added a way to delete products

This commit is contained in:
Louis Vallat 2019-11-12 10:41:10 +01:00
parent 935a7f5ea5
commit 0b1b7f43df
2 changed files with 37 additions and 2 deletions

View File

@ -283,7 +283,7 @@ function get_users_products_array()
products.id AS id, products.name AS name, products.description AS description, products.id AS id, products.name AS name, products.description AS description,
cupboards.id AS cupboard_id, cupboards.name AS cupboard_name, cupboards.id AS cupboard_id, cupboards.name AS cupboard_name,
cupboards.description AS cupboard_description, expiration_date, cupboards.description AS cupboard_description, expiration_date,
added_date added_date, products.public_id AS public_id
FROM products FROM products
LEFT JOIN cupboards ON products.cupboard_id = cupboards.id LEFT JOIN cupboards ON products.cupboard_id = cupboards.id
WHERE products.owner_id = :owner_id;"; WHERE products.owner_id = :owner_id;";
@ -322,10 +322,34 @@ function delete_cupboard($cupboard_public_id)
{ {
global $PDO; global $PDO;
$sql = "DELETE cupboards FROM cupboards INNER JOIN accounts ON cupboards.owner_id = accounts.id WHERE cupboards.public_id = :id;"; $sql = "DELETE cupboards
FROM cupboards
INNER JOIN accounts
ON cupboards.owner_id = accounts.id
WHERE cupboards.public_id = :id
AND cupboards.owner_id = :owner_id;";
$query = $PDO->prepare($sql); $query = $PDO->prepare($sql);
$query->bindValue(":id", $cupboard_public_id); $query->bindValue(":id", $cupboard_public_id);
$query->bindValue(":owner_id", get_user_info_from_session_id("id"));
return $query->execute();
}
function delete_product($product_public_id)
{
global $PDO;
$sql = "DELETE products
FROM products
INNER JOIN accounts
ON products.owner_id = accounts.id
WHERE products.public_id = :id
AND products.owner_id = :owner_id;";
$query = $PDO->prepare($sql);
$query->bindValue(":id", $product_public_id);
$query->bindValue(":owner_id", get_user_info_from_session_id("id"));
return $query->execute(); return $query->execute();
} }

View File

@ -6,6 +6,12 @@ if (!is_connected()) {
header("location: login.php"); header("location: login.php");
} }
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["delete"])) {
if (!delete_product($_POST["delete"])) {
$erreur = "<p>An error happened.</p>\n";
}
}
$product_list = ""; $product_list = "";
foreach (get_users_products_array() as $row) { foreach (get_users_products_array() as $row) {
$product_list = $product_list . "<tr><td>" $product_list = $product_list . "<tr><td>"
@ -18,6 +24,8 @@ foreach (get_users_products_array() as $row) {
. htmlspecialchars($row["expiration_date"] !== NULL ? $row["expiration_date"] : "-") . htmlspecialchars($row["expiration_date"] !== NULL ? $row["expiration_date"] : "-")
. "</td><td>" . "</td><td>"
. htmlspecialchars($row["cupboard_name"] !== NULL ? $row["cupboard_name"] : "-") . htmlspecialchars($row["cupboard_name"] !== NULL ? $row["cupboard_name"] : "-")
. "</td><td>"
. "<form method='post'><button type='publish' name='delete' value='" . $row["public_id"] . "'>Delete</button></form>"
. "</td><tr>\n"; . "</td><tr>\n";
} }
@ -62,6 +70,9 @@ foreach (get_users_products_array() as $row) {
<th> <th>
Rangement associé Rangement associé
</th> </th>
<th>
Supprimer
</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>