOC);
$old_password = $newArray['password'];
$position = $newArray['position'];
echo "<div class = 'bar'>";
#Account details
echo "<p class = 'logout'><a href = 'logout.php'>Log Out</a></p>";
echo "<p class = 'details'>Welcome " . $newArray['first_name']. " to Food Buddy!<br>";
if($position != 'Client')
{
echo "Position: " . $newArray['position']. "<br>";
if($position != 'Dev')
{
if($position != 'Boy') echo "Mall: " . $newArray['mall_name'] . " Restaurant: " . $newArray['rest_name']. "<br>";
else echo "Mall: " . $newArray['mall_name'];
}
}
if($position == 'Client') echo "Load: " . $newArray['load_balance'] ."<br/>";
echo "</p><a href = 'homepage.php'><img class = 'logo' src='logo.jpg' title='Home Page' align = 'middle'/></a></div>";
echo "<div class = 'navi'>";
#Menu Items
if($position == 'Dev')
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_malls.php'>Malls</a></li>
<li class = 'home'><a href = 'display_rest.php'>Restaurants</a></li>
<li class = 'home'><a href = 'display_accounts.php'>Promote/Demote Account</a></li>";
}else if($position == 'Admin')
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_items.php'>Food Items</a></li>
<li class = 'home'><a href = 'display_accounts-2.php'>Load Accounts</a></li>";
}else if($position == 'Boy')
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_order.php'>All Orders</a></li>
<li class = 'home'><a href = 'display_orders_to_be_prepared.php'>Orders to Prepare</a></li>";
}
else
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'choose_mall.php'>Order Food</a></li>";
}
echo "<li class = 'home'><a href = 'view_message.php'>Messages</a></li>";
echo "</div><div class = 'empty'></div>";
if($old_password != $old_pass)
{
echo "<h1>You entered an invalid old password!</h1>";
echo "<div class = 'center'><br><a href = 'edit_password.php' ><button>Back</button></a></div>";
}
else
{
$sql = "UPDATE account SET password = '" .$new_pass. "' WHERE account_id = " . $id ;
$res = mysqli_query($mysqli, $sql);
if ($res === TRUE)
{
echo "<h1>Your Password has been edited!</h1>";
}
else
{
printf("Could not edit password: %s\n", mysqli_error($mysqli));
}
}
}
}
?>
\ No newline at end of file
checkcreate.php 0 → 100644
View file @ 05f9623d
<?php
$mysqli = new mysqli("localhost","root","","dbadmin");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
else
{
echo "<html><head><title>Create Account</title>";
echo "</head><link href = 'styles.css' type = 'text/css' rel = 'stylesheet'/>";
echo "<body>";
$fname = $_POST["firstname"];
$mname = $_POST["middlename"];
$lname = $_POST["lastname"];
$username = $_POST["username"];
$password = $_POST["password1"];
#protection
$fname = stripslashes($fname);
$fname = mysqli_real_escape_string($mysqli,$fname);
$mname = stripslashes($mname);
$mname = mysqli_real_escape_string($mysqli,$mname);
$lname = stripslashes($lname);
$lname = mysqli_real_escape_string($mysqli,$lname);
$username = stripslashes($username);
$username = mysqli_real_escape_string($mysqli,$username);
$password = stripslashes($password);
$password = mysqli_real_escape_string($mysqli,$password);
#username has to be unique!
$sql = "SELECT * FROM account WHERE username = '" .$username. "'";
$result = mysqli_query($mysqli,$sql);
$count = mysqli_num_rows($result);
if($count == 0)
{
$sql = "INSERT INTO account (first_name,middle_name,last_name,username,password,position,load_balance) VALUES ('" .$fname. "','" . $mname. "','" .$lname. "','" .$username. "','" .$password. "','Client',0)";
$res = mysqli_query($mysqli, $sql);
if ($res === TRUE)
{
echo "<h1>A record has been inserted.</h1>";
echo "<div class = 'center'>";
echo "<br><a href = 'create_account.php' ><button>Back to Create Account</button></a></br>";
echo "<br><a href = 'login.php' ><button>Cancel</button></a></br>";
echo "</div>";
}
else {
printf("Could not insert record: %s\n", mysqli_error($mysqli));
echo "<br><a href = 'create_account.php' ><button>Back to Create Account</button></a></br>";
echo "<br><a href = 'login.php' ><button>Cancel</button></a></br>";
}
}
else
{
echo "<h1>Username Taken!</h1>";
echo "<div class = 'center'>";
echo "<br><a href = 'create_account.php' ><button>Back to Create Account</button></a></br>";
echo "<br><a href = 'login.php' ><button>Cancel</button></a></br>";
echo "</div>";
}
echo "</body>";
echo "</html>";
mysqli_close($mysqli);
}
?>
\ No newline at end of file
checkedit.php 0 → 100644
View file @ 05f9623d
<?php
session_start();
$mysqli = new mysqli("localhost","root","","dbadmin");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}else
{
$fname = $_POST["firstname"];
$mname = $_POST["middlename"];
$lname = $_POST["lastname"];
#protection
$fname = stripslashes($fname);
$fname = mysqli_real_escape_string($mysqli,$fname);
$mname = stripslashes($mname);
$mname = mysqli_real_escape_string($mysqli,$mname);
$lname = stripslashes($lname);
$lname = mysqli_real_escape_string($mysqli,$lname);
$id = $_SESSION['account_id'];
$sql = "SELECT * FROM account WHERE account_id = " .$id;
$result = mysqli_query($mysqli,$sql);
$count = mysqli_num_rows($result);
if($result)
{
$newArray = mysqli_fetch_array($result, MYSQLI_ASSOC);
$password = $newArray['password'];
$sql = "UPDATE account SET first_name = '" .$fname. "', middle_name = '" .$mname. "', last_name = '" .$lname. "' WHERE account_id = " . $id ;
$res = mysqli_query($mysqli, $sql);
if ($res === TRUE)
{
echo "Your information has been edited!.";
echo "<br><a href = 'view_account.php' ><button>Back</button></a></br>";
}
else {
printf("Could not edit account: %s\n", mysqli_error($mysqli));
echo "<br><a href = 'homepage.php' ><button>Back</button></a></br>";
}
}
}
?>
\ No newline at end of file
checklogin.php 0 → 100644
View file @ 05f9623d
<?php
$mysqli = new mysqli("localhost","root","","dbadmin");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
else
{
echo "<html><head><title>Create Account</title>";
echo "</head><link href = 'styles.css' type = 'text/css' rel = 'stylesheet'/>";
echo "<body>";
$username = $_POST["username"];
$password = $_POST["password"];
#protection
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysqli_real_escape_string($mysqli,$username);
$password = mysqli_real_escape_string($mysqli,$password);
$sql = "SELECT * FROM account WHERE username = '" .$username. "' and password = '" .$password. "'";
$result = mysqli_query($mysqli,$sql);
$count = mysqli_num_rows($result);
if($count == 1)
{
$newArray = mysqli_fetch_array($result, MYSQLI_ASSOC);
$id = $newArray['account_id'];
$fname = $newArray['first_name'];
session_start();
$_SESSION['account_id'] = $id;
$_SESSION['first_name'] = $fname;
header("location:homepage.php"); #research
}
else
{
echo "<h1>Wrong Username or Password!</h1>";
echo "<div class = 'center'>";
echo "<br><a href = 'login.php' ><button>Back</button></a>";
echo "</div>";
}
echo "</body>";
}
?>
\ No newline at end of file
choose_mall.php 0 → 100644
View file @ 05f9623d
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<title>Choose a Mall</title>
<link href = "styles.css" type = "text/css" rel = "stylesheet"/>
</head>
<body>
<form method = 'post' action = 'menu.php'>
<?php
$mysqli = new mysqli("localhost","root","","dbadmin");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}else
{
$id = $_SESSION['account_id'];
#protection
$sql = "SELECT * FROM account a
LEFT JOIN mall b ON a.mall_id = b.mall_id
LEFT JOIN restaurant c ON a.rest_id = c.rest_id
where a.account_id = ". $id;
$result = mysqli_query($mysqli,$sql);
$count = mysqli_num_rows($result);
if($result)
{
$account = mysqli_fetch_array($result, MYSQLI_ASSOC);
$position = $account['position'];
echo "<div class = 'bar'>";
#Account details
echo "<p class = 'logout'><a href = 'logout.php'>Log Out</a></p>";
echo "<p class = 'details'>Welcome " . $account['first_name']. " to Food Buddy!<br>";
echo "Load: " . $account['load_balance'] ."<br/>";
echo "</p><a href = 'homepage.php'><img class = 'logo' src='logo.jpg' title='Home Page' align = 'middle'/></a></div>";
echo "<div class = 'navi'>";
#Menu Items
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'choose_mall.php'>Order Food</a></li>
<li class = 'home'><a href = 'view_message.php'>Messages</a></li>";
echo "</div><div class = 'empty'></div>";
$select_mall_query = "SELECT * FROM mall";
echo "<div class = 'center'>";
echo "<select class='mall_list' name='mall'>
<option value='0'>Choose a mall</option>";
foreach(mysqli_query($mysqli,$select_mall_query) as $option) {
$id = $option['mall_id'];
$name = $option['mall_name'];
echo "<option value='$id'>$name</option>";
}
echo "<input class = 'submit' type = 'submit' name = 'chooseMall' value = 'Im here at this Mall!'>";
echo "</div>";
}
session_regenerate_id();
}
?>
</form>
</body>
</html>
confirm_admin.php 0 → 100644
View file @ 05f9623d
<?
session_start();
if (isset($_GET['id']))
{
$mysqli = new mysqli("localhost","root","","dbadmin");
$promote_account_id = $_SESSION["promote_account_id"];
echo "promote_account_id";
//close connection to MySQL
mysqli_close($mysqli);
//redirect to showcart page
}
else
{
}
?>
create_account.php 0 → 100644
View file @ 05f9623d
<!DOCTYPE html>
<html>
<head><title>Create Account</title>
<script>
function validateForm() {
var a = document.forms["myForm"]["firstname"].value;
var b = document.forms["myForm"]["middlename"].value;
var c = document.forms["myForm"]["lastname"].value;
var x = document.forms["myForm"]["username"].value;
var y = document.forms["myForm"]["password1"].value;
var z = document.forms["myForm"]["password2"].value;
if (a == "" || b == "" || c == "" || x == "" || y == "" || z == "") {
alert("Some fields need to be field!");
return false;
} else if (y != z)
{
alert("Passwords are not matching!");
return false;
}
}
</script>
</head>
<link href = "styles.css" type = "text/css" rel = "stylesheet"/>
<body>
<h1>FooBu Create Account</h1>
<p>
<form action = "checkcreate.php" onsubmit = "return validateForm()" method = "POST" name = "myForm">
<fieldset class = "long">
<legend>Personal Information</legend>
Full Name:<br>
<input type = "text" id = "firstname" name = "firstname" placeholder = "First Name">
<input type = "text" id = "middlename" name = "middlename" placeholder = "Middle Name">
<input type = "text" id = "lastname" name = "lastname" placeholder = "Last Name">
</fieldset>
<fieldset class = "creation">
<legend>Account Details</legend>
Username:<br>
<input type = "text" id = "username" name = "username" placeholder = "Username"><br><br>
Password:<br>
<input type = "password" id = "password1" name = "password1" placeholder = "Password">
<input type = "password" id = "password2" name = "password2" placeholder = "Re-enter Password">
</fieldset>
</p>
<div class = "center">
<input class = "submit" type = "submit" value = "Submit">
</div>
</form>
<!--Buttons-->
<!--WIP-->
<div class = "center">
<br><a href = "login.php"><button class = "create">Cancel</button></a>
</div>
</body>
</html>
\ No newline at end of file
css/database_layout2.css 0 → 100644
View file @ 05f9623d
body {
font-family: "Calibri Light", Candara, sans-serif;
}
ul{
margin: 10px auto 10px auto;
padding: 3px;
border-top: 2px solid #000000;
border-bottom: 1px solid #000000;
}
li {
display: inline;
margin: 2px;
}
input.text {
color: #5A5854;
background-color: #FAFAFA;
border: 1px solid #BDBDBD;
border-radius: 5px;
padding: 3px;
}
input.sub_submit {
color: #7D7D7D;
background-color: #FFFFFF;
border: 1px solid #7D7D7D;
border-radius: 5px;
padding: 5px;
float: left;
margin: 3% 0% 0% 1.6%;
}
input.submit, button {
text-transform: uppercase;
color: #5a5854;
background-color: #FFFFFF;
border: none;
border-radius: 10px;
padding: 5px;
width: 19.45%;
}
input.submit:hover, input.sub_submit:hover, button:hover {
color: #FAFAFA !important;
background-color: #343434 !important;
}
button.even, button.odd {
width: 60% !important;
}
table.list {
float: left;
width: 60%;
min-width: 50%;
max-width: 80%;
margin: 0.8%;
}
th, td {
padding: 0.5% 0.5% 0.5% 1%;
}
th {
text-transform: uppercase;
letter-spacing: 0.1em;
font-size: 90%;
border-bottom: 2px solid #111111;
border-top: 1px solid #999999;
text-align: left;
}
tr.even, button.even {
background-color: #EFEFEF;
}
tr:hover {
color: #ECECEC;
background-color: #7B7B7B;
}
p.notif{
float: right;
width: 34%;
margin-right: 2.5%;
margin-top: 0.5%;
padding: 0.4% 0.5% 0.7% 0.5%;
}
fieldset{
float: right;
width: 32%;
margin-right: 2.5%;
padding: 0.4% 0.5% 0.7% 0.5%;
border-radius: 10px;
}
th.money, td.money {
text-align: right;
}
select {
margin: 0.8% 0.8% 0.8% 0.1%;
padding: 1%;
background-color: #FAFAFA;
color: #5A5854;
border-radius: 10px;
width: 42%;
overflow: scroll;
}
label.in {
margin: 0.8% 0.5% 0.8% 0.1%;
padding: 0.3% 0% 0.3% 2%;
float: left;
width: 45%;
}
select, input.text, div.rad {
margin: 0.8% 0.5% 0.8% 0.1% !important;
padding: 1% !important;
}
\ No newline at end of file
display_accounts-2.php 0 → 100644
View file @ 05f9623d
<!DOCTYPE html>
<html>
<head>
<title>FooBu Clients</title>
<link href="styles.css" type="text/css" rel="stylesheet">
</head>
<body>
<form name="main_form" method="post" action="process_account.php"></li>
<?php
session_start();
#process_account
#display_accounts-2
#print_r($_POST);
#print_r($_SESSION);
#setting up the connection
$mysqli = new mysqli("localhost","root","","dbadmin");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
else
{
$id = $_SESSION['account_id'];
$sql = "SELECT * FROM account a
LEFT JOIN mall b ON a.mall_id = b.mall_id
LEFT JOIN restaurant c ON a.rest_id = c.rest_id
WHERE position <> 'Dev'
ORDER BY account_id ASC";
$result = mysqli_query($mysqli,$sql);
if($result)
{
$newArray = mysqli_fetch_array($result, MYSQLI_ASSOC);
$position = $newArray['position'];
echo "<div class = 'bar'>";
#Account details
echo "<p class = 'logout'><a href = 'logout.php'>Log Out</a></p>";
echo "<p class = 'details'>Welcome " . $newArray['first_name']. " to Food Buddy!<br>";
echo "Position: " . $newArray['position']. "<br>";
echo "Mall: " . $newArray['mall_name'] . ", Restaurant: " . $newArray['rest_name']. "<br>";
echo "</p><a href = 'homepage.php'><img class = 'logo' src='logo.jpg' title='Home Page' align = 'middle'/></a></div>";
echo "<div class = 'navi'>";
#Menu Items
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_items.php'>Food Items</a></li>
<li class = 'home'><a href = 'display_accounts-2.php'>Load Accounts</a></li>
<li class = 'home'><a href = 'view_message.php'>Messages</a></li>";
echo "</div><div class = 'empty'></div>";
echo "<div class = 'center'><ul><li><input class='submit' type='submit' name='accounts_add' value='Add Load'></li></ul></div>";
#should not display Admin and Dev accounts to avoid exploitation
$table_query = "SELECT * FROM account WHERE position = 'Client'";
$message = null;
#check message in $_SESSION
if(isset($_SESSION['message']))
{
$message = $_SESSION['message'];
$notif = "Please select an account.";
if($message == 'promoted') $notif = "Account promoted.";
else if($message == 'loaded') $notif = 'Load added to account.';
else if($message == 'cancelled') $notif = 'Transaction cancelled.';
echo "<p class='notif'> $notif </p>";
}
if(isset($_SESSION['accounts_add']))
{
$_SESSION['accounts_add'] = NULL; #n00b method, but it works for my purposes
$loadee_id = $_SESSION['loadee'];
$select_query = "SELECT first_name FROM account WHERE account_id = '$loadee_id'";
$stmt = $mysqli->query($select_query);
$row = mysqli_fetch_array($stmt,MYSQLI_ASSOC);
echo
"<fieldset class = 'notice'>
<legend> Add Load to " . $row['first_name'] . " </legend>";
echo "<label class='in'>Load Amount: </label>";
echo
"<input class='text' type='text' name='load_amount' value='00.00'><br>
<input class='sub_submit' type='submit' name='add_load' value='Add Load to Account'>
<input class='sub_submit' type='submit' name='cancel' value='Cancel'>
</fieldset>";
#end of display
}
#display mall table contents
echo "<table class='list'>";
echo
"<tr>
<th>Account ID</th>
<th>Name</th>
<th>Username</th>
<th class='money'>Balance</th>
<th>Position</th>
</tr>";
#for layout purposes start
$num = 0;
$class = "even";
#end
foreach ($mysqli->query($table_query) as $myrow)
{
$id = $myrow['account_id'];
#for layout purposes start
if($num%2 == 0) $class = "even";
else $class = "odd";
$num++;
#end
#echo $checkbox_id; #for checking purposes
echo "<tr class='$class'> <td>";
echo "<input type='radio' name='account' value='$id'>", $id;
echo "<td>";
echo $myrow['first_name'], " ", $myrow['middle_name'], " ", $myrow['last_name'];
echo "<td>";
echo $myrow['username'];
echo "<td class = 'number'>";
echo $myrow['load_balance'];
echo "<td>";
echo $myrow['position'];
echo "</tr>";
}
echo "</table>";
#end of display
$_SESSION['message'] = NULL;
}
}?>
</form>
</body>
</html>
\ No newline at end of file
display_accounts.php 0 → 100644
View file @ 05f9623d
<!DOCTYPE html>
<html>
<head>
<title>All FooBu Accounts</title>
<script type="text/javascript">
function validate(val) {
if(val == "Add Mall") {
var x = document.forms["main_form"]["mall_name"].value;
if(x == null || x == "") {
alert("Please put a valid mall name.");
return false;
}
}
else if(val == "Save Changes") {
var y = document.forms["main_form"]["new_mall_name"].value;
if(y == null || y == "") {
alert("Please put a new valid mall name.");
return false;
}
}
}
function viewPage() {
window.location = "display_accounts.php";
}
function goBack() {
window.location = "homepage.php";
}
</script>
<link href="styles.css" type="text/css" rel="stylesheet">
</head>
<body>
<form name="main_form" method="post" action="display_accounts.php" onsubmit="return validate()">
<?php
session_start();
$mysqli = new mysqli("localhost","root","","dbadmin");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
else
{
$id = $_SESSION['account_id'];
$sql = "SELECT * FROM account a
LEFT JOIN mall b ON a.mall_id = b.mall_id
LEFT JOIN restaurant c ON a.rest_id = c.rest_id
WHERE position <> 'Dev'
ORDER BY account_id ASC";
$sql2 = "SELECT * FROM account a
LEFT JOIN mall b ON a.mall_id = b.mall_id
LEFT JOIN restaurant c ON a.rest_id = c.rest_id
where account_id = " .$id;
#SELECT * FROM account a
#LEFT JOIN mall b ON a.mall_id = b.mall_id
#LEFT JOIN restaurant c ON a.rest_id = c.rest_id
#where account_id = " .$id;
$result = mysqli_query($mysqli,$sql);
$result2 = mysqli_query($mysqli,$sql2);
if($result)
{
$newArray = mysqli_fetch_array($result2, MYSQLI_ASSOC);
$position = $newArray['position'];
echo "<div class = 'bar'>";
#Account details
echo "<p class = 'logout'><a href = 'logout.php'>Log Out</a></p>";
echo "<p class = 'details'>Welcome " . $newArray['first_name']. " to Food Buddy!<br>";
echo "Position: " . $newArray['position']. "<br>";
echo "</p><a href = 'homepage.php'><img class = 'logo' src='logo.jpg' title='Home Page' align = 'middle'/></a></div>";
echo "<div class = 'navi'>";
#Menu Items
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_malls.php'>Malls</a></li>
<li class = 'home'><a href = 'display_rest.php'>Restaurants</a></li>
<li class = 'home'><a href = 'display_accounts.php'>Promote/Demote Account</a></li>
<li class = 'home'><a href = 'view_message.php'>Messages</a></li>";
echo "</div><div class = 'empty'></div>";
echo "<div class = 'center'><ul>
<!--<li><input class='submit' type='submit' name='delete_all' value='Delete All'></li>-->
<li><input class='submit' type='button' name='view' value='View List' onclick='viewPage()'></li>
<li><input class='submit' type='submit' name='promoteToAdmin' value='Promote to Admin'></li>
<li><input class='submit' type='submit' name='promoteToBoy' value='Promote to Boy'></li>
<li><input class='submit' type='submit' name='demote' value='Demote'></li>
</ul></div>";
$select_mall_query = "SELECT * from restaurant INNER JOIN mall ON restaurant.mall_id = mall.mall_id";
$result2 = mysqli_query($mysqli,$select_mall_query);
$mall_query = "SELECT * from mall";
$result3 = mysqli_query($mysqli,$mall_query);
//$count = mysqli_num_rows($result);
if(isset($_POST['promoteToAdmin']))
{ #check if the ADD button was pressed
$edit_rest_name = NULL;
foreach(mysqli_query($mysqli,$sql) as $myrow)
{ #for all entries in the restaurant list
$edit_entry_id = $myrow['account_id']; #assign current entry's rest_id to variable
if(isset($_POST[$edit_entry_id]) != NULL)
{ #check if the entry's checkbox was selected (meaning the entry should be deleted)
$edit_rest_name = $myrow['account_id']; #assign entry's restaurant name to variable
break; #get out of loop
}
}
if($edit_rest_name == NULL)
{
echo
"<p class='notif'> Please select one (1) account entry to edit, then click [Promote to Admin]. <br> <br>
Note that if multiple entries are selected, only the <b>first one</b> selected on the list will be considered for promotion.
</p>";
}
else
{
#display form for EDIT RESTAURANT
echo "<input type='hidden' name='account_id' value='$edit_rest_name'>";
echo
"<fieldset class = 'notice'>
<legend> Promote to Admin </legend>";
echo
"<label class='in'>Select Mall-Restaurant: </label>
<select class='mall_list' name='malls'>
<option value='0' selected>Choose a Mall</option>";"<label class='in'>Mall Name: </label>";
foreach(mysqli_query($mysqli,$select_mall_query) as $option)
{
$r_id = $option['rest_id'];
$rest_name = $option['rest_name'];
$mall_name = $option['mall_name'];
echo "<option value='$r_id'>$mall_name - $rest_name</option>";
}
echo
"</select><br>
<input class='sub_submit' type='submit' name='promoteAdmin' value='Promote to Admin'>
</fieldset>";
}
}
else if(isset($_POST['promoteAdmin']))
{
$account_id = $_POST['account_id'];
$restaurant_id = $_POST['malls'];
$mall_query = "SELECT mall_id FROM restaurant where rest_id = ". $restaurant_id;
$mall_result = mysqli_query($mysqli,$mall_query);
$mallArray = mysqli_fetch_array($mall_result, MYSQLI_ASSOC);
$mall_id = $mallArray['mall_id'];
$account_id = stripslashes($account_id);
$restaurant_id = stripslashes($restaurant_id);
$mall_id = stripslashes($mall_id);
$account_id = mysqli_real_escape_string($mysqli,$account_id);
$restaurant_id = mysqli_real_escape_string($mysqli,$restaurant_id);
$mall_id = mysqli_real_escape_string($mysqli,$mall_id);
$update_account_query = "UPDATE account SET rest_id = " .$restaurant_id. ", mall_id = " .$mall_id. ", position = 'Admin' WHERE account_id = ". $account_id;
$result = mysqli_query($mysqli,$update_account_query);
}
#boy
else if(isset($_POST['promoteToBoy']))
{ #check if the ADD button was pressed
$edit_rest_name = NULL;
foreach(mysqli_query($mysqli,$sql) as $myrow)
{ #for all entries in the restaurant list
$edit_entry_id = $myrow['account_id']; #assign current entry's rest_id to variable
if(isset($_POST[$edit_entry_id]) != NULL)
{ #check if the entry's checkbox was selected (meaning the entry should be deleted)
$edit_rest_name = $myrow['account_id']; #assign entry's restaurant name to variable
break; #get out of loop
}
}
if($edit_rest_name == NULL)
{
echo
"<p class='notif'> Please select one (1) account entry to edit, then click [Promote to Boy]. <br> <br>
Note that if multiple entries are selected, only the <b>first one</b> selected on the list will be considered for promotion.
</p>";
}
else
{ #display form for EDIT RESTAURANT
echo "<input type='hidden' name='account_id' value='$edit_rest_name'>";
echo
"<fieldset class = 'notice'>
<legend> Promote to Boy </legend>";
echo
"<label class='in'>Select Mall-Restaurant: </label>
<select class='mall_list' name='mall'>
<option value='0' selected>Choose a Mall</option>";"<label class='in'>Mall Name: </label>";
foreach(mysqli_query($mysqli,$mall_query) as $option)
{
$r_id = $option['mall_id'];
$mall_name = $option['mall_name'];
echo "<option value='$r_id'>$mall_name</option>";
}
echo
"</select><br>
<input class='sub_submit' type='submit' name='promoteBoy' value='Promote to Boy'>
</fieldset>";
}
}
else if(isset($_POST['promoteBoy']))
{
$account_id = $_POST['account_id'];
$mall_id = $_POST['mall'];
$account_id = stripslashes($account_id);
$mall_id = stripslashes($mall_id);
$account_id = mysqli_real_escape_string($mysqli,$account_id);
$mall_id = mysqli_real_escape_string($mysqli,$mall_id);
$update_account_query = "UPDATE account SET mall_id = " .$mall_id. ", rest_id = NULL, position = 'Boy' WHERE account_id = ". $account_id;
$resultz = mysqli_query($mysqli,$update_account_query);
}
else if(isset($_POST['demote']))
{
foreach(mysqli_query($mysqli,$sql) as $myrow)
{
$account_id = $myrow['account_id']; #assign current entry's rest_id to variable
if(isset($_POST[$account_id]) != NULL)
{ #check if the entry's checkbox was selected/not null(meaning the entry should be deleted)
#execute deletion
$demote_query = "UPDATE account SET position = 'Client', mall_id = NULL, rest_id = NULL WHERE account_id = ". $account_id;
$demoteResult = mysqli_query($mysqli,$demote_query);
}
}
echo "<p class='notif'> Accounts(s) demoted to Client. </p>";
}
echo "<table class = 'list'>
<tr>
<th scope = 'col'>Account ID</th>
<th scope = 'col'>Full Name</th>
<th scope = 'col'>Username</th>
<th scope = 'col'>Position</th>
<th scope = 'col'>Mall</th>
<th scope = 'col'>Restaurant</th>
<th scope = 'col'>Load Balance (in Peso)</th>
</tr>";
$tables = "SELECT * FROM account a
LEFT JOIN mall b ON a.mall_id = b.mall_id
LEFT JOIN restaurant c ON a.rest_id = c.rest_id
WHERE position <> 'Dev'
ORDER BY account_id ASC";
$num = 0;
$class = "even";
foreach(mysqli_query($mysqli,$tables) as $myRow)
{
$checkbox_id = $myRow['account_id'];
if($num%2 == 0) $class = "even";
else $class = "odd";
$num++;
echo "<tr class='$class'>
<td><input type='checkbox' name='$checkbox_id'>", " ", $myRow['account_id'];
echo "<td>" .$myRow['first_name']. " " .$myRow['middle_name']. " ". $myRow['last_name'] ."</td>
<td>" .$myRow['username']. "</td>
<td>" .$myRow['position']. "</td>
<td>" .$myRow['mall_name']. "</td>
<td>" .$myRow['rest_name']. "</td>
<td class = 'number'>" .$myRow['load_balance']. "</td>";
"</tr>";
}
echo "</table>";
}
}?>
</form>
</body>
</html>
\ No newline at end of file
display_items-2.php 0 → 100644
View file @ 05f9623d
<?php session_start(); ?>
<!DOCTYPE html>
<html>
<head>
<script type="text/javascript">
function goBack() {
window.location="homepage.php";
}
</script>
<link href="css\database_layout2.css" type="text/css" rel="stylesheet">
</head>
<body>
<form name="main_form" method="post" action="process_item.php">
<ul>
<!--<li><input class="submit" type="submit" name="delete_all" value="Delete All"></li>-->
<li><input class="submit" type="button" name="back" value="Homepage" onclick="goBack()"></li>
<li><input class="submit" type="submit" name="add" value="Add"></li>
<li><input class="submit" type="submit" name="delete" value="Delete"></li>
<li><input class="submit" type="submit" name="edit" value="Edit"></li>
</ul>
<?php
print_r($_SESSION);
#setting up the connection
try {
$db = new PDO('mysql:host=localhost;dbname=dbadmin', 'root', '');
$db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
} catch( PDOException $e ) {
echo "Connection failed: " . $e->getMessage();
}
$mysqli = new mysqli("localhost","root","joel2013","dbadmin");
$account_id = $_SESSION['account_id'];
$sql = "SELECT * FROM account WHERE account_id = " .$account_id;
$result = mysqli_query($mysqli,$sql);
$newArray = mysqli_fetch_array($result, MYSQLI_ASSOC);
$position = $newArray['mall_id'];
$table_query = "SELECT * FROM item";
$select_query = "SELECT * FROM restaurant";
#$db->query($table_query);
/*if(isset($_POST['delete_all'])) {
$complete_delete_query = "TRUNCATE item";
$db->query($complete_delete_query);
echo "<p class='notif'> List emptied. If you have done this by mistake, then oops. </p>";
}*/
if(isset($_SESSION["message"])) {
if($_SESSION["message"] == "add") { #check if the ADD button was pressed
#display form for ADD MENU ITEM
echo
"<fieldset>
<legend> Add menu item </legend>";
echo "<label class='in'>Insert menu item name: </label>";
echo
"<input class='text' type='text' name='item_name'><br>";
echo "<label class='in'>Insert item price: </label>
<input class='text' type='text' name='price'><br>
<label class='in'>Item type: </label>
<div class='rad'>
<input type='radio' name='item_type' value='Snacks' id='sn'> <label for='sn'>Snacks</label>
<input type='radio' name='item_type' value='Drinks' id='dr'> <label for='dr'>Drinks</label><br>
</div>
<label class='in'>Availability: </label>
<div class='rad'>
<input type='radio' name='avail' value='yes' id='y'> <label for='y'>Available</label>
<input type='radio' name='avail' value='no' id='n'> <label for='n'>Not Available</label>
</div>
<input class='sub_submit' type='submit' name='add_item' value='Add Menu Item'>
<input class='sub_submit' type='submit' name='cancel' value='Cancel'>
</fieldset>";
}
else if($_SESSION["message"] == "delete") { #check if the DELETE button was pressed
echo "<p class='notif'> Item(s) deleted. </p>";
}
else if($_SESSION["message"] == "edit") {
#print_r($_POST); #for checking purposes
$edit_entry_id = $_SESSION['edit_id'];
$select_query = "SELECT * FROM item WHERE item_id = '$edit_entry_id'";
$stmt = $db->query($select_query);
$row = $stmt->fetch(PDO::FETCH_ASSOC);
$edit_item_name = $row['item_name'];
$edit_item_price = $row['price'];
if($edit_item_name == NULL) {
echo
"<p class='notif'> Please select one (1) menu item entry to edit, then click [Edit]. <br> <br>
Note that if multiple entries are selected, only the <b>first one</b> selected on the list will be considered for editing.
</p>";
}
else {
#display form for EDIT MENU ITEM
echo
"<fieldset>
<legend> Edit menu item </legend>";
echo "<label class='in'>Insert new menu item name: </label>";
echo
"<input class='text' type='text' name='new_item_name' value='$edit_item_name'><br>";
echo "<label class='in'>Insert new item price: </label>
<input class='text' type='text' name='new_price' value='$edit_item_price'><br>
<label class='in'>New item type: </label>
<div class='rad'>
<input type='radio' name='new_item_type' value='Snacks' id='sn'> <label for='sn'>Snacks</label>
<input type='radio' name='new_item_type' value='Drinks' id='dr'> <label for='dr'>Drinks</label><br>
</div>
<label class='in'>Availability: </label>
<div class='rad'>
<input type='radio' name='change_avail' value='yes' id='y'> <label for='y'>Available</label>
<input type='radio' name='change_avail' value='no' id='n'> <label for='n'>Not Available</label>
</div>
<input class='sub_submit' type='submit' name='edit_item' value='Save Changes'>
<input class='sub_submit' type='submit' name='cancel' value='Cancel'>
<input type='hidden' name='id' value='$edit_entry_id'><!--#to send item_id-->
</fieldset>";
}
}
else if($_SESSION["message"] == "add_item") {
echo "<p class='notif'> Item added. </p>";
}
else if($_SESSION["message"] == "edit_item") {
echo "<p class='notif'> Item updated. </p>";
}
}
#display item table contents
echo "<table class='list'>";
echo
"<tr>
<th>Item ID</th>
<th>Item Name</th>
<th class='money'>Price</th>
<th>Type</th>
<th>Is Available</th>
</tr>";
#for layout purposes start
$num = 0;
$class = "even";
#end
foreach ($db->query($table_query) as $myrow) {
$checkbox_id = $myrow["item_id"];
#for layout purposes start
if($num%2 == 0) $class = "even";
else $class = "odd";
$num++;
#end
#for readability
$availability = 'Yes';
if($myrow["is_available"] == 0) $availability = 'No';
else $availability = 'Yes';
#echo $checkbox_id; #for checking purposes
echo "<tr class='$class'> <td>";
echo "<input type='checkbox' name='$checkbox_id'>", " ", $myrow["item_id"];
echo "<td>";
echo $myrow["item_name"];
echo "<td class='money'>";
echo $myrow["price"];
echo "<td>";
echo $myrow["type"];
echo "<td>";
echo $availability;
echo "</tr>";
}
echo "</table>";
#end of display
$_SESSION["message"] = NULL;
$_SESSION["edit_id"] = NULL;
?>
</form>
</body>
</html>
\ No newline at end of file
display_items.php 0 → 100644
View file @ 05f9623d
<?php
session_start();
$mysqli = new mysqli("localhost","root","","dbadmin");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
else
{
$id = $_SESSION['account_id'];
#protection
$sql = "SELECT * FROM account a
LEFT JOIN mall b ON a.mall_id = b.mall_id
LEFT JOIN restaurant c ON a.rest_id = c.rest_id
where a.account_id = ". $id;
$result = mysqli_query($mysqli,$sql);
if($result)
{
$newArray = mysqli_fetch_array($result, MYSQLI_ASSOC);
$mall_id = $newArray['mall_id'];
$rest_id = $newArray['rest_id'];
echo "<html>
<head>
<title>" .$newArray['rest_name']. " Menu</title>
<script type='text/javascript'>
function viewPage() {
window.location='display_items.php';
}
function goBack() {
window.location='homepage.php';
}
</script>
<link href='styles.css' type='text/css' rel='stylesheet'>
</head>
<body>
<form name='main_form' method='post' action='display_items.php'>";
$position = $newArray['position'];
echo "<div class = 'bar'>";
#Account details
echo "<p class = 'logout'><a href = 'logout.php'>Log Out</a></p>";
echo "<p class = 'details'>Welcome " . $newArray['first_name']. " to Food Buddy!<br>";
echo "Position: " . $newArray['position']. "<br>";
echo "Mall: " . $newArray['mall_name'] . ", Restaurant: " . $newArray['rest_name']. "<br>";
echo "</p><a href = 'homepage.php'><img class = 'logo' src='logo.jpg' title='Home Page' align = 'middle'/></a></div>";
echo "<div class = 'navi'>";
#Menu Items
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_items.php'>Food Items</a></li>
<li class = 'home'><a href = 'display_accounts-2.php'>Load Accounts</a></li>
<li class = 'home'><a href = 'view_message.php'>Messages</a></li>";
echo "</div><div class = 'empty'></div>";
echo "<div class = 'center'><ul>
<!--<li><input class='submit' type='submit' name='delete_all' value='Delete All'></li>-->
<li><input class='submit' type='button' name='view' value='View List' onclick='viewPage()'></li>
<li><input class='submit' type='submit' name='add' value='Add'></li>
<li><input class='submit' type='submit' name='delete' value='Delete'></li>
<li><input class='submit' type='submit' name='edit' value='Edit'></li>
</ul></div>";
$table_query = "SELECT * FROM item a
INNER JOIN restaurant b ON a.rest_id=b.rest_id
INNER JOIN mall c ON b.mall_id = c.mall_id
WHERE b.rest_id = ". $rest_id;
$select_query = "SELECT * FROM restaurant WHERE mall_id = ". $mall_id;
#$db->query($table_query);
/*if(isset($_POST['delete_all'])) {
$complete_delete_query = "TRUNCATE item";
$db->query($complete_delete_query);
echo "<p class='notif'> List emptied. If you have done this by mistake, then oops. </p>";
}*/
if(isset($_POST['add']))
{ #check if the ADD button was pressed
#display form for ADD MENU ITEM
echo
"<fieldset class = 'notice'>
<legend> Add Menu Item </legend>";
echo "<label class='in'>Item Name: </label>";
echo
"<input class='text' type='text' name='item_name'><br>";
echo
"<br>
<label class='in'>Item Price: </label>
<input class='text' type='text' name='price'><br>
<label class='in'>Item Type: </label>
<div class='rad'>
<input type='radio' name='item_type' value='Snacks' id='sn'> <label for='sn'>Snacks</label>
<input type='radio' name='item_type' value='Drinks' id='dr'> <label for='dr'>Drinks</label><br>
</div>
<label class='in'>Availability: </label>
<div class='rad'>
<input type='radio' name='avail' value='yes' id='y'> <label for='y'>Available</label>
<input type='radio' name='avail' value='no' id='n'> <label for='n'>Not Available</label>
</div>
<input class='sub_submit' type='submit' name='add_item' value='Add Menu Item'>
</fieldset>";
}
else if(isset($_POST['delete']))
{ #check if the DELETE button was pressed
#print_r($_POST); #for checking purposes
foreach ($mysqli->query($table_query) as $myrow)
{ #for all entries in the item list
$delete_entry = $myrow["item_id"]; #assign current entry's item_id to variable
if(isset($_POST[$delete_entry]) != NULL)
{ #check if the entry's checkbox was selected/not null(meaning the entry should be deleted)
#execute deletion
$delete_query = "DELETE FROM item WHERE item_id = '$delete_entry'";
$mysqli->query($delete_query);
}
}
echo "<p class='notif'> Item(s) deleted. </p>";
}
else if(isset($_POST['edit']))
{#print_r($_POST); #for checking purposes
$edit_item_name = NULL;
foreach ($mysqli->query($table_query) as $myrow)
{ #for all entries in the item list
$edit_entry_id = $myrow["item_id"]; #assign current entry's item_id to variable
if(isset($_POST[$edit_entry_id]) != NULL)
{ #check if the entry's checkbox was selected (meaning the entry should be deleted)
$edit_item_name = $myrow["item_name"]; #assign entry's item name to variable
$edit_item_price = $myrow["price"];
break; #get out of loop
}
}
if($edit_item_name == NULL)
{
echo
"<p class='notif'> Please select one (1) menu item entry to edit, then click [Edit]. <br> <br>
Note that if multiple entries are selected, only the <b>first one</b> selected on the list will be considered for editing.
</p>";
}
else
{
#display form for EDIT MENU ITEM
echo
"<fieldset class = 'notice'>
<legend> Edit Menu Item </legend>";
echo "<label class='in'>Menu Item Name: </label>";
echo
"<input class='text' type='text' name='new_item_name' value='$edit_item_name'><br>";
echo "<label class='in'>Item Price: </label>
<input class='text' type='text' name='new_price' value='$edit_item_price'><br>
<label class='in'>Item Type: </label>
<div class='rad'>
<input type='radio' name='new_item_type' value='Snacks' id='sn'> <label for='sn'>Snacks</label>
<input type='radio' name='new_item_type' value='Drinks' id='dr'> <label for='dr'>Drinks</label><br>
</div>
<label class='in'>Availability: </label>
<div class='rad'>
<input type='radio' name='change_avail' value='yes' id='y'> <label for='y'>Available</label>
<input type='radio' name='change_avail' value='no' id='n'> <label for='n'>Not Available</label>
</div>
<input class='sub_submit' type='submit' name='edit_item' value='Save Changes'>
<input type='hidden' name='id' value='$edit_entry_id'><!--#to send item_id-->
</fieldset>";
}
}
else if(isset($_POST['add_item']))
{
$restz_id = $rest_id; #
$item_name = $_POST['item_name']; #get the menu item name from the textbox named "item_name"
$item_price = $_POST['price'];
if(isset($_POST['item_type']))
{
$item_type = $_POST['item_type'];
}
else
{
$item_type = NULL;
}
if(isset($_POST['avail']))
{
if($_POST['avail'] == 'yes') $is_available = 1;
else $is_available = 0;
}
else
{
$is_available = -1;
}
#print_r($_POST); #for checking purposes
#execute insertion
#temporarily hard-coded to insert other attributes
if($item_type != NULL && $is_available != -1)
{
$insert_query = "INSERT INTO item(rest_id, item_name, price, type, is_available) VALUES ('$restz_id', '$item_name', '$item_price', '$item_type', '$is_available')";
$mysqli->query($insert_query);
echo "<p class='notif'> Item added. </p>";
}
else
{
echo "<p class='notif'> Error: Fill-up all the fields.</p>";
}
}
else if(isset($_POST['edit_item']))
{
$new_item_name = $_POST['new_item_name']; #get the menu item name from the textbox named "new_item_name"
$item_id = $_POST['id']; #get the item id from the hidden input component of the form named "id"
#$new_rest_id = $_POST['new_rest'];
$new_item_price = $_POST['new_price'];
#print_r($_POST); #for checking purposes
#execute update
if(isset($_POST['new_item_type']))
{
$new_item_type = $_POST['new_item_type'];
}
else
{
$new_item_type = NULL;
}
if(isset($_POST['change_avail']))
{
if($_POST['change_avail'] == 'yes') $change_is_available = 1;
else $change_is_available = 0;
}
else
{
$change_is_available = -1;
}
#print_r($_POST); #for checking purposes
#execute insertion
#temporarily hard-coded to insert other attributes
if($new_item_type != NULL && $change_is_available != -1)
{
$update_query = "UPDATE item SET item_name = '$new_item_name', price = '$new_item_price', type = '$new_item_type', is_available = '$change_is_available' WHERE item_id = '$item_id'";
$mysqli->query($update_query);
echo "<p class='notif'> Item updated. </p>";
}
else
{
echo "<p class='notif'> Error: Fill-up all the fields.</p>";
}
}
#display item table contents
echo "<table class='list'>";
echo
"<tr>
<th>Item ID</th>
<th>Item Name</th>
<th class='money'>Price</th>
<th>Type</th>
<th>Is Available</th>
</tr>";
#for layout purposes start
$num = 0;
$class = "even";
#end
foreach ($mysqli->query($table_query) as $myrow)
{
$checkbox_id = $myrow['item_id'];
#for layout purposes start
if($num%2 == 0) $class = "even";
else $class = "odd";
$num++;
#end
#for readability
$availability = 'Yes';
if($myrow["is_available"] == 0) $availability = 'No';
else $availability = 'Yes';
#echo $checkbox_id; #for checking purposes
echo "<tr class='$class'> <td>";
echo "<input type='checkbox' name='$checkbox_id'>", " ", $myrow["item_id"];
echo "<td>";
echo $myrow["item_name"];
echo "<td class = 'number'>";
echo $myrow["price"];
echo "<td>";
echo $myrow["type"];
echo "<td>";
echo $availability;
echo "</tr>";
}
echo "</table>";
}
}
#end of display
?>
</form>
</body>
</html>
\ No newline at end of file
display_malls.php 0 → 100644
View file @ 05f9623d
<!DOCTYPE html>
<html>
<head>
<head>
<title>All FooBu Malls</title>
<script type="text/javascript">
function validate(val) {
if(val == "Add Mall") {
var x = document.forms["main_form"]["mall_name"].value;
if(x == null || x == "") {
alert("Please put a valid mall name.");
return false;
}
}
else if(val == "Save Changes") {
var y = document.forms["main_form"]["new_mall_name"].value;
if(y == null || y == "") {
alert("Please put a new valid mall name.");
return false;
}
}
}
function viewPage() {
window.location = "display_malls.php";
}
function goBack() {
window.location = "homepage.php";
}
</script>
<link href="styles.css" type="text/css" rel="stylesheet">
</head>
<body>
<form name="main_form" method="post" action="display_malls.php" onsubmit="return validate()">
<?php
session_start();
$mysqli = new mysqli("localhost","root","","dbadmin");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
else
{
$id = $_SESSION['account_id'];
#protection
$sql = "SELECT * FROM account a
LEFT JOIN mall b ON a.mall_id = b.mall_id
LEFT JOIN restaurant c ON a.rest_id = c.rest_id
where account_id = " .$id;
$result = mysqli_query($mysqli,$sql);
$count = mysqli_num_rows($result);
if($result)
{
$newArray = mysqli_fetch_array($result, MYSQLI_ASSOC);
$position = $newArray['position'];
echo "<div class = 'bar'>";
#Account details
echo "<p class = 'logout'><a href = 'logout.php'>Log Out</a></p>";
echo "<p class = 'details'>Welcome " . $newArray['first_name']. " to Food Buddy!<br>";
echo "Position: " . $newArray['position']. "<br>";
echo "</p><a href = 'homepage.php'><img class = 'logo' src='logo.jpg' title='Home Page' align = 'middle'/></a></div>";
echo "<div class = 'navi'>";
#Menu Items
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_malls.php'>Malls</a></li>
<li class = 'home'><a href = 'display_rest.php'>Restaurants</a></li>
<li class = 'home'><a href = 'display_accounts.php'>Promote/Demote Account</a></li>
<li class = 'home'><a href = 'view_message.php'>Messages</a></li>";
echo "</div><div class = 'empty'></div>";
echo "<div class = 'center'><ul>
<!--<li><input class='submit' type='submit' name='delete_all' value='Delete All'></li>-->
<li><input class='submit' type='button' name='view' value='View List' onclick='viewPage()'></li>
<li><input class='submit' type='submit' name='add' value='Add' onsubmit='redirect()'></li>
<li><input class='submit' type='submit' name='delete' value='Delete'></li>
<li><input class='submit' type='submit' name='edit' value='Edit'></li>
</ul></div>";
#Doesn't work fak, but I might need it, so I'll keep it
/*session_start();
if(isset($_SESSION['add']) != NULL || isset($_SESSION['delete']) != NULL || isset($_SESSION['edit']) != NULL || isset($_SESSION['delete_all']) != NULL) {
if(($_SESSION['add'] == $_POST['add']) || ($_SESSION['delete'] == $_POST['delete']) || ($_SESSION['edit'] == $_POST['edit']) || ($_SESSION['delete_all'] == $_POST['delete_all'])) {
header("Location: display_malls.php");
}
}
else {
if(isset($_POST['add'])) {
$_SESSION['add'] = $_POST['add'];
}
else if(isset($_POST['delete'])) {
$_SESSION['delete'] = $_POST['delete'];
}
else if(isset($_POST['edit'])) {
$_SESSION['edit'] = $_POST['edit'];
}
else if(isset($_POST['delete_all'])) {
$_SESSION['delete_all'] = $_POST['delete_all'];
}
}*/
$table_query = "SELECT * FROM mall";
#$db->query($table_query);
/*if(isset($_POST['delete_all'])) {
$complete_delete_query = "TRUNCATE mall";
$db->query($complete_delete_query);
echo "<p class='notif'> List emptied. If you have done this by mistake, then oops. </p>";
}*/
if(isset($_POST['add']))
{ #check if the ADD button was pressed
#display form for ADD MALL
echo
"<fieldset class = 'notice'>
<legend> Add New Mall </legend>
<!--<form name='add_form' method='post' action='display_malls.php'>-->";
echo "<label class='in'>New Mall Name: </label>";
echo
"<input class='text' type='text' name='mall_name'>
<input class='sub_submit' type='submit' name='add_mall' value='Add Mall' onclick='return validate(this.value)'>
<!--</form>-->
</fieldset>";
#end of display
}
else if(isset($_POST['delete']))
{ #check if the DELETE button was pressed
#print_r($_POST); #for checking purposes
foreach ($mysqli->query($table_query) as $myrow)
{ #for all entries in the mall list
$delete_entry = $myrow["mall_id"]; #assign current entry's mall_id to variable
if(isset($_POST[$delete_entry]) != NULL)
{ #check if the entry's checkbox was selected/not null(meaning the entry should be deleted)
#execute deletion
$delete_query = "DELETE FROM mall WHERE mall_id = '$delete_entry'";
$delete_result = mysqli_query($mysqli,$delete_query);
if($delete_result === TRUE)
{
echo "<p class='notif'> Mall(s) deleted. </p>";
}
else
{
echo "<p class='notif'> Can't delete: Accounts/Restaurants are tied to this Mall!<br> Try to reassign the Accounts or Delete Restaurants from this Mall first then Delete!</p>";
}
}
}
}
else if(isset($_POST['edit']))
{
#print_r($_POST); #for checking purposes
$edit_mall_name = NULL;
foreach ($mysqli->query($table_query) as $myrow)
{ #for all entries in the mall list
$edit_entry_id = $myrow["mall_id"]; #assign current entry's mall_id to variable
if(isset($_POST[$edit_entry_id]) != NULL)
{ #check if the entry's checkbox was selected (meaning the entry should be deleted)
$edit_mall_name = $myrow["mall_name"]; #assign entry's mall name to variable
break; #get out of loop
}
}
if($edit_mall_name == NULL)
{
echo
"<p class='notif'> Please select one (1) mall entry to edit, then click [Edit]. <br> <br>
Note that if multiple entries are selected, only the <b>first one</b> selected on the list will be considered for editing.
</p>";
}
else
{
#display form for EDIT MALL
echo
"<fieldset class = 'notice'>
<legend> Edit Mall Data </legend>
<!--<form name='edit_form' method='post' action='display_malls.php'>-->";
echo "<label class='in'>Mall Name: </label>";
echo
"<input class='text' type='text' name='new_mall_name' value='$edit_mall_name'><br>
<input class='sub_submit' type='submit' name='edit_mall' value='Save Changes' onclick='return validate(this.value)'>
<input type='hidden' name='id' value='$edit_entry_id'><!--#to send mall_id-->
<!--</form>-->
</fieldset>";
}
}
else if(isset($_POST['add_mall']))
{
$mall_name = $_POST['mall_name']; #get the mall name from the textbox named "mall_name"
#print_r($_POST); #for checking purposes
#execute insertion
$insert_query = "INSERT INTO mall(mall_name) VALUES ('$mall_name')";
$mysqli->query($insert_query);
echo "<p class='notif'> Mall added. </p>";
#header("Location: display_malls.php"); #to avoid refresh issues
}
else if(isset($_POST['edit_mall']))
{
$new_mall_name = $_POST['new_mall_name']; #get the mall name from the textbox named "new_mall_name"
$mall_id = $_POST['id']; #get the mall id from the hidden input component of the form named "id"
#print_r($_POST); #for checking purposes
#execute update
$update_query = "UPDATE mall SET mall_name = '$new_mall_name' WHERE mall_id = '$mall_id'";
$mysqli->query($update_query);
echo "<p class='notif'> Mall updated. </p>";
#header("Location: display_malls.php"); #to avoid refresh issues
}
#display mall table contents
echo "<table class='list'>";
echo
"<tr>
<th>Mall ID</th>
<th>Mall Name</th>
</tr>";
#for layout purposes start
$num = 0;
$class = "even";
#end
foreach ($mysqli->query($table_query) as $myrow)
{
$checkbox_id = $myrow["mall_id"];
#for layout purposes start
if($num%2 == 0) $class = "even";
else $class = "odd";
$num++;
#end
#echo $checkbox_id; #for checking purposes
echo "<tr class='$class'> <td>";
echo "<input type='checkbox' name='$checkbox_id'>", " ", $myrow["mall_id"];
echo "<td>";
echo $myrow["mall_name"];
echo "</tr>";
}
echo "</table>";
}
}
#end of display
?>
</form>
</body>
</html>
\ No newline at end of file
display_order.php 0 → 100644
View file @ 05f9623d
<?php session_start();
$mysqli = new mysqli("localhost","root","","dbadmin");
#setting up the connection
try {
$db = new PDO('mysql:host=localhost;dbname=dbadmin', 'root', '');
$db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
} catch(PDOException $e) {
echo "Connection failed: " . $e->getMessage();
}
$id = $_SESSION['account_id'];
$mysqli = new mysqli("localhost","root","","dbadmin");
$sql = "SELECT * FROM account
INNER JOIN mall ON account.mall_id = mall.mall_id
WHERE account_id = ". $id;
$result = mysqli_query($mysqli,$sql);
$account = mysqli_fetch_array($result, MYSQLI_ASSOC);
$mall_id = $account['mall_id'];
$position = $account['position'];
$sql2 = "SELECT * FROM mall
WHERE mall_id = ".$mall_id;
$result2 = mysqli_query($mysqli,$sql2);
$account2 = mysqli_fetch_array($result2, MYSQLI_ASSOC);
echo "<html>
<head>
<title>".$account2['mall_name']." Orders</title>
<script type='text/javascript'>
function goBack() {
window.location = 'homepage.php';
}
</script>
<link href='styles.css' type='text/css' rel='stylesheet'>
</head>
<body>
<form name='main_form' method='post' action='display_order.php'>
</head>
<body>";
echo "<div class = 'bar'>";
#Account details
echo "<p class = 'logout'><a href = 'logout.php'>Log Out</a></p>";
echo "<p class = 'details'>Welcome " . $account['first_name']. " to Food Buddy!<br>";
echo "Position: " . $account['position']. "<br>";
echo "Mall: " . $account['mall_name'];
echo "</p><a href = 'homepage.php'><img class = 'logo' src='logo.jpg' title='Home Page' align = 'middle'/></a></div>";
echo "<div class = 'navi'>";
#Menu Items
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_order.php'>All Orders</a></li>
<li class = 'home'><a href = 'display_orders_to_be_prepared.php'>Orders to Prepare</a></li>
<li class = 'home'><a href = 'view_message.php'>Messages</a></li>";
echo "</div><div class = 'empty'></div>";
echo "<div class = 'center'><ul>
<li><input class='submit' type='submit' name='view' value='View Order'></li>
<li><input class='submit' type='submit' name='dibs' value='Dibs'></li>
<li><input class='submit' type='submit' name='delivered' value='Delivered'></li>
</ul></div>";
$table_query = "SELECT * FROM orders a
INNER JOIN mall b ON a.mall_id = b.mall_id
INNER JOIN account c ON a.account_id = c.account_id
WHERE a.mall_id = " .$mall_id. " AND a.status != 'Delivered'";
$zz = "SELECT * from orderitems a
INNER JOIN orders b ON a.order_id = b.order_id
INNER JOIN account c ON b.account_id = c.account_id";
$table2_query = "SELECT * FROM orderitems";
if(isset($_POST['dibs'])) { #check if the dibs button was pressed
#change status to preparing
foreach ($db->query($table_query) as $myrow) { #for all entries in the item list
$dibs_entry = $myrow["order_id"]; #assign current entry's item_id to variable
$client_id = $myrow['account_id'];
if(isset($_POST[$dibs_entry]) != NULL) { #check if the entry's checkbox was selected/not null(meaning the entry should be deleted)
#execute change
#changing the status and placing boy
$update_query = "UPDATE orders SET status = 'Assembling', boy_id = '$id' WHERE order_id = '$dibs_entry'";
$db->query($update_query);
#creating a message that it is being done
$boy_id = $_SESSION['account_id'];
$boy_acc_query = "SELECT * FROM account WHERE account_id = " . $boy_id;
$sender_acc_result = mysqli_query($mysqli,$boy_acc_query);
$senderAccArray = mysqli_fetch_array($sender_acc_result, MYSQLI_ASSOC);
$sender_acc= $senderAccArray['first_name'] . " ''".$senderAccArray['username']."'' " . $senderAccArray['last_name'];
$msg = "Your Order has been received by " . $sender_acc. "! Please wait for 20 mins!";
$message_query = "INSERT INTO message (recipient_id,sender_id,msg_date,msg) VALUES ( ".$client_id.", " .$boy_id .", now(), '".$msg."')";
$result = mysqli_query($mysqli,$message_query);
}
}
}
else if(isset($_POST['view'])){ #check if the VIEW ORDER button was pressed
echo
"<fieldset class = 'notice'>
<legend> Order Items </legend>";
echo "<table>";
echo
"<tr>
<th>Restaurant</th>
<th>Food Item</th>
<th>Quantity</th>
</tr>";
foreach ($db->query($zz) as $myrow) { #for all entries in the order item list
$display_entry = $myrow["order_id"]; #assign current entry's item_id to variable
if(isset($_POST[$display_entry]) != NULL) { #check if the entry's checkbox was selected/not null(meaning the entry should be deleted)
$checkbox_id = $myrow["order_id"];
$cust_id = $myrow['account_id'];
#for layout purposes start
#end
#echo $checkbox_id; #for checking purposes
echo "<td>";
$rest_name_query = "SELECT rest_name FROM restaurant
INNER JOIN item ON restaurant.rest_id = item.rest_id
WHERE item_id = " . $myrow['item_id'];
$rest_name_result = mysqli_query($mysqli,$rest_name_query);
$rest_Array = mysqli_fetch_array($rest_name_result, MYSQLI_ASSOC);
$rest_name= $rest_Array['rest_name'];
echo $rest_name;
echo "</td><td>";
$item_name_query = "SELECT item_name FROM item WHERE item_id = " . $myrow['item_id'];
$item_name_result = mysqli_query($mysqli,$item_name_query);
$item_Array = mysqli_fetch_array($item_name_result, MYSQLI_ASSOC);
$item_name= $item_Array['item_name'];
echo $item_name;
echo "</td><td class = 'number'>";
echo $myrow["item_qty"];
echo "</td>";
echo "</tr>";
}
}
echo "</table>";
echo "</fieldset>";
}
#CHECK CASCADE DELETE
else if(isset($_POST['delivered'])) { #check if the DELETE button was pressed
#print_r($_POST); #for checking purposes
foreach ($db->query($table_query) as $myrow) { #for all entries in the item list
$delivered_entry = $myrow["order_id"]; #assign current entry's item_id to variable
if(isset($_POST[$delivered_entry]) != NULL) { #check if the entry's checkbox was selected/not null(meaning the entry should be deleted)
#execute deletion
$select_order_query = "SELECT status FROM orders WHERE order_id = $delivered_entry";
foreach(mysqli_query($mysqli,$select_order_query) as $myRow)
{
if($myrow['status']== 'Assembling')
{
$delivered_query = "UPDATE orders SET status = 'Delivered' WHERE order_id = '$delivered_entry'";
$db->query($delivered_query);
}
else
{
echo "Cannot deliver an order if no one is assigned to it yet!";
}
}
}
}
}
#display mall table contents
echo "<table class='list'>";
echo
"<tr>
<th>Order ID</th>
<th>Time Received</th>
<th>Username</th>
<th>Mall</th>
<th>Cinema</th>
<th>Seat Number</th>
<th>Status</th>
<th>Boy in-Charge</th>
</tr>";
#for layout purposes start
$num = 0;
$class = "even";
#end
foreach ($db->query($table_query) as $myrow) {
$checkbox_id = $myrow["order_id"];
$boy_id = $myrow['boy_id'];
#for layout purposes start
if($num%2 == 0) $class = "even";
else $class = "odd";
$num++;
#end
#echo $checkbox_id; #for checking purposes
echo "<tr class='$class'> <td>";
echo "<input type='checkbox' name='$checkbox_id'>", " ", $myrow["order_id"];
echo "</td><td class = 'number'>";
echo $myrow["order_time"];
echo "</td><td>";
echo $myrow["username"];
echo "</td><td>";
echo $myrow["mall_name"];
echo "</td><td class = 'number'>";
echo $myrow["cinema_num"];
echo "</td><td class = 'number'>";
echo $myrow["seat_num"];
echo "</td><td>";
echo $myrow["status"];
echo "</td>";
echo "</td><td>";
if($boy_id != null)
{
$boy_acc_query = "SELECT * FROM account WHERE account_id = " . $boy_id;
$sender_acc_result = mysqli_query($mysqli,$boy_acc_query);
$senderAccArray = mysqli_fetch_array($sender_acc_result, MYSQLI_ASSOC);
$sender_acc= $senderAccArray['first_name'] . " ''".$senderAccArray['username']."'' " . $senderAccArray['last_name'];
echo $sender_acc;
}
echo "</td>";
echo "</tr>";
}
echo "</table>";
#end of display
?>
</body>
</html>
\ No newline at end of file
display_orderitems.php 0 → 100644
View file @ 05f9623d
<!DOCTYPE html>
<html>
<head>
<link href="css\database_layout2.css" type="text/css" rel="stylesheet">
</head>
<body>
<?php
#setting up the connection
try {
$db = new PDO('mysql:host=localhost;dbname=dbadmin', 'root', '');
$db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
} catch(PDOException $e) {
echo "Connection failed: " . $e->getMessage();
}
#Doesn't work fak, but I might need it, so I'll keep it
/*session_start();
if(isset($_SESSION['add']) != NULL || isset($_SESSION['delete']) != NULL || isset($_SESSION['edit']) != NULL || isset($_SESSION['delete_all']) != NULL) {
if(($_SESSION['add'] == $_POST['add']) || ($_SESSION['delete'] == $_POST['delete']) || ($_SESSION['edit'] == $_POST['edit']) || ($_SESSION['delete_all'] == $_POST['delete_all'])) {
header("Location: display_malls.php");
}
}
else {
if(isset($_POST['add'])) {
$_SESSION['add'] = $_POST['add'];
}
else if(isset($_POST['delete'])) {
$_SESSION['delete'] = $_POST['delete'];
}
else if(isset($_POST['edit'])) {
$_SESSION['edit'] = $_POST['edit'];
}
else if(isset($_POST['delete_all'])) {
$_SESSION['delete_all'] = $_POST['delete_all'];
}
}*/
$table_query = "SELECT * FROM orderitems a
INNER JOIN item b ON a.item_id = b.item_id
INNER JOIN restaurant c ON b.rest_id = c.rest_id
ORDER BY a.order_id ASC";
#display mall table contents
echo "<table class='list'>";
echo
"<tr>
<th>From Order ID</th>
<th>Restaurant</th>
<th>Item Name</th>
</tr>";
#for layout purposes start
$num = 0;
$class = "even";
#end
foreach ($db->query($table_query) as $myrow) {
$checkbox_id = $myrow["orderitem_id"];
#for layout purposes start
if($num%2 == 0) $class = "even";
else $class = "odd";
$num++;
#end
#echo $checkbox_id; #for checking purposes
echo "<tr class='$class'> <td>";
echo "<input type='checkbox' name='$checkbox_id'>", " ", $myrow["order_id"];
echo "</td><td>";
echo $myrow["rest_name"];
echo "</td><td>";
echo $myrow["item_name"];
echo "</td>";
echo "</tr>";
}
echo "</table>";
#end of display
?>
</body>
</html>
\ No newline at end of file
display_orders_to_be_prepared.php 0 → 100644
View file @ 05f9623d
<?php session_start();?>
<!DOCTYPE html>
<html>
<head>
<title>Your Claimed Orders</title>
<script type="text/javascript">
function goBack() {
window.location = "homepage.php";
}
</script>
<link href="styles.css" type="text/css" rel="stylesheet">
</head>
<body>
<form name="main_form" method="post" action="display_orders_to_be_prepared.php">
</head>
<body>
<?php
$mysqli = new mysqli("localhost","root","","dbadmin");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
else
{
$id = $_SESSION['account_id'];
$sql = "SELECT * FROM account a
LEFT JOIN mall b ON a.mall_id = b.mall_id
LEFT JOIN restaurant c ON a.rest_id = c.rest_id
where a.account_id = ". $id;
$result = mysqli_query($mysqli,$sql);
if($result)
{
$account = mysqli_fetch_array($result, MYSQLI_ASSOC);
$position = $account['position'];
echo "<div class = 'bar'>";
#Account details
echo "<p class = 'logout'><a href = 'logout.php'>Log Out</a></p>";
echo "<p class = 'details'>Welcome " . $account['first_name']. " to Food Buddy!<br>";
echo "Position: " . $account['position']. "<br>";
echo "Mall: " . $account['mall_name'];
echo "</p><a href = 'homepage.php'><img class = 'logo' src='logo.jpg' title='Home Page' align = 'middle'/></a></div>";
echo "<div class = 'navi'>";
#Menu Items
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>View Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_order.php'>All Orders</a></li>
<li class = 'home'><a href = 'display_orders_to_be_prepared.php'>Orders to Prepare</a></li>
<li class = 'home'><a href = 'view_message.php'>Messages</a></li>";
echo "</div><div class = 'empty'></div>";
echo "<div class = 'center'><ul>
<li><input class='submit' type='submit' name='sortA' value='Sort by Account'></li>
<li><input class='submit' type='submit' name='sortR' value='Sort by Restaurant'></li>
</ul></div>";
$table_query = "SELECT * from orderitems a
INNER JOIN orders b ON a.order_id = b.order_id
INNER JOIN account c ON b.account_id = c.account_id
WHERE b.boy_id = " .$id. " AND b.status = 'Assembling'";
if(isset($_POST['sortA']))
{ #Sort by Account
$id = $_SESSION['account_id'];
$table_query = "SELECT * from orderitems a
INNER JOIN orders b ON a.order_id = b.order_id
INNER JOIN account c ON b.account_id = c.account_id
WHERE b.boy_id = ".$id."
AND b.status = 'Assembling'
ORDER BY c.account_id";
}
else if(isset($_POST['sortR'])){ #Sort by Restaurant
$id = $_SESSION['account_id'];
$table_query = "SELECT * from orderitems a
INNER JOIN orders b ON a.order_id = b.order_id
INNER JOIN item c ON a.item_id = c.item_id
INNER JOIN restaurant d ON c.rest_id = d.rest_id
WHERE b.boy_id = ".$id."
AND b.status = 'Assembling'
ORDER BY d.rest_id";
}
else if(isset($_POST['deliver']))
{ #check if the DIBS button was pressed
#send notification to client (wala pa to)
}
#CHECK CASCADE DELETE
else if(isset($_POST['delete']))
{ #check if the DELETE button was pressed
#print_r($_POST); #for checking purposes
foreach ($mysqli->query($table_query) as $myrow)
{ #for all entries in the item list
$delete_entry = $myrow["order_id"]; #assign current entry's item_id to variable
if(isset($_POST[$delete_entry]) != NULL)
{ #check if the entry's checkbox was selected/not null(meaning the entry should be deleted)
#execute deletion
$deleteitem_query = "DELETE FROM orderitems WHERE order_id = '$delete_entry'";
$mysqli->query($deleteitem_query);
$delete_query = "DELETE FROM orders WHERE order_id = '$delete_entry'";
$mysqli->query($delete_query);
}
}
}
#display mall table contents
echo "<table class='special'>";
echo
"<tr>
<th>Account</th>
<th>Restaurant</th>
<th>Food Item</th>
<th>Quantity</th>
<th>Cinema</th>
<th>Seat Number</th>
</tr>";
#for layout purposes start
$num = 0;
$class = "even";
#end
foreach ($mysqli->query($table_query) as $myrow)
{
$checkbox_id = $myrow["order_id"];
$cust_id = $myrow['account_id'];
#for layout purposes start
if($num%2 == 0) $class = "even";
else $class = "odd";
$num++;
#end
#echo $checkbox_id; #for checking purposes
echo "<tr class='$class'> <td>";
$boy_acc_query = "SELECT * FROM account WHERE account_id = " . $cust_id;
$sender_acc_result = mysqli_query($mysqli,$boy_acc_query);
$senderAccArray = mysqli_fetch_array($sender_acc_result, MYSQLI_ASSOC);
$sender_acc= $senderAccArray['first_name'] . " ''".$senderAccArray['username']."'' " . $senderAccArray['last_name'];
echo $sender_acc;
echo "</td><td>";
$rest_name_query = "SELECT rest_name FROM restaurant
INNER JOIN item ON restaurant.rest_id = item.rest_id
WHERE item_id = " . $myrow['item_id'];
$rest_name_result = mysqli_query($mysqli,$rest_name_query);
$rest_Array = mysqli_fetch_array($rest_name_result, MYSQLI_ASSOC);
$rest_name= $rest_Array['rest_name'];
echo $rest_name;
echo "</td><td>";
$item_name_query = "SELECT item_name FROM item WHERE item_id = " . $myrow['item_id'];
$item_name_result = mysqli_query($mysqli,$item_name_query);
$item_Array = mysqli_fetch_array($item_name_result, MYSQLI_ASSOC);
$item_name= $item_Array['item_name'];
echo $item_name;
echo "</td><td class = 'number'>";
echo $myrow["item_qty"];
echo "</td><td class = 'number'>";
echo $myrow["cinema_num"];
echo "</td><td class = 'number'>";
echo $myrow["seat_num"];
echo "</td>";
echo "</tr>";
}
echo "</table>";
}
}
#end of display
?>
</body>
</form>
</html>
\ No newline at end of file
display_rest.php 0 → 100644
View file @ 05f9623d
<!DOCTYPE html>
<html>
<head>
<title>All FooBu Restaurants</title>
<script type="text/javascript">
function viewPage() {
window.location = "display_rest.php";
}
function goBack() {
window.location = "homepage.php";
}
</script>
<link href="styles.css" type="text/css" rel="stylesheet">
</head>
<body>
<form name="main_form" method="post" action="display_rest.php">
<?php
session_start();
#setting up the connection
$mysqli = new mysqli("localhost","root","","dbadmin");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
else
{
$id = $_SESSION['account_id'];
#protection
$sql = "SELECT * FROM account a
LEFT JOIN mall b ON a.mall_id = b.mall_id
LEFT JOIN restaurant c ON a.rest_id = c.rest_id
where account_id = " .$id;
$result = mysqli_query($mysqli,$sql);
if($result)
{
$newArray = mysqli_fetch_array($result, MYSQLI_ASSOC);
$position = $newArray['position'];
echo "<div class = 'bar'>";
#Account details
echo "<p class = 'logout'><a href = 'logout.php'>Log Out</a></p>";
echo "<p class = 'details'>Welcome " . $newArray['first_name']. " to Food Buddy!<br>";
echo "Position: " . $newArray['position']. "<br>";
echo "</p><a href = 'homepage.php'><img class = 'logo' src='logo.jpg' title='Home Page' align = 'middle'/></a></div>";
echo "<div class = 'navi'>";
#Menu Items
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_malls.php'>Malls</a></li>
<li class = 'home'><a href = 'display_rest.php'>Restaurants</a></li>
<li class = 'home'><a href = 'display_accounts.php'>Promote/Demote Account</a></li>
<li class = 'home'><a href = 'view_message.php'>Messages</a></li>";
echo "</div><div class = 'empty'></div>";
echo "<div class = 'center'><ul>
<!--<li><input class='submit' type='submit' name='delete_all' value='Delete All'></li>-->
<li><input class='submit' type='button' name='view' value='View List' onclick='viewPage()'></li>
<li><input class='submit' type='submit' name='add' value='Add'></li>
<li><input class='submit' type='submit' name='delete' value='Delete'></li>
<li><input class='submit' type='submit' name='edit' value='Edit'></li>
</ul></div>";
$select_query = "SELECT * FROM mall";
$table_query = "SELECT * FROM restaurant INNER JOIN mall ON restaurant.mall_id = mall.mall_id";
$result3 = mysqli_query($mysqli,$select_query);
#$db->query($table_query);
#print_r($_POST); #for checking purposes
/*if(isset($_POST['delete_all'])) {
$complete_delete_query = "TRUNCATE restaurant";
$db->query($complete_delete_query);
echo "<p class='notif'> List emptied. If you have done this by mistake, then oops. </p>";
}*/
if(isset($_POST['add']))
{ #check if the ADD button was pressed
#display form for ADD RESTAURANT
echo
"<fieldset class = 'notice'>
<legend> Add New Restaurant </legend>";
echo "<label class='in'>New Restaurant Name: </label>";
echo
"<input class='text' type='text' name='rest_name'><br>";
echo
"<label class='in'>Select Mall: </label>
<select class='mall_list' name='malls'>
<option value='0' selected>Choose a Mall</option>";
foreach(mysqli_query($mysqli,$select_query) as $option)
{
$r_id = $option['mall_id'];
$mall_name = $option['mall_name'];
echo "<option value='$r_id'>$mall_name</option>";
}
echo
"</select><br>
<input class='sub_submit' type='submit' name='add_rest' value='Add Restaurant'>
</fieldset>";
#end of display
}
else if(isset($_POST['delete']))
{ #check if the DELETE button was pressed
foreach ($mysqli->query($table_query) as $myrow)
{ #for all entries in the restaurant list
$delete_entry = $myrow["rest_id"]; #assign current entry's rest_id to variable
if(isset($_POST[$delete_entry]) != NULL)
{ #check if the entry's checkbox was selected/not null(meaning the entry should be deleted)
#execute deletion
$delete_query = "DELETE FROM restaurant WHERE rest_id = '$delete_entry'";
$delete_result = mysqli_query($mysqli,$delete_query);
if($delete_result === TRUE)
{
echo "<p class='notif'> Restaurant(s) deleted. </p>";
}
else
{
echo "<p class='notif'> Can't delete: Accounts are tied to this Restaurant! Try to reassign the Accounts from this Restaurant first then Delete!</p>";
}
}
}
}
else if(isset($_POST['edit']))
{
$edit_rest_name = NULL;
foreach ($mysqli->query($table_query) as $myrow)
{ #for all entries in the restaurant list
$edit_entry_id = $myrow["rest_id"]; #assign current entry's rest_id to variable
if(isset($_POST[$edit_entry_id]) != NULL)
{ #check if the entry's checkbox was selected (meaning the entry should be deleted)
$edit_rest_name = $myrow["rest_name"]; #assign entry's restaurant name to variable
break; #get out of loop
}
}
if($edit_rest_name == NULL)
{
echo
"<p class='notif'> Please select one (1) restaurant entry to edit, then click [Edit]. <br> <br>
Note that if multiple entries are selected, only the <b>first one</b> selected on the list will be considered for editing.
</p>";
}
else
{
#display form for EDIT RESTAURANT
echo
"<fieldset class = 'notice'>
<legend> Edit Restaurant Data </legend>";
echo "<label class='in'>Restaurant Name: </label>";
echo
"<input class='text' type='text' name='new_rest_name' value='$edit_rest_name'><br>";
echo
"<label class='in'>Select Mall: </label>
<select class='mall_list' name='malls'>
<option value='0'>Choose a Mall</option>";
foreach($mysqli->query($select_query) as $option)
{
$id = $option['mall_id'];
$name = $option['mall_name'];
echo "<option value='$id'>[$id] $name</option>";
}
echo
"</select><br>
<input class='sub_submit' type='submit' name='edit_rest' value='Save Changes'>
<input type='hidden' name='id' value='$edit_entry_id'><!--#to send rest_id-->
</fieldset>";
}
}
else if(isset($_POST['add_rest']))
{
$rest_name = $_POST['rest_name']; #get the restaurant name from the textbox named "rest_name"
$rest_mall_id = $_POST['malls']; #get the mall name from the dropdown list called "malls"
#execute insertion
#temporarily hard-coded to insert mall_id
$insert_query = "INSERT INTO restaurant(mall_id, rest_name) VALUES ('$rest_mall_id', '$rest_name')";
$mysqli->query($insert_query);
echo "<p class='notif'> Restaurant added. </p>";
}
else if(isset($_POST['edit_rest']))
{
$new_rest_name = $_POST['new_rest_name']; #get the restaurant name from the textbox named "new_rest_name"
$new_rest_mall_id = $_POST['malls'];
$rest_id = $_POST['id']; #get the restaurant id from the hidden input component of the form named "id"
#execute update
$update_query = "UPDATE restaurant SET rest_name = '$new_rest_name', mall_id = '$new_rest_mall_id' WHERE rest_id = '$rest_id'";
$mysqli->query($update_query);
echo "<p class='notif'> Restaurant updated. </p>";
}
#display restaurant table contents
echo "<table class='list'>";
echo
"<tr>
<th>Restaurant ID</th>
<th>Mall ID</th>
<th>Restaurant Name</th>
</tr>";
#for layout purposes start
$num = 0;
$class = "even";
#end
foreach ($mysqli->query($table_query) as $myrow)
{
$checkbox_id = $myrow["rest_id"];
#for layout purposes start
if($num%2 == 0) $class = "even";
else $class = "odd";
$num++;
#end
echo "<tr class='$class'> <td>";
echo "<input type='checkbox' name='$checkbox_id'>", " ", $myrow["rest_id"];
echo "<td>";
echo $myrow["mall_name"];
echo "<td>";
echo $myrow["rest_name"];
echo "</tr>";
}
echo "</table>";
}
}
#end of display
?>
</form>
</body>
</html>
\ No newline at end of file
edit.php 0 → 100644
View file @ 05f9623d
<?php
$mysqli = mysqli_connect("localhost","root","joel2013","testDB");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
else
{
$clean_id = $_POST["item"];
$clean_text = mysqli_real_escape_string($mysqli, $_POST["textfield"]);
$sql = "UPDATE testTable SET testField = '".$clean_text."' WHERE id = ".$clean_id."";
$res = mysqli_query($mysqli,$sql) or die (mysqli_error($mysqli));
if($res === TRUE)
{
echo "Record has been edited.";
}
else{
printf("Could not edit record: %s\n",mysqli_error($mysqli ));
}
mysqli_close($mysqli);
}
?>
<!DOCTYPE html>
<html>
<head><title>TEST</title></head>
<body>
<a href = "edit_form.html"><button>Back to Edit!</button></a>
</body>
</html>
\ No newline at end of file
edit_account.php 0 → 100644
View file @ 05f9623d
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head><title>Edit FooBu Account</title>
<script>
function validateForm() {
var a = document.forms["myForm"]["firstname"].value;
var b= document.forms["myForm"]["middlename"].value;
var c = document.forms["myForm"]["lastname"].value;
if (a== "" || b == "" || c == "") {
alert("Pls put input!");
return false;
}
}
</script>
</head>
<link href = "styles.css" type = "text/css" rel = "stylesheet"/>
<body>
<?php
$mysqli = new mysqli("localhost","root","","dbadmin");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
else
{
$id = $_SESSION['account_id'];
#protection
$sql = "SELECT * FROM account a
LEFT JOIN mall b ON a.mall_id = b.mall_id
LEFT JOIN restaurant c ON a.rest_id = c.rest_id
where a.account_id = ". $id;
$result = mysqli_query($mysqli,$sql);
$count = mysqli_num_rows($result);
if($result)
{
$account = mysqli_fetch_array($result, MYSQLI_ASSOC);
$position = $account['position'];
echo "<div class = 'bar'>";
#Account details
echo "<p class = 'logout'><a href = 'logout.php'>Log Out</a></p>";
echo "<p class = 'details'>Welcome to Food Buddy!<br>";
if($position != 'Client')
{
echo "Position: " . $account['position']. "<br>";
if($position != 'Dev')
{
if($position != 'Boy') echo "Mall: " . $account['mall_name'] . ", Restaurant: " . $account['rest_name']. "<br>";
else echo "Mall: " . $account['mall_name'];
}
}
if($position == 'Client') echo "Load: " . $account['load_balance'] ."<br/>";
echo "</p><a href = 'homepage.php'><img class = 'logo' src='logo.jpg' title='Home Page' align = 'middle'/></a></div>";
echo "<div class = 'navi'>";
#Menu Items
if($position == 'Dev')
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_malls.php'>Malls</a></li>
<li class = 'home'><a href = 'display_rest.php'>Restaurants</a></li>
<li class = 'home'><a href = 'display_accounts.php'>Promote/Demote Account</a></li>";
}else if($position == 'Admin')
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_items.php'>Food Items</a></li>
<li class = 'home'><a href = 'display_accounts-2.php'>Load Accounts</a></li>";
}else if($position == 'Boy')
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_order.php'>All Orders</a></li>
<li class = 'home'><a href = 'display_orders_to_be_prepared.php'>Orders to Prepare</a></li>";
}
else
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'choose_mall.php'>Order Food</a></li>";
}
echo "<li class = 'home'><a href = 'view_message.php'>Messages</a></li>";
echo "</div><div class = 'empty'></div>";
}
}
?>
<h1>Edit Account</h1>
<p>
<form action = "checkedit.php" onsubmit = "return validateForm()" method = "POST" name = "myForm">
<fieldset class = "creation">
<legend>Personal Information</legend>
Full Name:<br>
<input type = "text" id = "firstname" name = "firstname" placeholder = "First Name">
<input type = "text" id = "middlename" name = "middlename" placeholder = "Middle Name">
<input type = "text" id = "lastname" name = "lastname" placeholder = "Last Name">
</fieldset>
</p>
<div class = "center">
<input class = "submit" type = "submit" value = "Submit">
</div>
</form>
<!--Buttons-->
<!--WIP-->
<div class = "center">
<br><a href = "homepage.php"><button>Cancel</button></a>
</div>
</body>
</html>
\ No newline at end of file
edit_form.html 0 → 100644
View file @ 05f9623d
<!DOCTYPE html>
<html>
<head><title>TEST</title></head>
<body>
<form method = "post" action = "edit.php">
<p><label for = "item">Which item to edit:</label></br>
<input type = "text" id = "item" name = "item"></p>
<p><label for = "textfield">Edit into What:</label></br>
<input type = "text" id = "textfield" name = "textfield"></p>
<button type = "submit" name = "submit" value = "edit">Edit Record</button>
</form>
</body>
</html>
\ No newline at end of file
edit_password.php 0 → 100644
View file @ 05f9623d
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head><title>Edit FooBu Password</title>
<script>
function validateForm() {
var a = document.forms["myForm"]["old_password"].value;
var b= document.forms["myForm"]["password1"].value;
var c = document.forms["myForm"]["password2"].value;
if (a== "" || b == "" || c == "") {
alert("Please fill in all fields.");
return false;
}else if(b != c)
{
alert("New Passwords are not equal!");
return false;
}
}
</script>
</head>
<link href = "styles.css" type = "text/css" rel = "stylesheet"/>
<body>
<?php
$mysqli = new mysqli("localhost","root","","dbadmin");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
else
{
$id = $_SESSION['account_id'];
#protection
$sql = "SELECT * FROM account a
LEFT JOIN mall b ON a.mall_id = b.mall_id
LEFT JOIN restaurant c ON a.rest_id = c.rest_id
where a.account_id = ". $id;
$result = mysqli_query($mysqli,$sql);
$count = mysqli_num_rows($result);
if($result)
{
$account = mysqli_fetch_array($result, MYSQLI_ASSOC);
$position = $account['position'];
echo "<div class = 'bar'>";
#Account details
echo "<p class = 'logout'><a href = 'logout.php'>Log Out</a></p>";
echo "<p class = 'details'>Welcome " . $account['first_name']. " to Food Buddy!<br>";
if($position != 'Client')
{
echo "Position: " . $account['position']. "<br>";
if($position != 'Dev')
{
if($position != 'Boy') echo "Mall: " . $account['mall_name'] . ", Restaurant: " . $account['rest_name']. "<br>";
else echo "Mall: " . $account['mall_name'];
}
}
if($position == 'Client') echo "Load: " . $account['load_balance'] ."<br/>";
echo "</p><a href = 'homepage.php'><img class = 'logo' src='logo.jpg' title='Home Page' align = 'middle'/></a></div>";
echo "<div class = 'navi'>";
#Menu Items
if($position == 'Dev')
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_malls.php'>Malls</a></li>
<li class = 'home'><a href = 'display_rest.php'>Restaurants</a></li>
<li class = 'home'><a href = 'display_accounts.php'>Promote/Demote Account</a></li>";
}else if($position == 'Admin')
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_items.php'>Food Items</a></li>
<li class = 'home'><a href = 'display_accounts-2.php'>Load Accounts</a></li>";
}else if($position == 'Boy')
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_order.php'>All Orders</a></li>
<li class = 'home'><a href = 'display_orders_to_be_prepared.php'>Orders to Prepare</a></li>";
}
else
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'choose_mall.php'>Order Food</a></li>";
}
echo "<li class = 'home'><a href = 'view_message.php'>Messages</a></li>";
echo "</div><div class = 'empty'></div>";
}
}
?>
<h1>Edit Password</h1>
<p>
<form action = "checkPassedit.php" onsubmit = "return validateForm()" method = "POST" name = "myForm">
<fieldset class = "creation">
<legend>Password</legend>
Old Password:<br>
<input type = "password" id = "old_password" name = "old_password" placeholder = "Old Password"><br><br>
New Password:<br>
<input type = "password" id = "password1" name = "password1" placeholder = "New Password">
<input type = "password" id = "password2" name = "password2" placeholder = "Re-enter New Password">
</fieldset>
</p>
<div class = 'center'>
<input class = "submit" type = "submit" value = "Submit">
</div>
</form>
<!--Buttons-->
<!--WIP-->
</body>
</html>
\ No newline at end of file
getAccountInfo.php 0 → 100644
View file @ 05f9623d
<!DOCTYPE html>
<html>
<body>
<form method = "post" action = "test.php">
<input type = "submit" value = "Back">
</form>
<?php
// Get a connection for the database
require_once('mysqli_connect.php');
// Create a query for the database
$query = "SELECT AccountID, FirstName, LastName FROM Account";
// Get a response from the database by sending the connection
// and the query
$response = @mysqli_query($dbc, $query);
// If the query executed properly proceed
if($response){
echo '<table align="left"
cellspacing="5" cellpadding="8">
<tr><td align="left"><b>Account ID</b></td>
<td align="left"><b>First Name</b></td>
<td align="left"><b>Last Name</b></td>></tr>';
// mysqli_fetch_array will return a row of data from the query
// until no further data is available
while($row = mysqli_fetch_array($response)){
echo '<tr><td align="left">' .
$row['AccountID'] . '</td><td align="left">' .
$row['FirstName'] . '</td><td align="left">' .
$row['LastName'] . '</td><td align="left">';
echo '</tr>';
}
echo '</table>';
} else {
echo "Couldn't issue database query<br />";
echo mysqli_error($dbc);
}
// Close connection to the database
mysqli_close($dbc);
?>
</body>
</html>
homepage.php 0 → 100644
View file @ 05f9623d
<!DOCTYPE html>
<html>
<head>
<title>FooBu Homepage</title>
<link href = "styles.css" type = "text/css" rel = "stylesheet"/>
</head>
<body>
<form action = "checkcreate.php" onsubmit = "return validateForm()" method = "POST" name = "myForm">
<?php
session_start();
$mysqli = new mysqli("localhost","root","","dbadmin");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
else
{
$id = $_SESSION['account_id'];
#protection
$sql = "SELECT * FROM account a
LEFT JOIN mall b ON a.mall_id = b.mall_id
LEFT JOIN restaurant c ON a.rest_id = c.rest_id
where a.account_id = ". $id;
$result = mysqli_query($mysqli,$sql);
$count = mysqli_num_rows($result);
if($result)
{
$account = mysqli_fetch_array($result, MYSQLI_ASSOC);
$position = $account['position'];
echo "<div class = 'bar'>";
#Account details
echo "<p class = 'logout'><a href = 'logout.php'>Log Out</a></p>";
echo "<p class = 'details'>Welcome " . $account['first_name']. " to Food Buddy!<br>";
if($position != 'Client')
{
echo "Position: " . $account['position'] . "<br>";
if($position != 'Dev')
{
if($position != 'Boy') echo "Mall: " . $account['mall_name'] . " Restaurant: " . $account['rest_name']. "<br>";
else echo "Mall: " . $account['mall_name'];
}
}
if($position == 'Client') echo "Load: " . $account['load_balance'] ."<br/>";
echo "</p><a href = 'homepage.php'><img class = 'logo' src='logo.jpg' title='Home Page' align = 'middle'/></a></div>";
echo "<div class = 'navi'>";
#Menu Items
if($position == 'Dev')
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_malls.php'>Malls</a></li>
<li class = 'home'><a href = 'display_rest.php'>Restaurants</a></li>
<li class = 'home'><a href = 'display_accounts.php'>Promote/Demote Account</a></li>";
}else if($position == 'Admin')
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_items.php'>Food Items</a></li>
<li class = 'home'><a href = 'display_accounts-2.php'>Load Accounts</a></li>";
}else if($position == 'Boy')
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_order.php'>All Orders</a></li>
<li class = 'home'><a href = 'display_orders_to_be_prepared.php'>Orders to Prepare</a></li>";
}
else
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'choose_mall.php'>Order Food</a></li>";
}
echo "<li class = 'home'><a href = 'view_message.php'>Messages</a></li>";
echo "</div>";
}
}
?>
<br><br><br><br><br><br>
<div class = "promo">
<h1>Tis' the Season to be Jolly</h1>
<p>December 1, 2015 - FooBu</p>
<img src="star_wars_christmas_3.jpg" title="Christmas Promo"/>
<p>Christmas is just around the corner! What better way to celebrate than to watch the upcoming Star Wars film! You can win a movie-date to Star Wars VII: The Force Awakens presented by FoodBuddy and Ayala Malls Cinema. For every P500 worth of purchase in Trinoma restaurants, you automatically have a chance to win two tickets for a December 20 screening!
</p>
<p>May the Force be with you and Merry Christmas!</p>
</div>
<div>
<br><br><br>
<p class = "rights">FoodBuddy&copy is a project for movie-lovers, food enthusiasts and philanthropists by Joel Torrijos, Viktor Dela Cruz, April Guevara and Adrian Cordero.</p>
</div>
</body>
</html>
\ No newline at end of file
index.php 0 → 100644
View file @ 05f9623d
<?php
// Page créé par Shepard [Fabian Pijcke] <Shepard8@laposte.net>
// Arno Esterhuizen <arno.esterhuizen@gmail.com>
// et Romain Bourdon <rromain@romainbourdon.com>
// et Hervé Leclerc <herve.leclerc@alterway.fr>
//
// Mise à jour par Herve Leclerc herve.leclerc@alterway.fr
// Icônes par Mark James <http://www.famfamfam.com/lab/icons/silk/>
//------
//[modif oto] Modifications Dominique Ottello (Otomatic)
//Suppression des vhosts, le dossier n'étant plus créé à l'installation
//Affichage des Outils, Projets et Alias sur trois colonnes
// - Recodage en utf-8
// - Modification des styles : ajout .third .left et .right
// - Ajouts d'index dans $langues['en'] et ['fr'] :
// 'locale' pour set_locale
// 'docp' url des documentations PHP
// 'docm' url des documentations MySQL
// 'doca2.2' url de la documentation Apache 2.2
// 'doca2.4' url de la documentation Apache 2.4
// 'server' Server Software
// - Classement alphabétique des extensions PHP en fonction de la localisation
// - Liens sur les documentations Apache, PHP et MySQL
// - Ajout variable $suppress_localhost = true;
// - Conformité W3C par ajout de <li>...</li> sur les variables
// $aliasContents et $projectContents si vides
//[modif oto] - Pour supprimer niveau localhost dans les url
$suppress_localhost = true;
// avec modification de la ligne
//$projectContents .= '<li><a href="'.$file.'">'.$file.'</a></li>';
//Par :
//$projectContents .= '<li><a href="'.($suppress_localhost ? 'http://' : '').$file.'">'.$file.'</a></li>';
//-----
//[modif oto] Ajout $server_dir pour un seul remplacement
// si déplacement www hors de Wamp et pas d'utilisation des jonctions
//Par défaut la valeur est "../"
//$server_dir = "WAMPROOT/";
$server_dir = "../";
//Fonctionne à condition d'avoir ServerSignature On et ServerTokens Full dans httpd.conf
$server_software = $_SERVER['SERVER_SOFTWARE'];
$wampConfFile = $server_dir.'wampmanager.conf';
//chemin jusqu'aux fichiers alias
$aliasDir = $server_dir.'alias/';
// on charge le fichier de conf locale
if (!is_file($wampConfFile))
die ('Unable to open WampServer\'s config file, please change path in index.php file');
$fp = fopen($wampConfFile,'r');
$wampConfFileContents = fread ($fp, filesize ($wampConfFile));
fclose ($fp);
// on récupère les versions des applis
preg_match('|phpVersion = (.*)\n|',$wampConfFileContents,$result);
$phpVersion = str_replace('"','',$result[1]);
preg_match('|apacheVersion = (.*)\n|',$wampConfFileContents,$result);
$apacheVersion = str_replace('"','',$result[1]);
$doca_version = 'doca'.substr($apacheVersion,0,3);
preg_match('|mysqlVersion = (.*)\n|',$wampConfFileContents,$result);
$mysqlVersion = str_replace('"','',$result[1]);
preg_match('|wampserverVersion = (.*)\n|',$wampConfFileContents,$result);
$wampserverVersion = str_replace('"','',$result[1]);
// répertoires à ignorer dans les projets
$projectsListIgnore = array ('.','..');
// textes
$langues = array(
'en' => array(
'langue' => 'English',
'locale' => 'english',
'autreLangue' => 'Version Française',
'autreLangueLien' => 'fr',
'titreHtml' => 'WAMPSERVER Homepage',
'titreConf' => 'Server Configuration',
'versa' => 'Apache Version :',
'doca2.2' => 'httpd.apache.org/docs/2.2/en/',
'doca2.4' => 'httpd.apache.org/docs/2.4/en/',
'versp' => 'PHP Version :',
'server' => 'Server Software:',
'docp' => 'www.php.net/manual/en/',
'versm' => 'MySQL Version :',
'docm' => 'dev.mysql.com/doc/index.html',
'phpExt' => 'Loaded Extensions : ',
'titrePage' => 'Tools',
'txtProjet' => 'Your Projects',
'txtNoProjet' => 'No projects yet.<br />To create a new one, just create a directory in \'www\'.',
'txtAlias' => 'Your Aliases',
'txtNoAlias' => 'No Alias yet.<br />To create a new one, use the WAMPSERVER menu.',
'faq' => 'http://www.en.wampserver.com/faq.php'
),
'fr' => array(
'langue' => 'Français',
'locale' => 'french',
'autreLangue' => 'English Version',
'autreLangueLien' => 'en',
'titreHtml' => 'Accueil WAMPSERVER',
'titreConf' => 'Configuration Serveur',
'versa' => 'Version Apache:',
'doca2.2' => 'httpd.apache.org/docs/2.2/fr/',
'doca2.4' => 'httpd.apache.org/docs/2.4/fr/',
'versp' => 'Version de PHP:',
'server' => 'Server Software:',
'docp' => 'www.php.net/manual/fr/',
'versm' => 'Version de MySQL:',
'docm' => 'dev.mysql.com/doc/index.html',
'phpExt' => 'Extensions Chargées: ',
'titrePage' => 'Outils',
'txtProjet' => 'Vos Projets',
'txtNoProjet' => 'Aucun projet.<br /> Pour en ajouter un nouveau, créez simplement un répertoire dans \'www\'.',
'txtAlias' => 'Vos Alias',
'txtNoAlias' => 'Aucun alias.<br /> Pour en ajouter un nouveau, utilisez le menu de WAMPSERVER.',
'faq' => 'http://www.wampserver.com/faq.php'
)
);
// images
$pngFolder = <<< EOFILE
iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAAA3NCSVQICAjb4U/gAAABhlBMVEX//v7//v3///7//fr//fj+/v3//fb+/fT+/Pf//PX+/Pb+/PP+/PL+/PH+/PD+++/+++7++u/9+vL9+vH79+r79+n79uj89tj89Nf889D88sj78sz78sr58N3u7u7u7ev777j67bL67Kv46sHt6uP26cns6d356aP56aD56Jv45pT45pP45ZD45I324av344r344T14J734oT34YD13pD24Hv03af13pP233X025303JL23nX23nHz2pX23Gvn2a7122fz2I3122T12mLz14Xv1JPy1YD12Vz02Fvy1H7v04T011Py03j011b01k7v0n/x0nHz1Ejv0Hnuz3Xx0Gvz00buzofz00Pxz2juz3Hy0TrmznzmzoHy0Djqy2vtymnxzS3xzi/kyG3jyG7wyyXkwJjpwHLiw2Liw2HhwmDdvlXevVPduVThsX7btDrbsj/gq3DbsDzbrT7brDvaqzjapjrbpTraojnboTrbmzrbmjrbl0Tbljrakz3ajzzZjTfZijLZiTJdVmhqAAAAgnRSTlP///////////////////////////////////////8A////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////9XzUpQAAAAlwSFlzAAALEgAACxIB0t1+/AAAAB90RVh0U29mdHdhcmUATWFjcm9tZWRpYSBGaXJld29ya3MgOLVo0ngAAACqSURBVBiVY5BDAwxECGRlpgNBtpoKCMjLM8jnsYKASFJycnJ0tD1QRT6HromhHj8YMOcABYqEzc3d4uO9vIKCIkULgQIlYq5haao8YMBUDBQoZWIBAnFtAwsHD4kyoEA5l5SCkqa+qZ27X7hkBVCgUkhRXcvI2sk3MCpRugooUCOooWNs4+wdGpuQIlMDFKiWNbO0dXTx9AwICVGuBQqkFtQ1wEB9LhGeAwDSdzMEmZfC0wAAAABJRU5ErkJggg==
EOFILE;
$pngFolderGo = <<< EOFILE
iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAABGdBTUEAAK/INwWK6QAAABl0RVh0U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAJISURBVDjLpZPLS5RhFIef93NmnMIRSynvgRF5KWhRlmWbbotwU9sWLupfCBeBEYhQm2iVq1oF0TKIILIkMgosxBaBkpFDmpo549y+772dFl5bBIG/5eGch9+5KRFhOwrYpmIAk8+OjScr29uV2soTotzXtLOZLiD6q0oBUDjY89nGAJQErU3dD+NKKZDVYpTChr9a5sdvpWUtClCWqBRxZiE/9+o68CQGgJUQr8ujn/dxugyCSpRKkaw/S33n7QQigAfxgKCCitqpp939mwCjAvEapxOIF3xpBlOYJ78wQjxZB2LAa0QsYEm19iUQv29jBihJeltCF0F0AZNbIdXaS7K6ba3hdQey6iBWBS6IbQJMQGzHHqrarm0kCh6vf2AzLxGX5eboc5ZLBe52dZBsvAGRsAUgIi7EFycQl0VcDrEZvFlGXBZshtCGNNa0cXVkjEdXIjBb1kiEiLd4s4jYLOKy9L1+DGLQ3qKtpW7XAdpqj5MLC/Q8uMi98oYtAC2icIj9jdgMYjNYrznf0YsTj/MOjzCbTXO48RR5XaJ35k2yMBCoGIBov2yLSztNPpHCpwKROKHVOPF8X5rCeIv1BuMMK1GOI02nyZsiH769DVcBYXRneuhSJ8I5FCmAsNomrbPsrWzGeocTz1x2ht0VtXxKj/Jl+v1y0dCg/vVMl4daXKg12mtCq9lf0xGcaLnA2Mw7hidfTGhL5+ygROp/v/HQQLB4tPlMzcjk8EftOTk7KHr1hP4T0NKvFp0vqyl5F18YFLse/wPLHlqRZqo3CAAAAABJRU5ErkJggg==
EOFILE;
$gifLogo = <<< EOFILE
iVBORw0KGgoAAAANSUhEUgAAAGAAAABTCAYAAABgdgI7AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJ
bWFnZVJlYWR5ccllPAAAA2RpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdp
bj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6
eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuMC1jMDYwIDYxLjEz
NDc3NywgMjAxMC8wMi8xMi0xNzozMjowMCAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJo
dHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlw
dGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEu
MC9tbS8iIHhtbG5zOnN0UmVmPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVz
b3VyY2VSZWYjIiB4bWxuczp4bXA9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8iIHhtcE1N
Ok9yaWdpbmFsRG9jdW1lbnRJRD0ieG1wLmRpZDo1ODg0QkM3NUZBMDhFMDExODkyQ0U2NkE5ODVB
M0Q2OSIgeG1wTU06RG9jdW1lbnRJRD0ieG1wLmRpZDoyMEQ2RDU5MDA5M0UxMUUwOUUwRkYwRTg2
NjQyMzQzQyIgeG1wTU06SW5zdGFuY2VJRD0ieG1wLmlpZDoyMEQ2RDU4RjA5M0UxMUUwOUUwRkYw
RTg2NjQyMzQzQyIgeG1wOkNyZWF0b3JUb29sPSJBZG9iZSBQaG90b3Nob3AgQ1M1IFdpbmRvd3Mi
PiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDo1ODg0QkM3NUZB
MDhFMDExODkyQ0U2NkE5ODVBM0Q2OSIgc3RSZWY6ZG9jdW1lbnRJRD0ieG1wLmRpZDo1ODg0QkM3
NUZBMDhFMDExODkyQ0U2NkE5ODVBM0Q2OSIvPiA8L3JkZjpEZXNjcmlwdGlvbj4gPC9yZGY6UkRG
PiA8L3g6eG1wbWV0YT4gPD94cGFja2V0IGVuZD0iciI/Pgv54A4AAA33SURBVHja7F0JmBTVEa7Z
XXZhuc9FiCIICVf8PIKA3EQIAkbJh5AImARERDFAVKIoikc+TEwCSVDBRBRkvygGScIRjoAhCiyC
EORQlCMBIiIIy7mw7O6kavp/zNvHTHfPTM+1UN9X3053v+5+XVWvrlfvrc/v99NlSB5kXCZBciHr
wi/fK8nuy9cYb2Jsx9gGx3UZq8XwTBneJxkPMe5h3MS4lnEzY1HSvtR/bwgGJAdyGW9jHMrYhbFm
HN4hTLyasT3jD3BuN+MixjcYP7wUVZC8dwQ+/k3G/nEifji4hnEs43rGv4A5lwwDvsm4kvGPjC2T
PAIzGW9nfJ9xOmPtis6AQYzvMXZPQVv4AOMaxq4VlQEPQN3UpNSFVozLGe+paAwYjiHuSwPPMIfx
D4yPJNYNjR90Y3w5hvtLGYvx1y0D/dDvOTEI2S8Zj8FWpS0DxAWczZgdwT37GN+Fh/Ix41eMpxnP
R8iASozVGRsgrugMYagXQV9eZNyB2CEtGfA8YxOXbTcyToN/ftzjfqzAsxsy3sk4hvHrLu4TwXkV
AeLJdLMBHaD7nUDUy6OMnRjz40B8Hb5g/D3jtxinMJa5uKdlPO1BPBnwtIvnH0Mk/AswIlEg0jyR
cSDUmxM8yNgonRggkWUvhzZnQYDlIa6JqzqE8aUY3VZJdfyO8T7GK0JcX4DYxIn5tRhHphMDRrow
mKJ2VoU4P4qspNlcPCcWOyV9GAovbAvjk/CMdFiCvjjBkBD3piQDaiK3YwcFkEwdqjLOY5zB2Azn
TsCjiVXdCNSHWlzKmGe0mYZ0hB20oDjkjOLBgI4hPtCE5wzCimS9DQ8l3iBpkPlQT7rb+pSLe3um
AwO6OVz/FG6hDpMZb02gEe6E0aCDqMMNLjy7lGfAjQ7X/24YPfHHxych5SC5qebGufkO90hfK6cy
A0SVNHVo8y/j+MfxMG4uoArebfbNzubkIbJOWQbUgrGzy+t8Zry/NyUP+hg02A3Db8e0+qnOgCo2
1yXoOWzkipomkQHNDYkW4h9xcGtrpDIDshyeeQaooA7FNukeK1SFEOhpEaecjy+VGeDks5+DGtIZ
lsw5gkzDHS1DHxMGiZ6S9EXIsGT0yZfuDPAlavgmiCFpxYAMDGs7NzXVITuRNPN6QmYvwvVwUnQW
GC3UQLBUw8bNHYJ+RAv3OHg6m1OZAeJmvhtH6ayENEIVB88mFthYkY2wF16WXU1nCbmb5UoZuFwd
nWTwWgVJVJsfxhCLXTjI+H1KZmWyM8xibBvGRZZvuN9LNeU1A0T/drS5fjgNRp1kc6+1ue5p/ajX
xCiDHg4HRWmgFZy8tNJ0tgH+KNr7I7zfb3N/ygWHiWZApLmfLMOrKXXos8+Q0DKH4E+YU5xMmnj9
MifiSuJLn1GSzOM5h8BrkHYsv+3KVMT46/MLd5D9BIoQ/4QRZ+QmcsR4bYRP4aOybIy0GDGVc/+S
rPVbzWw+diZZM1fyu70LAvyWrFKUErS3E7JD8MwUVHZhZItSmQFHySotzLXJs0itqJoVE+lfb8MA
xYSOEY5qt+UjUh6jz09I9Vs9h0DvaCqrIBkBnzu0uck4nptEGzjHOL4eaigcHMOoSVkGiFHb7tDG
nAOW0sS1SSC+LJVaapzr53DPfxkLU90LcqowE3XSyhjWP6HYsqSRgqidBw2PSUrXnSr6/k0eTyLF
gwGryb7YVezAWOOcLFe9L0HEF6JLynmLcV4YUsvhXs8zvfFgwKcwrHYgXk0745yspBlMVg2/W5AV
NB9F0H4/4wDGPxnnW4cQChPEXV0VRwZke/nc1xyuq5UnpsTNA2NkZc3OMGG/qKxtjJPIKhUUlSbV
zTvCtC8Fo54la2HGQuN6NRhjp3mEpREKh7vASe2WUuB7lL+mLV1cuBAVVAeRrnJoJwb4TgpdDCVM
+gbcVuUaSjJvL0aZmXMS76Wl0f4IDOcnZK0xCxWXvOXC+Ap0h3r1wFW592IG5Pgq0QTqQz9lJ6V2
oF8lsb5Gai+nu2j3AXTy1gR7QVLnKSsgu7hou4ysKjqKGwN8Ph98xNb8tocxCmKaXJIczDr41k4g
KYlfk7U24FCcCS+lhbJPhaz7quOifTFily2xvzrTGqj+u8Mb4eWsSkfT6xjR2YjOM6N5m+iyMS6H
kqisyfjIl6ESGjsERW5BniFb39xGwZUyU1wSn7R+xaLpSaaxC9n7fZr+HNoGqBGgoAs1555nUVdq
QeN4XNQMqKXz0bxdFsP9PIr7xC4cgN4/CUmMZJ1wNhibB2ZWj6IP82Gj/NETPpsl8Dy9TRuZ+H9l
z+IL0ncpC8sAHdpTU1rEbKgXSESWoD8RqSeZpryL0gtWIzA7Fb2DmUVLOHZ7jN5hX3l/UDoiZYBi
Qj6NYgNdmWqwes8KjIhzbhlRGdLUN02Iv5is+qIo1ixnXtDsozm0mRHCcYqKAZbPls2kz2aFWouj
lltoKDuu2YGR7ko1qU0whqU48WXB3oTI9K0PGq+M9fwJvtFHT7CufyWQbiLvGGBCZ7YPC9jO1gvM
m7heZz0Bhq1KihF+NzyjBZHbeFn0tpV97lXs9u1hBpQwI8JPG3jGgPL2ISImSOXBc5761tGDZDdl
0ucFsjYGcSnxGQGp30n7OHZ6i3W9+zDGUwYoJixkpVQ/EIAWRWKgv0NWnc0t5DwV6DXILopvIhjb
657wOQFBO8rfuY2dtIH0ErtpkdlpzxlAgZxBHuuWvrALORThOofmYEIPBG6N48CQQqiZdcjrrI7M
w7EKv1cw2V/g2z9kyT9OpzlcjdxDjQsDFHSgZvQis+GGAE2jmj4V7l0BJjQg5xSxUzzwFaLrfZEn
03zQ8ZmBzIAEqDM8SAfFlQECddlfWswqqX1g3qUE0lNM6VM3q7yaEtrAg+Yk9zuf3qdZgT39KPUZ
IFCTnZwb2TbIrP9gasdj4mb+pFzyKNsaJ8hC5FpEH7BZmMyR64pAlttbSAgDQqmmR+hW6sR/8wL5
MFVJ7o9hZFQKkS7y49lu3fhMSLufZf1/7INupjeogLazgS2N0xK2pDBAQR67q9+l6zh66MkBXW0+
koxTrqamSjXdG25+JTtAuG20i2V0C5O7rNzI60NtqWVgWqAMz8ykYFFehnY+h43DYSb4Opb0T1jd
7KFj5apUqOIxIDjYM5j4udSQqjMj6lIvJtkw6sgMEvt7hjaxCmjE9jc7QDg//JAMPlOTCb+fptJy
1ssFrNBKQuQ9KtFdbIHGU29mxVVshY+yRB+kI6zNt7KUX09XUjdqw0/YGvDhDwSqTRIH5f5lgByk
yv8QkBExiW7n4KDNBWmuwwZdYQNmVieOviu7zFJLu750beA+ExrF5FzFzgCFSRsBlzLoAq+XJt4P
v/tvZG0ZRsjXPERWNcFsre33yFrEICtFFiX5e64ja7/nOvD1ZceTXWnFDXBkIZTtDO1yF5yTKLK6
FhJ+jPPjk9z9pzRXSqG4P+PSgeYBumsMGI4P2EjBmadntA/rgXNXk1XFJtavVRK/QwlHERJ7PyJr
l0WpgOiWLgzQVdBa+HitkQaQ6UB960n5LZVhNyBdIKPgM/iEPXFeRoeUoyzT8hDi1vRB8kuk89tk
1fxIDZBUJvQja8JGip7WG4k6ubcABK2P96twVBFZanqewO/X8ayzF9l3a044DwK2mILTjKp/u3Cf
1K5+DnXWFfkjVcQram4MvmMq2kf6bCmHnxVKBYmzvB03y8fXJquGUo0ARZzf4Hgmjn9lqADB97Qc
Ti+cO2e0WYFkmDpWq9wVrMN5vQ+ibn6I6w/hnJS1tKHwW4l1QA5If/c7WnvVv9NGm8e1fqs6o7tx
rgDCFtWzw6kggv5XL++P35J9+g84eCWO/WSVESoj+CqkRaRyC66PwPWeWnj6MxBOMWMTiD4Hxzu0
0HYlzklBrCxtzcfxZqhI2UbypPZhe8DUsRQs86uEd8h1qf1sj5Emx6OM/okATIL9UNeUNA/E8Xwc
q/ntaJ492o4Bg3CDbKz3mvaymfg9CRwXAjYJkcUUfB5tnzE6oZegr9FGmhraorJOUHCFyirj4xtj
6Eu1m9rLoTOIdNCQQrVdfiscb0V6W/o3AOeU99YDx+tCjJ4huDYHHmGh5pBcE+2z7RjQhIK7Wp3Q
ht9gPOgw/m7QDPUdkMpitD+PNpMNBvxD64OS7u44FnV1PAwDul7IMlhtTlH5Xa4IBBF7MhHSJkO+
GhikPKOzRv+24d7uIfpHmmAUQgOMRLt8g7gRPzucESYYHrlZVS6vh8StAVOULlRqqLHWoYkYHQMQ
J5iQYeR79XMZFL7mJ7dcqtL6WJUkyqbgNmOCsgn4YyB+HQpOuAgBn0T78yBWUZi+6HAUcdEwbUSr
7z0b47NDXvBT+W0ll+HvASq/PF/VyTcEgXbBGM8l77b8UsNyOIb7CBi3LzFS+mAkykR6RxjEqSD+
frTbi1GTB+GajXtEXSwxiBQO8rVvlULff+J4pwfPDpkL6qfpUn1x3OOa362WflaFDvRjpBzR7p1i
eALrQng4ys2tC6kupWDJ4MoQ3pUfPj/B5w91XSRT3wJ5nHatUPvd26Z/OlQBgaWNud91VM+2U0FK
7awAd/XNiRZAn++AdBF0rfwfroeRmtiK673gvRCYsko7VjHHGQouVy2G4Sctke/TGN8GTJe53Ola
6mQJBKYFPvQjSOwm7V3T4CGJMW+KUTGPgostQvVPhyKMrP7l/Hdvnp1a2VAD1C62N1fEZJzCVN65
5BiMYCZVYPBd/n/CyYXLO2ZdZsClDf8XYACcVJnoRcTY2AAAAABJRU5ErkJggg==
EOFILE;
$pngPlugin = <<< EOFILE
iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAACXBIWXMAAAsSAAALEgHS3X78AAAABGdBTUEAALGOfPtRkwAAACBjSFJNAAB6JQAAgIMAAPn/AACA6QAAdTAAAOpgAAA6mAAAF2+SX8VGAAABmklEQVR42mL4//8/AyUYIIDAxK5du1BwXEb3/9D4FjBOzZ/wH10ehkF6AQIIw4B1G7b+D09o/h+X3gXG4YmteA0ACCCsLghPbPkfm9b5PzK5439Sdg9eAwACCEyANMBwaFwTGIMMAOEQIBuGA6Mb/qMbABBAEAOQnIyMo1M74Tgiqf2/b3gVhgEAAQQmQuKa/8ekdYMxyLCgmEYMHJXc9t87FNMAgACCGgBxIkgzyDaQU5FxQGQN2AUBUXX/vULKwdgjsOQ/SC9AAKEEYlB03f+oFJABdSjYP6L6P0guIqkVjt0DisEGAAQQigEgG0AhHxBVi4L9wqvBBiEHtqs/xACAAAIbEBBd/x+Eg2ObwH4FORmGfYCaQRikCUS7B5YBNReBMUgvQABBDADaAtIIwsEx9f/Dk9pQsH9kHTh8XANKMAIRIIDAhF9ELTiQQH4FaQAZCAsskPNhyRpkK7oBAAEEMSC8GsVGkEaYIlBghcU3gbGzL6YBAAEEJnzCgP6EYs/gcjCGKQI5G4Z9QiswDAAIIAZKszNAgAEAHgFgGSNMTwgAAAAASUVORK5CYII=
EOFILE;
$pngWrench = <<< EOFILE
iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAAA3NCSVQICAjb4U/gAAABO1BMVEXu7u7n5+fk5OTi4uLg4ODd3d3X19fV1dXU1NTS0tLPz8+7z+/MzMy6zu65ze65zu7Kysq3zO62zO3IyMjHx8e1yOiyyO2yyOzFxcXExMSyxue0xuexxefDw8OtxeuwxOXCwsLBwcGuxOWsw+q/v7+qweqqwuqrwuq+vr6nv+qmv+m7u7ukvumkvemivOi5ubm4uLicuOebuOeat+e0tLSYtuabtuaatuaXteaZteaatN6Xs+aVs+WTsuaTsuWRsOSrq6uLreKoqKinp6elpaWLqNijo6OFpt2CpNyAo92BotyAo9+dnZ18oNqbm5t4nt57nth7ntp4nt15ndp3nd6ZmZmYmJhym956mtJzm96WlpaVlZVwmNyTk5Nvl9lultuSkpKNjY2Li4uKioqIiIiHh4eGhoZQgtVKfNFdha6iAAAAaXRSTlMA//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////914ivwAAAACXBIWXMAAAsSAAALEgHS3X78AAAAH3RFWHRTb2Z0d2FyZQBNYWNyb21lZGlhIEZpcmV3b3JrcyA4tWjSeAAAAKFJREFUGJVjYIABASc/PwYkIODDxBCNLODEzGiQgCwQxsTlzJCYmAgXiGKVdHFxYEuB8dkTOIS1tRUVocaIWiWI8IiIKKikaoD50kYWrpwmKSkpsRC+lBk3t2NEMgtMu4wpr5aeuHcAjC9vzadjYyjn7w7lK9kK6tqZK4d4wBQECenZW6pHesEdFC9mbK0W7otwsqenqmpMILIn4tIzgpG4ADUpGMOpkOiuAAAAAElFTkSuQmCC
EOFILE;
$favicon = <<< EOFILE
iVBORw0KGgoAAAANSUhEUgAAAB8AAAAfCAYAAAAfrhY5AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJ
bWFnZVJlYWR5ccllPAAAA2RpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdp
bj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6
eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuMC1jMDYwIDYxLjEz
NDc3NywgMjAxMC8wMi8xMi0xNzozMjowMCAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJo
dHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlw
dGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEu
MC9tbS8iIHhtbG5zOnN0UmVmPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVz
b3VyY2VSZWYjIiB4bWxuczp4bXA9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8iIHhtcE1N
Ok9yaWdpbmFsRG9jdW1lbnRJRD0ieG1wLmRpZDo1ODg0QkM3NUZBMDhFMDExODkyQ0U2NkE5ODVB
M0Q2OSIgeG1wTU06RG9jdW1lbnRJRD0ieG1wLmRpZDoxRkI1ODNGRTA5MDMxMUUwQjAwNEEwODc0
OTk5N0ZEOCIgeG1wTU06SW5zdGFuY2VJRD0ieG1wLmlpZDoxRkI1ODNGRDA5MDMxMUUwQjAwNEEw
ODc0OTk5N0ZEOCIgeG1wOkNyZWF0b3JUb29sPSJBZG9iZSBQaG90b3Nob3AgQ1M1IFdpbmRvd3Mi
PiA8eG1wTU06RGVyaXZlZEZyb20gc3RSZWY6aW5zdGFuY2VJRD0ieG1wLmlpZDo1ODg0QkM3NUZB
MDhFMDExODkyQ0U2NkE5ODVBM0Q2OSIgc3RSZWY6ZG9jdW1lbnRJRD0ieG1wLmRpZDo1ODg0QkM3
NUZBMDhFMDExODkyQ0U2NkE5ODVBM0Q2OSIvPiA8L3JkZjpEZXNjcmlwdGlvbj4gPC9yZGY6UkRG
PiA8L3g6eG1wbWV0YT4gPD94cGFja2V0IGVuZD0iciI/PiUukzAAAAHHSURBVHja5FfRccIwDLVz
/W+7QdggbJBM0HQCwg+/LRNwTJDymx9ggmYDsgEZwRuUDVI5ET1XyE5CuIa76k7ABVtPluQnRVZV
JcYST4woD85/ZRbC5wxUf/sdbZagBehGVAvlNM+GXWYaaIugQ+QDdA1OnLqByyyAzwPo042iqyMx
BwdKN7jMNODREWKFyonv2KdPPqERoDlPGQMKQ7drPWPjfAy6Inb080/QiK/2Js8JMacBpzWwzGIs
QFdxhujkFMNtSkj3m1ftjTnxEg0f0XNXAYb1mmatwFPSFM1s4NTwuUp18QU9CiyonWj2rhkHWXAK
kNeh7gdMQ5wzRdnKcAo9DwZcsRBtqL70qm7Ior3B/5zbI0IKrvv8mxarhXSsXtrY8m5OfjB+F5SN
BkhKrpi8635uaxAvkO9HpgZSB/v57f2cFpEQzz+UeZ28Yvq+bMXpkb5rSgwLc+Z5Fylwb+y68x4p
MlNW2CLnPUmnrE/d7F1dOGXJ+Qb0neQqre9ptZiAscTI38ng7YTQ8g6Budlg75pktkxPV9idctss
1mGYOKciupsxatQB8pJkmkUTpgCvHZ0jDtg+t4/60vAf3tVGBf8WYAC3Rq8Ub3mHyQAAAABJRU5E
rkJggg==
EOFILE;
//affichage du phpinfo
if (isset($_GET['phpinfo']))
{
phpinfo();
exit();
}
//affichage des images
if (isset($_GET['img']))
{
switch ($_GET['img'])
{
case 'pngFolder' :
header("Content-type: image/png");
echo base64_decode($pngFolder);
exit();
case 'pngFolderGo' :
header("Content-type: image/png");
echo base64_decode($pngFolderGo);
exit();
case 'gifLogo' :
header("Content-type: image/gif");
echo base64_decode($gifLogo);
exit();
case 'pngPlugin' :
header("Content-type: image/png");
echo base64_decode($pngPlugin);
exit();
case 'pngWrench' :
header("Content-type: image/png");
echo base64_decode($pngWrench);
exit();
case 'favicon' :
header("Content-type: image/x-icon");
echo base64_decode($favicon);
exit();
}
}
// Définition de la langue et des textes
if (isset ($_GET['lang']))
{
$langue = htmlspecialchars($_GET['lang'],ENT_QUOTES);
if ($langue != 'en' && $langue != 'fr' ) {
$langue = 'fr';
}
}
elseif (isset ($_SERVER['HTTP_ACCEPT_LANGUAGE']) AND preg_match("/^fr/", $_SERVER['HTTP_ACCEPT_LANGUAGE']))
{
$langue = 'fr';
}
else
{
$langue = 'en';
}
//initialisation
$aliasContents = '';
// récupération des alias
if (is_dir($aliasDir))
{
$handle=opendir($aliasDir);
while (($file = readdir($handle))!==false)
{
if (is_file($aliasDir.$file) && strstr($file, '.conf'))
{
$msg = '';
$aliasContents .= '<li><a href="'.str_replace('.conf','',$file).'/">'.str_replace('.conf','',$file).'</a></li>';
}
}
closedir($handle);
}
if (empty($aliasContents))
$aliasContents = "<li>".$langues[$langue]['txtNoAlias']."</li>\n";
// récupération des projets
$handle=opendir(".");
$projectContents = '';
while (($file = readdir($handle))!==false)
{
if (is_dir($file) && !in_array($file,$projectsListIgnore))
{
//[modif oto] Ajout éventuel de http:// pour éviter le niveau localhost dans les url
$projectContents .= '<li><a href="'.($suppress_localhost ? 'http://' : '').$file.'">'.$file.'</a></li>';
}
}
closedir($handle);
if (empty($projectContents))
$projectContents = "<li>".$langues[$langue]['txtNoProjet']."</li>\n";;
//initialisation
$phpExtContents = '';
// récupération des extensions PHP
$loaded_extensions = get_loaded_extensions();
// [modif oto] classement alphabétique des extensions
setlocale(LC_ALL,"{$langues[$langue]['locale']}");
sort($loaded_extensions,SORT_LOCALE_STRING);
foreach ($loaded_extensions as $extension)
$phpExtContents .= "<li>${extension}</li>";
//header('Status: 301 Moved Permanently', false, 301);
//header('Location: /aviatechno/index.php');
//exit();
$pageContents = <<< EOPAGE
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html lang="en" xml:lang="en">
<head>
<title>{$langues[$langue]['titreHtml']}</title>
<meta http-equiv="Content-Type" content="txt/html; charset=utf-8" />
<style type="text/css">
* {
margin: 0;
padding: 0;
}
html {
background: #ddd;
}
body {
margin: 1em 10%;
padding: 1em 3em;
font: 80%/1.4 tahoma, arial, helvetica, lucida sans, sans-serif;
border: 1px solid #999;
background: #eee;
position: relative;
}
#head {
margin-bottom: 1.8em;
margin-top: 1.8em;
padding-bottom: 0em;
border-bottom: 1px solid #999;
letter-spacing: -500em;
text-indent: -500em;
height: 125px;
background: url(index.php?img=gifLogo) 0 0 no-repeat;
}
.utility {
position: absolute;
right: 4em;
top: 145px;
font-size: 0.85em;
}
.utility li {
display: inline;
}
h2 {
margin: 0.8em 0 0 0;
}
ul {
list-style: none;
margin: 0;
padding: 0;
}
#head ul li, dl ul li, #foot li {
list-style: none;
display: inline;
margin: 0;
padding: 0 0.4em;
}
ul.aliases, ul.projects, ul.tools {
list-style: none;
line-height: 24px;
}
ul.aliases a, ul.projects a, ul.tools a {
padding-left: 22px;
background: url(index.php?img=pngFolder) 0 100% no-repeat;
}
ul.tools a {
background: url(index.php?img=pngWrench) 0 100% no-repeat;
}
ul.aliases a {
background: url(index.php?img=pngFolderGo) 0 100% no-repeat;
}
dl {
margin: 0;
padding: 0;
}
dt {
font-weight: bold;
text-align: right;
width: 11em;
clear: both;
}
dd {
margin: -1.35em 0 0 12em;
padding-bottom: 0.4em;
overflow: auto;
}
dd ul li {
float: left;
display: block;
width: 16.5%;
margin: 0;
padding: 0 0 0 20px;
background: url(index.php?img=pngPlugin) 2px 50% no-repeat;
line-height: 1.6;
}
a {
color: #024378;
font-weight: bold;
text-decoration: none;
}
a:hover {
color: #04569A;
text-decoration: underline;
}
#foot {
text-align: center;
margin-top: 1.8em;
border-top: 1px solid #999;
padding-top: 1em;
font-size: 0.85em;
}
.third {
width:32%;
float:left;
}
.left {float:left;}
.right {float:right;}
</style>
<link rel="shortcut icon" href="index.php?img=favicon" type="image/ico" />
</head>
<body>
<div id="head">
<h1><abbr title="Windows">W</abbr><abbr title="Apache">A</abbr><abbr title="MySQL">M</abbr><abbr title="PHP">P</abbr></h1>
<ul>
<li>PHP 5</li>
<li>Apache 2</li>
<li>MySQL 5</li>
</ul>
</div>
<ul class="utility">
<li>Version ${wampserverVersion}</li>
<li><a href="?lang={$langues[$langue]['autreLangueLien']}">{$langues[$langue]['autreLangue']}</a></li>
</ul>
<h2> {$langues[$langue]['titreConf']} </h2>
<dl class="content">
<dt>{$langues[$langue]['versa']}</dt>
<dd>${apacheVersion}&nbsp;&nbsp;-&nbsp;<a href='http://{$langues[$langue][$doca_version]}'>Documentation</a></dd>
<dt>{$langues[$langue]['versp']}</dt>
<dd>${phpVersion}&nbsp;&nbsp;-&nbsp;<a href='http://{$langues[$langue]['docp']}'>Documentation</a></dd>
<dt>{$langues[$langue]['server']}</dt>
<dd>${server_software}</dd>
<dt>{$langues[$langue]['phpExt']}</dt>
<dd>
<ul>
${phpExtContents}
</ul>
</dd>
<dt>{$langues[$langue]['versm']}</dt>
<dd>${mysqlVersion} &nbsp;-&nbsp; <a href='http://{$langues[$langue]['docm']}'>Documentation</a></dd>
</dl>
<div style="margin-top:5px;border-top:1px solid #999;"></div>
<div class="third left">
<h2>{$langues[$langue]['titrePage']}</h2>
<ul class="tools">
<li><a href="?phpinfo=1">phpinfo()</a></li>
<li><a href="phpmyadmin/">phpmyadmin</a></li>
</ul>
</div>
<div class="third left">
<h2>{$langues[$langue]['txtProjet']}</h2>
<ul class="projects">
$projectContents
</ul>
</div>
<div class="third right">
<h2>{$langues[$langue]['txtAlias']}</h2>
<ul class="aliases">
${aliasContents}
</ul>
</div>
<div style="clear:both;"></div>
<ul id="foot">
<li><a href="http://www.wampserver.com">WampServer</a></li>
<li><a href="http://www.wampserver.com/en/donations.php">Donate</a></li>
<li><a href="http://www.alterway.fr">Alter Way</a></li>
</ul>
</body>
</html>
EOPAGE;
echo $pageContents;
?>
\ No newline at end of file
login.jpg 0 → 100644
View file @ 05f9623d
login.jpg

11.3 KB

login.php 0 → 100644
View file @ 05f9623d
<!DOCTYPE html>
<html>
<head>
<title>FooBu Log In</title>
<link href = "styles.css" type = "text/css" rel = "stylesheet"/>
</head>
<body><br><br>
<img class = 'login' src='login.jpg' title='Welcome!' align = 'middle'/>
<h1>Your One-Stop Movie Snack Shop</h1>
<form action = "checklogin.php" style = "text-align:center" method = "post">
<p>Username:<br>
<input type = "text" name = "username" placeholder = "Username"></p><p>
Password:<br>
<input type = "password" name = "password" placeholder = "Password"></p>
<br><input class = "submit" type = "submit" value = "Login">
</form>
<div class = "center">
<br><p>OR</p><br>
<a href = "create_account.php" ><button style = "text-align:center">Create Account</button></a>
</div>
</body>
</html>
\ No newline at end of file
logo.jpg 0 → 100644
View file @ 05f9623d
logo.jpg

24.5 KB

logout.php 0 → 100644
View file @ 05f9623d
<?php
session_start();
session_destroy();
header("location:login.php");
?>
\ No newline at end of file
menu.php 0 → 100644
View file @ 05f9623d
<?php
session_start();
$mysqli = new mysqli("localhost","root","","dbadmin");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
else
{
$id = $_SESSION['account_id'];
#protection
$sql = "SELECT * FROM account a
LEFT JOIN mall b ON a.mall_id = b.mall_id
LEFT JOIN restaurant c ON a.rest_id = c.rest_id
where account_id = " .$id;
$result = mysqli_query($mysqli,$sql);
if($result)
{
$newArray = mysqli_fetch_array($result, MYSQLI_ASSOC);
$position = $newArray['position'];
echo "<html>
<head>
<title>Available Menus</title>
<link href='styles.css' type='text/css' rel='stylesheet'>
<script>
function askForQuantity(button) {
var lol = button;
var qty = prompt('How many orders do you want?');
if(qty > 0)
{
document.location = 'add_to_cart.php?id='+lol+'&qty='+qty;
}
}
</script>
</head>
<body>
<form name='main_form' method='post' action='menu.php'>";
echo "<div class = 'bar'>";
#Account details
echo "<p class = 'logout'><a href = 'logout.php'>Log Out</a></p>";
echo "<p class = 'details'>Welcome " . $newArray['first_name']. " to Food Buddy!<br>";
echo "Load: " . $newArray['load_balance'] ."<br/>";
echo "</p><a href = 'homepage.php'><img class = 'logo' src='logo.jpg' title='Home Page' align = 'middle'/></a></div>";
echo "<div class = 'navi'>";
#Menu Items
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>View Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'choose_mall.php'>Order Food</a></li>
<li class = 'home'><a href = 'view_message.php'>Messages</a></li>";
echo "</div><div class = 'empty'></div>";
$temp = $_COOKIE['PHPSESSID'];
//echo "$temp";
if(isset($_POST['chooseMall']))
{
echo "<div class = 'center'>";
$mall_id = $_POST['mall'];
$_SESSION['mall_id'] = $mall_id;
$rest_query = "SELECT * FROM restaurant WHERE mall_id = " . $mall_id;;
echo
"<select class='rest_list' name='rest'>
<option value='0' selected>Choose a Restaurant</option>";
foreach(mysqli_query($mysqli,$rest_query) as $option) {
$r_id = $option['rest_id'];
$rest_name = $option['rest_name'];
echo "<option value='$r_id'>$rest_name</option>";
}
echo "</select>";
echo "<input class='submit' type='submit' name='chooseRest' value='Choose a Restaurant'>";
echo "<div class = 'center'>";
}
else if(isset($_SESSION['mall_id']))
{
echo "<div class = 'center'>";
$mall_id = $_SESSION['mall_id'];
$_SESSION['mall_id'] = $mall_id;
$rest_query = "SELECT * FROM restaurant WHERE mall_id = " . $mall_id;;
echo
"<select class='rest_list' name='rest'>
<option value='0' selected>Choose a Restaurant</option>";
foreach(mysqli_query($mysqli,$rest_query) as $option) {
$r_id = $option['rest_id'];
$rest_name = $option['rest_name'];
echo "<option value='$r_id'>$rest_name</option>";
}
echo "</select>";
echo "<input class='submit' type='submit' name='chooseRest' value='Choose a Restaurant'>";
echo "</div>";
}
}
?>
</form>
<?php
$currentRest = 0;
if(isset($_POST['chooseRest']))
{
$currentRest = $_POST['rest'];
$_SESSION['rest_id'] = $currentRest;
}
else if(isset($_POST['rest']))
{
$currentRest = $_POST['rest'];
}
else if(isset($_SESSION['rest_id']))
{
$currentRest = $_SESSION['rest_id'];
}
$select_food_query = "SELECT * FROM item
INNER JOIN restaurant
ON item.rest_id = restaurant.rest_id WHERE restaurant.rest_id = " .$currentRest ." AND is_available = 1";
$result = mysqli_query($mysqli,$select_food_query);
if($result)
{
$newArray = mysqli_fetch_array($result, MYSQLI_ASSOC);
echo "<h1>". $newArray['rest_name']. " Menu </h1>";
//echo "<h1>$current_mall Menu</h1>";
echo "<table>
<tr>
<th scope = 'col'>Restaurant Name</th>
<th scope = 'col'>Food Name</th>
<th scope = 'col'>Price</th>
</tr>";
$num = 0;
$class = "even";
foreach(mysqli_query($mysqli,$select_food_query) as $myRow)
{
$price = sprintf('%.02f',$myRow['price']);
$button_id = $myRow['item_id'];
if($num%2 == 0) $class = "even";
else $class = "odd";
$num++;
echo "<tr class='$class'>
<td>" .$myRow['rest_name']. "</td>
<td>" .$myRow['item_name']. "</td>
<td class = 'number'>" .$price. "</td>
<td class = 'ignore'><button class='tb' id = $button_id onclick ='askForQuantity(this.id)'>Add to Cart</button></a></td>
</tr>";
}
echo "</table></div>";
}
}
?>
<?php echo "<div class = 'center'><br><a href = 'view_cart.php'><button>View Cart</button></a>";
echo "<br><br><a href = 'choose_mall.php'><button>Back</button></a></div>";?>
</body>
</html>
\ No newline at end of file
order_form.php 0 → 100644
View file @ 05f9623d
<!DOCTYPE html>
<html>
<head>
<title>Order Form</title>
<script>
function validateForm() {
var a = document.forms["orderForm"]["cinema_num"].value;
var b = document.forms["orderForm"]["seat_num"].value;
if (a == "" || b == "") {
alert("Some fields need to be field!");
return false;
}
}
</script>
<link href="styles.css" type="text/css" rel="stylesheet">
</head>
<body>
<form action = 'place_order.php' onsubmit = "return validateForm()" method = 'post' name = 'orderForm'>
<?php
session_start();
$mysqli = new mysqli("localhost","root","","dbadmin");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
else
{
$id = $_SESSION['account_id'];
#protection
$sql = "SELECT * FROM account WHERE account_id = " .$id;
$result = mysqli_query($mysqli,$sql);
$count = mysqli_num_rows($result);
if($result)
{
$account = mysqli_fetch_array($result, MYSQLI_ASSOC);
$position = $account['position'];
echo "<div class = 'bar'>";
#Account details
echo "<p class = 'logout'><a href = 'logout.php'>Log Out</a></p>";
echo "<p class = 'details'>Welcome " . $account['first_name']. " to Food Buddy!<br>";
echo "Load: " . $account['load_balance'] ."<br/>";
echo "</p><a href = 'homepage.php'><img class = 'logo' src='logo.jpg' title='Home Page' align = 'middle'/></a></div>";
echo "<div class = 'navi'>";
#Menu Items
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>View Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'choose_mall.php'>Order Food</a></li>
<li class = 'home'><a href = 'view_message.php'>Messages</a></li>";
echo "</div><div class = 'empty'></div><br>";
}
}
?>
<fieldset class = "creation">
<legend>Your Location</legend>
<label for 'cinema_num'>Cinema</label> <input type = 'text' name = 'cinema_num' placeholder = 'Cinema'> <br><br>
<label for 'seat_num'>Seat Number</label> <input type = 'text' name = 'seat_num' placeholder = 'Seat Number'>
</fieldset>
<br><br>
<div class = 'center'>
<input class = "submit" type = 'submit' value = 'Confirm Order'>
</div>
</form>
<?php
echo "<div class = 'center'><br><a href = 'view_cart.php'><button>Back to View Cart</button></a></div>";
?>
</div>
</body>
</html>
place_order.php 0 → 100644
View file @ 05f9623d
<?php
session_start();
echo "<html>
<head>
<title>Order Sending Result</title>
<link href = 'styles.css' type = 'text/css' rel = 'stylesheet'/>
</head><body>";
$mysqli = new mysqli("localhost","root","","dbadmin");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
} else
{
#protection
$id = $_SESSION['account_id'];
$sql = "SELECT * FROM account a
LEFT JOIN mall b ON a.mall_id = b.mall_id
LEFT JOIN restaurant c ON a.rest_id = c.rest_id
where a.account_id = ". $id;
$result = mysqli_query($mysqli,$sql);
$account = mysqli_fetch_array($result, MYSQLI_ASSOC);
$position = $account['position'];
echo "<div class = 'bar'>";
#Account details
echo "<p class = 'logout'><a href = 'logout.php'>Log Out</a></p>";
echo "<p class = 'details'>Welcome " . $account['first_name']. " to Food Buddy!<br>";
echo "Load: " . $account['load_balance'] ."<br/>";
echo "</p><a href = 'homepage.php'><img class = 'logo' src='logo.jpg' title='Home Page' align = 'middle'/></a></div>";
echo "<div class = 'navi'>";
#Menu Items
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>View Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'choose_mall.php'>Order Food</a></li>
<li class = 'home'><a href = 'view_message.php'>Messages</a></li>";
echo "</div><div class = 'empty'></div>";
$mall_id = $_SESSION['mall_id'];
$total_price = $_SESSION['total_price'];
$id = stripslashes($id);
$id = mysqli_real_escape_string($mysqli,$id);
$mall_id = stripslashes($mall_id);
$mall_id = mysqli_real_escape_string($mysqli,$mall_id);
$total_price = stripslashes($total_price);
$total_price = mysqli_real_escape_string($mysqli,$total_price);
$cinema_num = stripslashes($_POST['cinema_num']);
$cinema_num = mysqli_real_escape_string($mysqli,$cinema_num);
$seat_num = stripslashes($_POST['seat_num']);
$seat_num = mysqli_real_escape_string($mysqli,$seat_num);
$sessID = stripslashes($_COOKIE['PHPSESSID']);
$sessID = mysqli_real_escape_string($mysqli,$sessID);
#Inserts the New order into Order
$place_order_sql = "INSERT INTO orders (cinema_num,order_time,mall_id,seat_num,status,account_id,total_price)
VALUES ('".$cinema_num. "', now(), " .$mall_id. ", '" .$seat_num."', 'Waiting', " .$id. ", " .$total_price.")";
$result = mysqli_query($mysqli,$place_order_sql);
$order_from_tracker_sql = "SELECT * FROM tracker WHERE session_id = '".$sessID."'";
$resultTracker = mysqli_query($mysqli,$order_from_tracker_sql);
$get_bal_query = "SELECT load_balance FROM account WHERE account_id = ".$id;
$resultBal = mysqli_query($mysqli,$get_bal_query);
$newArray = mysqli_fetch_array($resultBal, MYSQLI_ASSOC);
$bal = $newArray['load_balance'];
$bal -= $total_price;
#Gets the last row of the table
$place_order_sql = "SELECT order_id FROM orders
ORDER BY order_id DESC
LIMIT 1;";
$last = mysqli_query($mysqli,$place_order_sql);
$curr = mysqli_fetch_array($last, MYSQLI_ASSOC);
$current_order_id = $curr['order_id'];
//$count = mysqli_num_rows($result);
if ($result == TRUE)
{
foreach(mysqli_query($mysqli,$order_from_tracker_sql) as $myRow)
{
$item_id = $myRow['item_id'];
$item_qty = $myRow['item_qty'];
$place_order_in_orderlist_sql = "INSERT INTO orderitems (order_id,item_id,item_qty,total_price) VALUES (".$current_order_id. "," .$item_id.", " .$item_qty.", " .$myRow['total_price'].")";
$resultz = mysqli_query($mysqli,$place_order_in_orderlist_sql);
$load_query = "UPDATE account SET load_balance = '$bal' WHERE account_id = '$id'";
$resulta = mysqli_query($mysqli,$load_query);
#if order was successfully inserted, the tracker counterpart will be deleted!
if($resultz == TRUE)
{
$delete_item_in_tracker_sql = "DELETE FROM tracker WHERE
session_id = '". $sessID. "'";
$delete_item_res = mysqli_query($mysqli, $delete_item_in_tracker_sql) or die(mysqli_error($mysqli));
}
}
echo "<h1>Order has been placed!</h1>";
}
else {
printf("Could not insert record: %s\n", mysqli_error($mysqli));
}
}
echo "</body>";
mysqli_close($mysqli);
"INSERT INTO orders (cinema_num,order_time,mall_id,seat_num,status,account_id,total_price)
VALUES ('5F', now(), 3, 'F5', 'Waiting', 3, 69)";
?>
process_account.php 0 → 100644
View file @ 05f9623d
<html>
<body>
<?php
#this method prevents the refresh problem which I cannot solve huhu
session_start();
$mysqli = new mysqli("localhost","root","","dbadmin");
try {
$db = new PDO('mysql:host=localhost;dbname=dbadmin', 'root', '');
$db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
} catch(PDOException $e) {
echo "Connection failed: " . $e->getMessage();
}
$sql_query = "SELECT * FROM account WHERE position = 'Client'";
$message = NULL;
#3 possible data from display_accounts-2: accounts_add, promote and add_load
if(isset($_POST['home'])) {
header("location:homepage.php");
}
else {
if(isset($_POST['cancel'])) {
$message = "cancelled";
header("location:display_accounts-2.php");
}
else if(isset($_POST['accounts_add'])) {
if(isset($_POST['account'])) {
$_SESSION['accounts_add'] = 1;
$_SESSION['loadee'] = $_POST['account'];
}
else $message = "null";
}
else if(isset($_POST['promote'])) {
if(isset($_POST['account'])) {
$promote_entry = $_POST['account'];
$promote_query = "UPDATE account SET position = 'Admin' WHERE account_id = '$promote_entry'";
$db->query($promote_query);
$message = "promoted";
}
else $message = "null";
}
else if(isset($_POST['add_load'])) {
$admin_id = $_SESSION['account_id'];
$id = $_SESSION['loadee'];
$load = $_POST['load_amount'];
$msg = $load. " has been loaded to your account! Enjoy Shopping!";
$get_query = "SELECT load_balance FROM account WHERE account_id = '$id'";
$stmt = $db->query($get_query);
$row = $stmt->fetch(PDO::FETCH_ASSOC);
$curr_load = $row['load_balance'];
$load += $curr_load;
$load_query = "UPDATE account SET load_balance = '$load' WHERE account_id = '$id'";
$db->query($load_query);
$message = "loaded";
$message_query = "INSERT INTO message (recipient_id,sender_id,msg_date,msg) VALUES ( ".$id.", " .$admin_id.", now(), '".$msg."')";
$result = mysqli_query($mysqli,$message_query);
if($result === true)
{
}
else
{
echo gg;
}
$_SESSION['loadee'] = NULL;
}
$_SESSION['message'] = $message;
#$_POST = array(); #n00b way of clearing post data just to be sure
header("location:display_accounts-2.php"); #go back to original page
}
?>
</body>
</html>
process_item.php 0 → 100644
View file @ 05f9623d
<?php
session_start();
#possible messages to be sent: add, delete, edit, add_item, edit_item
#set up connection
try {
$db = new PDO('mysql:host=localhost;dbname=dbadmin', 'root', '');
$db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
} catch( PDOException $e ) {
echo "Connection failed: " . $e->getMessage();
}
$table_query = "SELECT * FROM item";
if(isset($_POST["cancel"])) {
header("location:display_items-2.php");
}
else if(isset($_POST["add"])) {
$_SESSION["message"] = "add";
}
else if(isset($_POST["edit"])) {
foreach ($db->query($table_query) as $myrow) { #for all entries in the item list
$edit_entry_id = $myrow["item_id"]; #assign current entry's item_id to variable
if(isset($_POST[$edit_entry_id]) != NULL) { #check if the entry's checkbox was selected (meaning the entry should be deleted)
$_SESSION["edit_id"] = $edit_entry_id;
break; #get out of loop
}
}
$_SESSION["message"] = "edit";
}
else if(isset($_POST["delete"])) {
foreach ($db->query($table_query) as $myrow) { #for all entries in the item list
$delete_entry = $myrow["item_id"]; #assign current entry's item_id to variable
if(isset($_POST[$delete_entry]) != NULL) { #check if the entry's checkbox was selected/not null(meaning the entry should be deleted)
#execute deletion
$delete_query = "DELETE FROM item WHERE item_id = '$delete_entry'";
$db->query($delete_query);
}
}
$_SESSION["message"] = "delete";
}
else if(isset($_POST["add_item"])) {
$loadee_id = $_SESSION["account_id"];
$select_query = "SELECT * FROM account WHERE account_id = '$loadee_id'";
$stmt = $db->query($select_query);
$row = $stmt->fetch(PDO::FETCH_ASSOC);
$rest_id = $row['rest_id'];
$item_name = $_POST['item_name']; #get the menu item name from the textbox named "item_name"
$item_price = $_POST['price'];
$item_type = $_POST['item_type'];
if($_POST['avail'] == 'yes') $is_available = 1;
else $is_available = 0;
#print_r($_POST); #for checking purposes
#execute insertion
#temporarily hard-coded to insert other attributes
$insert_query = "INSERT INTO item(rest_id, item_name, price, type, is_available) VALUES ('$rest_id', '$item_name', '$item_price', '$item_type', '$is_available')";
$db->query($insert_query);
$_SESSION["message"] = "add_item";
}
else if(isset($_POST["edit_item"])) {
$new_item_name = $_POST['new_item_name']; #get the menu item name from the textbox named "new_item_name"
$item_id = $_POST['id']; #get the item id from the hidden input component of the form named "id"
$new_item_price = $_POST['new_price'];
$new_item_type = $_POST['new_item_type'];
if($_POST['change_avail'] == 'yes') $change_is_available = 1;
else $change_is_available = 0;
#print_r($_POST); #for checking purposes
#execute update
$update_query = "UPDATE item SET item_name = '$new_item_name', price = '$new_item_price', type = '$new_item_type', is_available = '$change_is_available' WHERE item_id = '$item_id'";
$db->query($update_query);
$_SESSION["message"] = "edit_item";
}
$_POST = array();
header("location:display_items-2.php");
?>
\ No newline at end of file
readme.txt 0 → 100644
View file @ 05f9623d
Instructions for setting up!
1) Install WAMP, phpmyadmin.
2) Put all of our files in the /wamp/www
3) Open mysql in your command line.
3.a) Input (copy paste) everything from the "improve.sql" into the command line.
3.a.1) "improve.sql" also provides you an Account that is a Developer
4) Input "localhost/login.php" into your browser.
4.a) Login your developer account
4.a.1) Username: developer
4.a.2) Password: password
5) Have fun!
\ No newline at end of file
remove_from_cart.php 0 → 100644
View file @ 05f9623d
<?php
session_start();
if (isset($_GET['id']))
{
$mysqli = new mysqli("localhost","root","","dbadmin");
$safe_id = mysqli_real_escape_string($mysqli, $_GET['id']);
$sessID = stripslashes($_COOKIE['PHPSESSID']);
$sessID = mysqli_real_escape_string($mysqli,$sessID);
$delete_item_sql = "DELETE FROM tracker WHERE
tracker_id = ".$safe_id." AND session_id =
'". $sessID. "'";
$delete_item_res = mysqli_query($mysqli, $delete_item_sql) or die(mysqli_error($mysqli));
//close connection to MySQL
mysqli_close($mysqli);
//redirect to showcart page
header("Location: view_cart.php");
exit;
}
else
{
}
?>
setup_queries.sql 0 → 100644
View file @ 05f9623d
/*Query of the creation of the database dbadmin*/
CREATE DATABASE dbadmin;
/*Query of accessing the database dbadmin*/
USE dbadmin;
/*Query of the creation of the tables in dbadmin*/
CREATE TABLE mall (
mall_id INT NOT NULL AUTO_INCREMENT UNIQUE PRIMARY KEY,
mall_name VARCHAR(32)
);
CREATE TABLE restaurant (
rest_id INT NOT NULL AUTO_INCREMENT UNIQUE PRIMARY KEY,
mall_id INT NOT NULL,
rest_name VARCHAR(255),
FOREIGN KEY (mall_id) REFERENCES mall(mall_id)
);
CREATE TABLE item (
item_id INT NOT NULL AUTO_INCREMENT UNIQUE PRIMARY KEY,
rest_id INT NOT NULL,
item_name VARCHAR(255),
price DECIMAL,
type VARCHAR(15),
is_available BOOLEAN DEFAULT 1,
FOREIGN KEY (rest_id) REFERENCES restaurant(rest_id),
CHECK(type IN ('Snacks', 'Drinks'))
);
CREATE TABLE account (
account_id INT NOT NULL AUTO_INCREMENT UNIQUE PRIMARY KEY,
first_name VARCHAR(15),
middle_name VARCHAR(15),
last_name VARCHAR(15),
username VARCHAR(15) UNIQUE,
password VARCHAR(15),
position VARCHAR(10),
load_balance DECIMAL,
mall_id INT,
rest_id INT,
CHECK(position IN ('Dev', 'Admin', 'Boy', 'Client')),
FOREIGN KEY (mall_id) REFERENCES mall(mall_id),
FOREIGN KEY (rest_id) REFERENCES restaurant(rest_id)
);
CREATE TABLE orders (
order_id INT NOT NULL AUTO_INCREMENT UNIQUE PRIMARY KEY,
order_time TIME(6),
mall_id INT,
cinema_num VARCHAR(2),
seat_num VARCHAR(3),
status VARCHAR(10),
account_id INT,
boy_id INT,
total_price DECIMAL,
CHECK(status IN ('Pending', 'Assembling', 'Delivered')),
FOREIGN KEY (mall_id) REFERENCES mall(mall_id),
FOREIGN KEY (account_id) REFERENCES account(account_id),
FOREIGN KEY (boy_id) REFERENCES account(account_id)
);
CREATE TABLE orderitems (
orderitem_id INT NOT NULL AUTO_INCREMENT,
order_id INT NOT NULL,
item_id INT NOT NULL,
item_qty INT NOT NULL, /*new*/
total_price INT NOT NULL, /*new*/
PRIMARY KEY (orderitem_id ,order_id, item_id),
FOREIGN KEY (order_id) REFERENCES orders(order_id),
FOREIGN KEY (item_id) REFERENCES item(item_id)
);
CREATE TABLE tracker(
tracker_id INT NOT NULL AUTO_INCREMENT,
session_id VARCHAR(32),
item_id INT NOT NULL,
item_qty INT NOT NULL, /*new*/
total_price INT NOT NULL, /*new*/
PRIMARY KEY (tracker_id),
FOREIGN KEY (item_id) REFERENCES item(item_id)
);
CREATE TABLE message(
message_id INT NOT NULL AUTO_INCREMENT,
recipient_id INT NOT NULL,
/*recipient account id of the message*/
sender_id INT NOT NULL,
/*sender account id of the message*/
msg_date DATETIME,
msg TEXT(250),
PRIMARY KEY(message_id,recipient_id,sender_id),
FOREIGN KEY (recipient_id) REFERENCES account(account_id),
FOREIGN KEY (sender_id) REFERENCES account(account_id)
);
/*Query of the creation of the developer account*/
INSERT INTO account (username,password,position) VALUES ("developer","password","Dev");
\ No newline at end of file
styles.css 0 → 100644
View file @ 05f9623d
h1, legend, table
{
text-align: center;
font-family: tahoma;
color: white;
}
p, fieldset, label
{
font-family: tahoma;
color: white;
}
body, td.ignore
{
font-family: tahoma;
background-color: rgba(3, 10, 71, 1);
}
ul.buttons
{
margin: 10px auto 10px auto;
padding: 3px;
}
li
{
display: inline;
margin: 2px;
}
input.text
{
color: #5A5854;
background-color: #FAFAFA;
border: 1px solid #BDBDBD;
border-radius: 5px;
padding: 3px;
}
input.sub_submit
{
color: #7D7D7D;
background-color: #FFFFFF;
border: 1px solid #7D7D7D;
border-radius: 5px;
padding: 5px;
float: left;
margin: 3% 0% 0% 1.6%;
}
input.submit, button
{
text-transform: uppercase;
color: #5a5854;
background-color: #FFFFFF;
border: none;
border-radius: 10px;
width: 15%;
}
input.submit:hover, input.sub_submit:hover, button:hover
{
color: #FAFAFA !important;
background-color: #343434 !important;
}
button.even, button.odd
{
width: 60% !important;
}
table.list
{
width: 60%;
min-width: 50%;
max-width: 80%;
margin: 0px auto;
float: left;
}
th, td
{
padding: 0.5% 0.5% 0.5% 0.5%;
}
th
{
text-transform: uppercase;
letter-spacing: 0.1em;
font-size: 90%;
text-align: center;
width: 150px;
height: 50px;
}
tr.even, th.even, td.even
{
color: #111111;
background-color: #EFEFEF;
}
tr.odd, th.odd, td.odd
{
color: #111111;
background-color: rgba(41, 171, 203, 1);
}
tr:hover
{
color: #ECECEC;
background-color: #7B7B7B;
}
p.notif
{
width: 34%;
margin-right: 2.5%;
margin-top: 0.5%;
float: right;
padding: 0.4% 0.5% 0.7% 0.5%;
}
fieldset
{
width: 35%;
padding: 0.5% 0.5% 0.5% 0.5%;
border-radius: 10px;
}
td.number
{
text-align: right;
}
select
{
background-color: #FAFAFA;
color: #5A5854;
border-radius: 10px;
overflow: scroll;
}
label.in
{
margin: 0.8% 0.5% 0.8% 0.1%;
padding: 0.3% 0% 0.3% 2%;
float: left;
width: 45%;
}
select, input.text, div.rad
{
margin: 0.8% 0.5% 0.8% 0.1% !important;
padding: 1% !important;
}
table, fieldset.creation, fieldset.long
{
margin: 0px auto;
}
button.tb
{
width: 100%;
height: 100%;
}
fieldset.long
{
width: 40%;
}
li.home
{
padding: 20px;
color: white;
font-weight: bold;
}
a:link
{
color: white;
text-decoration: none;
}
div.navi
{
margin: 70px -10px auto -10px;
padding: 0 0.5% 0.5% 0.5%;
position: fixed;
background-color: rgba(102, 102, 255, 1);
width: 99.3%;
height: 40px;
text-align: center;
}
div.bar
{
padding: 0 0.5% 0.5% 0.5%;
margin: -10px -10px auto -10px;
position: fixed;
background-color: rgba(102, 102 , 255, 1);
width: 99.3%;
height: 78px;
}
div.empty
{
background-color: rgba(3, 10, 71, 1);
height: 118px;
}
p.logout
{
text-align: right;
float:right;
}
table
{
text-align: left;
}
div.center
{
text-align: center;
}
select.mall_list
{
margin: 0px auto;
}
h2
{
text-align: center;
font-family: tahoma;
color: white;
font-size: 50px;
}
fieldset.notice
{
float: right;
}
table.special
{
margin: 0px auto;
}
table.special
{
margin: 0px auto;
}
table.account
{
width: 20%;
}
div.promo
{
text-align: center;
margin: 0px auto;
width: 500px;
}
p.rights
{
text-align: center;
color: black;
bottom: 5px;
}
h2
{
font-family: "Brush Script MT";
}
img.logo
{
width: 70px;
height: 70px;
margin-top: 10px;
margin-left: 48%;
margin-right: 50%;
display: block;
}
img.login
{
margin-left: 40%;
margin-right: 50%;
}
p.details
{
float: left;
text-align: left;
}
p.rights
{
color: grey;
font-size: 13px;
}
\ No newline at end of file
view_account.php 0 → 100644
View file @ 05f9623d
<?php
session_start();
$mysqli = new mysqli("localhost","root","","dbadmin");
echo "<html><head><title>Your FooBu Account</title>";
echo "</head><link href = 'styles.css' type = 'text/css' rel = 'stylesheet'/>";
echo "<body>";
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
else
{
$id = $_SESSION['account_id'];
#protection
$sql = "SELECT * FROM account a
LEFT JOIN mall b ON a.mall_id = b.mall_id
LEFT JOIN restaurant c ON a.rest_id = c.rest_id
where account_id = " .$id;
$result = mysqli_query($mysqli,$sql);
$count = mysqli_num_rows($result);
if($result)
{
$newArray = mysqli_fetch_array($result, MYSQLI_ASSOC);
$position = $newArray['position'];
echo "<div class = 'bar'>";
#Account details
echo "<p class = 'logout'><a href = 'logout.php'>Log Out</a></p>";
echo "<p class = 'details'>Welcome " . $newArray['first_name']. " to Food Buddy!<br>";
if($position != 'Client')
{
echo "Position: " . $newArray['position']. "<br>";
if($position != 'Dev')
{
if($position != 'Boy') echo "Mall: " . $newArray['mall_name'] . ", Restaurant: " . $newArray['rest_name']. "<br>";
else echo "Mall: " . $newArray['mall_name'];
}
}
if($position == 'Client') echo "Load: " . $newArray['load_balance'] ."<br/>";
echo "</p><a href = 'homepage.php'><img class = 'logo' src='logo.jpg' title='Home Page' align = 'middle'/></a></div>";
echo "<div class = 'navi'>";
#Menu Items
if($position == 'Dev')
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_malls.php'>Malls</a></li>
<li class = 'home'><a href = 'display_rest.php'>Restaurants</a></li>
<li class = 'home'><a href = 'display_accounts.php'>Promote/Demote Account</a></li>";
}else if($position == 'Admin')
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_items.php'>Food Items</a></li>
<li class = 'home'><a href = 'display_accounts-2.php'>Load Accounts</a></li>";
}else if($position == 'Boy')
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_order.php'>All Orders</a></li>
<li class = 'home'><a href = 'display_orders_to_be_prepared.php'>Orders to Prepare</a></li>";
}
else
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'choose_mall.php'>Order Food</a></li>";
}
echo "<li class = 'home'><a href = 'view_message.php'>Messages</a></li>";
echo "</div><div class = 'empty'></div><br>";
$id = $newArray['account_id'];
$fname = $newArray['first_name'];
$mname = $newArray['middle_name'];
$lname = $newArray['last_name'];
$username = $newArray['username'];
$load_balance = $newArray['load_balance'];
#
echo "<table class = 'account'>
<tr class = 'odd'>
<th scope = 'row'>Account ID:<td class = 'number'>" .$id. "</td></tr>";
echo "<tr class = 'even'>
<th scope = 'row'>First Name:<td>" .$fname. "</td></tr>";
echo "<tr class = 'odd'>
<th scope = 'row'>Middle Name:<td>" .$mname. "</td></tr>";
echo "<tr class = 'even'>
<th scope = 'row'>Last Name:<td>" .$lname. "</td></tr>";
echo "<tr class = 'odd'>
<th scope = 'row'>Position:<td>" .$position. "</td></tr>";
echo "<tr class = 'even'>
<th scope = 'row'>Mall Name:<td>" . $newArray['mall_name']. "</td></tr>";
echo "<tr class = 'odd'>
<th scope = 'row'>Restaurant Name:<td>" . $newArray['rest_name']. "</td></tr>";
echo "<tr class = 'even'>
<th scope = 'row'>Load Balance (in Pesos):<td class = 'number'>" .$load_balance. "</td></tr>
</table>";
echo "<div class = 'center'>";
echo "<br><a href = 'edit_account.php' ><button>Edit</button></a></br>";
echo "</div>";
}
else
{
echo "<br>Wrong Username or Password!";
}
}
?>
view_cart.php 0 → 100644
View file @ 05f9623d
<?php
session_start();
?>
<!DOCTYPE html>
<html>
<head>
<title>Your Curent FooBu Cart</title>
<link href = "styles.css" type = "text/css" rel = "stylesheet"/>
<script type="text/javascript">
function checkLoad() {
var currentLoad = parseInt(<?php
$id = $_SESSION['account_id'];
$mysqli = new mysqli("localhost","root","","dbadmin");
$sql = "SELECT * FROM account
where account_id = ". $id;
$result = mysqli_query($mysqli,$sql);
$account = mysqli_fetch_array($result, MYSQLI_ASSOC);
$load = $account['load_balance'];
echo json_encode($load); ?>);
var totalPrice = parseInt(<?php
$sessID = stripslashes($_COOKIE['PHPSESSID']);
$sessID = mysqli_real_escape_string($mysqli,$sessID);
$mysqli = new mysqli("localhost","root","","dbadmin");
$sum_query = "SELECT SUM(total_price) AS totalSum FROM item
INNER JOIN tracker
ON item.item_id = tracker.item_id WHERE session_id = '" .$sessID."'";
$sum_result = mysqli_query($mysqli,$sum_query);
$sumArray = mysqli_fetch_array($sum_result, MYSQLI_ASSOC);
$sum = $sumArray['totalSum'];
echo json_encode($sum); ?>);
if(currentLoad >= totalPrice)
{
window.location = "order_form.php";
}
else
{
alert("Insufficient Load.\nLoad more into balance or Remove items from cart!"); // fail
delete window.alert; // true
}
}
</script>
</head>
<body>
<?php
$mysqli = new mysqli("localhost","root","","dbadmin");
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
else
{
$id = $_SESSION['account_id'];
#protection
$sql = "SELECT * FROM account a
LEFT JOIN mall b ON a.mall_id = b.mall_id
LEFT JOIN restaurant c ON a.rest_id = c.rest_id
where account_id = " .$id;
$result = mysqli_query($mysqli,$sql);
$count = mysqli_num_rows($result);
if($result)
{
$newArray = mysqli_fetch_array($result, MYSQLI_ASSOC);
$position = $newArray['position'];
echo "<div class = 'bar'>";
#Account details
echo "<p class = 'logout'><a href = 'logout.php'>Log Out</a></p>";
echo "<p class = 'details'>Welcome " . $newArray['first_name']. " to Food Buddy!<br>";
echo "Load: " . $newArray['load_balance'] ."<br/>";
echo "</p><a href = 'homepage.php'><img class = 'logo' src='logo.jpg' title='Home Page' align = 'middle'/></a></div>";
echo "<div class = 'navi'>";
#Menu Items
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>View Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'choose_mall.php'>Order Food</a></li>
<li class = 'home'><a href = 'view_message.php'>Messages</a></li>";
echo "</div><div class = 'empty'></div>";
$sessID = stripslashes($_COOKIE['PHPSESSID']);
$sessID = mysqli_real_escape_string($mysqli,$sessID);
$id = $_SESSION['account_id'];
#protection
$select_item_query = "SELECT * FROM item a
INNER JOIN tracker b ON a.item_id = b.item_id
INNER JOIN restaurant c ON a.rest_id = c.rest_id
WHERE session_id = '" .$sessID."'";
$resultz = mysqli_query($mysqli,$select_item_query);
#protection
$sql = "SELECT * FROM account
where account_id = ". $id;
$result = mysqli_query($mysqli,$sql);
$account = mysqli_fetch_array($result, MYSQLI_ASSOC);
$load = $account['load_balance'];
//$count = mysqli_num_rows($result);
if($result)
{
$newArray = mysqli_fetch_array($resultz, MYSQLI_ASSOC);
$id = $newArray['session_id'];
$item_name = $newArray['item_name'];
echo "<h1>Your Cart</h1>";
echo "<table>
<tr>
<th scope = 'col'>Restaurant Name</th>
<th scope = 'col'>Food Name</th>
<th scope = 'col'>Price</th>
<th scope = 'col'>Quantity</th>
<th scope = 'col'>Total Price</th>
</tr>";
$num = 0;
$class = "even";
foreach(mysqli_query($mysqli,$select_item_query) as $myRow)
{
if($num%2 == 0) $class = "even";
else $class = "odd";
$num++;
$button_id = $myRow['tracker_id'];
//$total_price_query = "SELECT price*item_qty AS totalPrice
//FROM item INNER JOIN tracker
//ON item.item_id = tracker.item_id WHERE session_id = '" .$sessID."' AND tracker_id = " .$button_id;
//$total_price_result = mysqli_query($mysqli,$total_price_query);
//$tpArray = mysqli_fetch_array($total_price_result, MYSQLI_ASSOC);
//$tp = $tpArray['totalPrice'];
//$price = sprintf('%.02f',$myRow['price']);
//$button_id = $myRow['item_id'];
echo "<tr class='$class'>
<td>" .$myRow['rest_name']. "</td>
<td>" .$myRow['item_name']. "</td>
<td class = 'number'>" .$myRow['price']. "</td>
<td class = 'number'>" .$myRow['item_qty']. "</td>
<td class = 'number'>" .$myRow['total_price']. "</td>
<td class = 'ignore'><a href = 'remove_from_cart.php?id=$button_id'><button class='tb'>Remove from Cart</button></td>
</tr>";
}
if($num%2 == 0) $class = "even";
else $class = "odd";
#total price
$sum_query = "SELECT SUM(total_price) AS totalSum FROM item
INNER JOIN tracker
ON item.item_id = tracker.item_id WHERE session_id = '" .$sessID."'";
$sum_result = mysqli_query($mysqli,$sum_query);
$sumArray = mysqli_fetch_array($sum_result, MYSQLI_ASSOC);
$sum = $sumArray['totalSum'];
$_SESSION['total_price'] = $sum;
echo "<tr><td><t/d><td></td><td></td><th scope = 'row'>Total Bill<td class = 'number'>$sum</td></tr>";
echo "</table>";
//echo "<br><a href = 'order_form.php'><button>Submit</button></a><br>";
echo "<div class = 'center'>";
echo "<br><button onclick = 'checkLoad()'>Submit</button><br>";
echo "<br><a href = 'menu.php'><button>Back</button></a>";
echo "</div>";
}
}
mysqli_close($mysqli);
}
?>
</body>
</html>
view_message.php 0 → 100644
View file @ 05f9623d
<!DOCTYPE html>
<html>
<head>
<title>Your Messages</title>
<script type="text/javascript">
function goBack() {
window.location = "homepage.php";
}
</script>
<link href="styles.css" type="text/css" rel="stylesheet">
</head>
<body>
<form name="main_form" method="post" action="view_message.php">
</head>
<body>
<?php
session_start();
$mysqli = new mysqli("localhost","root","","dbadmin");
#setting up the connection
if(mysqli_connect_errno())
{
printf("Connect failed: %s\n", mysqli_connect_error());
exit();
}
else
{
$id = $_SESSION['account_id'];
$sql = "SELECT * FROM account a
LEFT JOIN mall b ON a.mall_id = b.mall_id
LEFT JOIN restaurant c ON a.rest_id = c.rest_id
where a.account_id = ". $id;
$result = mysqli_query($mysqli,$sql);
if($result)
{
$account = mysqli_fetch_array($result, MYSQLI_ASSOC);
$position = $account['position'];
echo "<div class = 'bar'>";
#Account details
echo "<p class = 'logout'><a href = 'logout.php'>Log Out</a></p>";
echo "<p class = 'details'>Welcome " . $account['first_name']. " to Food Buddy!<br>";
if($position != 'Client')
{
echo "Position: " . $account['position']. "<br>";
if($position != 'Dev')
{
if($position != 'Boy') echo "Mall: " . $account['mall_name'] . ", Restaurant: " . $account['rest_name']. "<br>";
else echo "Mall: " . $account['mall_name'];
}
}
if($position == 'Client') echo "Load: " . $account['load_balance'] ."<br/>";
echo "</p><a href = 'homepage.php'><img class = 'logo' src='logo.jpg' title='Home Page' align = 'middle'/></a></div>";
echo "<div class = 'navi'>";
#Menu Items
if($position == 'Dev')
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_malls.php'>Malls</a></li>
<li class = 'home'><a href = 'display_rest.php'>Restaurants</a></li>
<li class = 'home'><a href = 'display_accounts.php'>Promote/Demote Account</a></li>";
}else if($position == 'Admin')
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_items.php'>Food Items</a></li>
<li class = 'home'><a href = 'display_accounts-2.php'>Load Accounts</a></li>";
}else if($position == 'Boy')
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'display_order.php'>All Orders</a></li>
<li class = 'home'><a href = 'display_orders_to_be_prepared.php'>Orders to Prepare</a></li>";
}
else
{
echo "<ul class = 'buttons'>
<li class = 'home'><a href = 'view_account.php'>Account Information</a></li>
<li class = 'home'><a href = 'edit_password.php'>Edit Password</a></li>
<li class = 'home'><a href = 'choose_mall.php'>Order Food</a></li>";
}
echo "<li class = 'home'><a href = 'view_message.php'>Messages</a></li>";
echo "</div><div class = 'empty'></div>";
echo "<div class = 'center'><ul>
<li><input class='submit' type='submit' name='view' value='View Message'></li>
<li><input class='submit' type='submit' name='delete' value='Delete'></li>
</ul></div>";
$mall_id = $account['mall_id'];
$table_query = "SELECT * FROM message
INNER JOIN account ON message.recipient_id = account.account_id
WHERE message.recipient_id = " .$id."
ORDER BY message.msg_date DESC";
$table2_query = "SELECT * FROM orderitems";
if(isset($_POST['view']))
{ #check if the VIEW ORDER button was pressed
foreach ($mysqli->query($table_query) as $myrow)
{ #for all entries in the order item list
$display_entry = $myrow["message_id"]; #assign current entry's item_id to variable
if(isset($_POST[$display_entry]) != NULL)
{ #check if the entry's checkbox was selected/not null(meaning the entry should be deleted)
#display order's items
$display_message = $myrow["msg"];
echo
"<fieldset class = 'notice'>
<legend> Message [" .$display_entry."] </legend>";
$display_message = $myrow["msg"];
echo $display_message;
echo "</fieldset>";
}
}
}
else if(isset($_POST['deliver']))
{ #check if the DIBS button was pressed
#send notification to client (wala pa to)
}
#CHECK CASCADE DELETE
else if(isset($_POST['delete']))
{ #check if the DELETE button was pressed
#print_r($_POST); #for checking purposes
foreach ($mysqli->query($table_query) as $myrow)
{ #for all entries in the item list
$delete_entry = $myrow["message_id"]; #assign current entry's item_id to variable
if(isset($_POST[$delete_entry]) != NULL)
{ #check if the entry's checkbox was selected/not null(meaning the entry should be deleted)
#execute deletion
$deleteitem_query = "DELETE FROM message WHERE message_id = '$delete_entry'";
$mysqli->query($deleteitem_query);
$delete_query = "DELETE FROM orders WHERE order_id = '$delete_entry'";
$mysqli->query($delete_query);
}
}
}
#display mall table contents
echo "<table class='list'>";
echo
"<tr>
<th>Message ID</th>
<th>Time Received</th>
<th>From</th>
</tr>";
#for layout purposes start
$num = 0;
$class = "even";
#end
foreach ($mysqli->query($table_query) as $myrow)
{
$checkbox_id = $myrow["message_id"];
#gets the sender information
$sender_id_query = "SELECT * FROM message WHERE message_id = " . $checkbox_id;
$result = mysqli_query($mysqli,$sender_id_query);
$senderArray = mysqli_fetch_array($result, MYSQLI_ASSOC);
$sender_id = $senderArray['sender_id'];
$sender_acc_query = "SELECT * FROM account WHERE account_id = " . $sender_id;
$sender_acc_result = mysqli_query($mysqli,$sender_acc_query);
$senderAccArray = mysqli_fetch_array($sender_acc_result, MYSQLI_ASSOC);
$sender_acc= $senderAccArray['first_name'] . " ''".$senderAccArray['username']."'' " . $senderAccArray['last_name'];
#for layout purposes start
if($num%2 == 0) $class = "even";
else $class = "odd";
$num++;
#end
#echo $checkbox_id; #for checking purposes
echo "<tr class='$class'> <td>";
echo "<input type='checkbox' name='$checkbox_id'>", " ", $myrow["message_id"];
echo "</td><td>";
echo $myrow["msg_date"];
echo "</td><td>";
echo $sender_acc;
echo "</td>";
echo "</tr>";
}
echo "</table>";
}
}
#end of display
?>
</body>
</html>
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment