148 lines
5.1 KiB
PHP
148 lines
5.1 KiB
PHP
|
<?php
|
||
|
|
||
|
require_once("./assets/php/utils.php");
|
||
|
|
||
|
// Check if the user is logged in, if not then redirect him to login page
|
||
|
if (!is_connected()) {
|
||
|
header("location: login.php");
|
||
|
exit;
|
||
|
}
|
||
|
|
||
|
// ========================================================================
|
||
|
// IF IN POST : USER SUBMITTED THE FORM
|
||
|
// ========================================================================
|
||
|
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
||
|
// Set all variables to empty.
|
||
|
$product_name = $expiration_date = $description = $cupboard = "";
|
||
|
$product_name_err = $expiration_date_err = $description_err = $cupboard_err = "";
|
||
|
|
||
|
|
||
|
// ========================================================================
|
||
|
// USER INPUT VALIDATION AND SANITIZATION PROCESS
|
||
|
// ========================================================================
|
||
|
// Check and store every field the user entered.
|
||
|
|
||
|
// NAME
|
||
|
if (empty(trim($_POST["name"]))) {
|
||
|
$product_name_err = "Please input a product name.";
|
||
|
} else if (strlen(trim($_POST["name"])) > 255) {
|
||
|
$product_name_err = "Max size for the product name is 255 characters."
|
||
|
. "Yours was " . strlen(trim($_POST["name"])) . " characters long.";
|
||
|
} else {
|
||
|
$product_name = trim($_POST["name"]);
|
||
|
}
|
||
|
|
||
|
|
||
|
// DESCRIPTION
|
||
|
if (empty(trim($_POST["description"]))) {
|
||
|
$description = null;
|
||
|
} else if (strlen(trim($_POST["description"])) > 65535) {
|
||
|
$description_err = "Your description is too long.";
|
||
|
} else {
|
||
|
$description = trim($_POST["description"]);
|
||
|
}
|
||
|
|
||
|
|
||
|
// EXPIRATION DATE
|
||
|
if (empty(trim($_POST["date"]))) {
|
||
|
$expiration_date = null;
|
||
|
} else if (date_format(date_create($_POST["date"]), 'Y-m-d') == $_POST["date"]) {
|
||
|
$min_date = date_format(date_create("01/01/1000"), 'Y-m-d');
|
||
|
$max_date = date_format(date_create("12/31/9999"), 'Y-m-d');
|
||
|
if ((trim($_POST["date"]) >= $min_date) && (trim($_POST["date"]) <= $max_date)) {
|
||
|
$expiration_date = trim($_POST["date"]);
|
||
|
} else {
|
||
|
$expiration_date_err = "The date isn't in our correct expiration date range.";
|
||
|
}
|
||
|
} else {
|
||
|
$expiration_date_err = "The date is invalid.";
|
||
|
}
|
||
|
|
||
|
// CUPBOARD
|
||
|
if (empty(trim($_POST["cupboard"]))) {
|
||
|
$cupboard = null;
|
||
|
} else if (is_numeric(trim($_POST["cupboard"]))) {
|
||
|
$cupboard_id = trim($_POST["cupboard"]);
|
||
|
if (does_cupboard_exist_from_id($cupboard_id)) {
|
||
|
$cupboard = trim($_POST["cupboard"]);
|
||
|
} else {
|
||
|
$cupboard_err = "Unknown cupboard.";
|
||
|
}
|
||
|
} else {
|
||
|
$cupboard_err = "Cupboard id isn't int.";
|
||
|
}
|
||
|
|
||
|
// ========================================================================
|
||
|
|
||
|
// ========================================================================
|
||
|
// INSERTION IN DATABASE IF CORRECT
|
||
|
// ========================================================================
|
||
|
if (empty($product_name_err) && empty($description_err) && empty($expiration_date_err) && empty($cupboard_err)) {
|
||
|
|
||
|
|
||
|
|
||
|
if (!add_product($product_name, $description, $expiration_date, $cupboard_id)) {
|
||
|
echo "Error. Something went wrong.";
|
||
|
}
|
||
|
} else {
|
||
|
|
||
|
echo $product_name_err;
|
||
|
echo $description_err;
|
||
|
echo $expiration_date_err;
|
||
|
echo $cupboard_err . $_POST["cupboard"];
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// =============================================================================
|
||
|
// BUILD CUPBOARD LIST FROM DATABASE
|
||
|
// =============================================================================
|
||
|
|
||
|
$cupboard_list = "";
|
||
|
foreach (get_users_cupboards_array() as $row) {
|
||
|
$cupboard_list = $cupboard_list . "<option value=\""
|
||
|
. htmlspecialchars($row["id"]) . "\">"
|
||
|
. htmlspecialchars($row["name"]) . "</option>\n";
|
||
|
}
|
||
|
?>
|
||
|
|
||
|
<!DOCTYPE html>
|
||
|
<html lang="en">
|
||
|
|
||
|
<head>
|
||
|
<meta charset="UTF-8">
|
||
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||
|
<meta http-equiv="X-UA-Compatible" content="ie=edge">
|
||
|
<title>Document</title>
|
||
|
</head>
|
||
|
|
||
|
<body>
|
||
|
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
|
||
|
<div class="form-group">
|
||
|
<label>Name</label>
|
||
|
<input type="text" name="name" class="form-control" value="" required>
|
||
|
<span class="help-block"></span>
|
||
|
</div>
|
||
|
<div class="form-group">
|
||
|
<label>Description</label>
|
||
|
<input type="text" name="description" class="form-control" value="">
|
||
|
<span class="help-block"></span>
|
||
|
</div>
|
||
|
<div class="form-group">
|
||
|
<label>Date de péremption</label>
|
||
|
<input id="date" type="date" name="date" value="">
|
||
|
<span class="help-block"></span>
|
||
|
</div>
|
||
|
<div class="form-group">
|
||
|
<label>Cupboard:</label>
|
||
|
<select name="cupboard">
|
||
|
<option value=""></option>
|
||
|
<?php echo $cupboard_list; ?>
|
||
|
</select>
|
||
|
</div>
|
||
|
<div class="form-group">
|
||
|
<input type="submit" class="btn btn-primary" value="Test">
|
||
|
</div>
|
||
|
</form>
|
||
|
</body>
|
||
|
|
||
|
</html>
|