Versiune stabila (posibil finala)

MihaiNeagu · Apr 20, 2013 · fad3579 · fad3579
1 parent 4ff3e6f
commit fad3579
Show file tree

Hide file tree

Showing 17 changed files with 243 additions and 60 deletions.
diff --git a/admin_panel.php b/admin_panel.php
@@ -15,7 +15,8 @@
 					echo '<tr>
 					<td></td>
 					<td>'.$row["username"].'</td>
-					<td><a href = "edit_user.php?user_id='.$row["user_id"].'">Editeaza</a></td>
+					<td><a href = "edit_user.php?user_id='.$row["user_id"].'"><input type = "button" class = "btn btn-info" value = "Editeaza"/></a>&nbsp;
+					<a href = "edit_user.php?delete_user_id='.$row["user_id"].'"><input type = "button" class = "btn btn-danger" value = "Sterge"/></a></td>
 				  	</tr>';
 		}
 		echo

diff --git a/buy.php b/buy.php
@@ -1,6 +1,6 @@
 <?php
 	include "header/header.php";
-	print_r($_POST);
+//	print_r($_POST);
 	redirect_if_logged_out();
 	if (isset($_POST["product_id"]) && !empty($_POST['product_id']))
 	{
@@ -26,7 +26,7 @@
 				//Updatez tabelul produse
 				$old_quantity = mysql_fetch_assoc(mysql_query("select quantity from products where id_product = " . $_POST['product_id']))['quantity'];
 				$new_quantity = $old_quantity - $_POST['quantity'];
-				mysql_query("update products set quantity = " . $new_quantity);
+				mysql_query("update products set quantity = " . $new_quantity . " where id_product = " . $_POST['product_id']);
 
 				mysql_query("COMMIT");
 				mysql_query("SET AUTOCOMMIT=1");

diff --git a/cauta.php b/cauta.php
@@ -25,7 +25,7 @@
 if (isset($_GET) && sizeof($_GET) != 0)
 {
 
-
+	echo '<ul class="thumbnails">';
 	if (isset($_GET["id_product"]) && $_GET["id_product"] != "")
 		mysql_query("delete from products where id_product='".$_GET["id_product"]."'");
 
@@ -37,6 +37,7 @@
 		mysql_query("insert into tranzactii (user_id,product_id) values ('".$_SESSION["user_id"]."', '".$_GET["buy_id"]."')");
 		header("Location: profile_panel.php");
 	}
+	echo '</ul>';
 //	echo "insert into tranzactii (user_id,product_id) values ('".$_SESSION["user_id"]."', '".$_GET["buy_id"]."')";
 
 

diff --git a/db/connections.php b/db/connections.php
@@ -1,4 +1,4 @@
 <?php 
-	mysql_connect("localhost","root","");
+	mysql_connect("127.0.0.1","root","");
 	mysql_select_db("mike_db");
 ?>
diff --git a/edit_user.php b/edit_user.php
@@ -1,12 +1,23 @@
 <?php include 'header/header.php';
 redirect_if_logged_out();
 if (!logged_in () || $user_data['usertype'] != 'administrator') header('Location: index.php');
-if (!isset($_GET['username'])) $page_valid = false; 
-$edit_data = get_user_data ($_GET['user_id'],'last_name','first_name','username','email','password');
+if (!isset($_POST['username'])) $page_valid = false; 
+
+//Pentru a sterge un utilizator
+if (!empty($_GET['delete_user_id']))
+{
+	mysql_query("delete from users where user_id = " . $_GET['delete_user_id']);
+	header ("Location: admin_panel.php");
+}
+
+if (isset($_GET['user_id']))
+$edit_data = get_user_data ($_GET['user_id'],'user_id','last_name','first_name','username','email','password','usertype');
+else
+$edit_data = get_user_data ($_POST['user_id'],'user_id','last_name','first_name','username','email','password','usertype');
 ?>
 
-<form class = "form-horizontal" method = "GET" action = "edit_user.php">
-	<input type = 'hidden' name = 'user_id' value = <?php echo '"'.$_GET['user_id'].'"'; ?>>
+<form class = "form-horizontal" method = "POST" action = "edit_user.php">
+	<input type = 'hidden' name = 'user_id' value = <?php echo '"'.$edit_data['user_id'].'"'; ?>>
 	<div class = "control-group">
 		<label class = "control-label" for = "nume">Nume</label>
 		<div class = "controls">
@@ -27,8 +38,8 @@
 			<input type = "text" id = "email" name = "email" placeholder = "Email" value = 
 			<?php echo '"'.$edit_data["email"].'"'; ?>>
 			<?php
-				if (isset($_GET['email']))								
-					if (!param_exists_get("email"))
+				if (isset($_POST['email']))								
+					if (!param_exists_post("email"))
 					{
 						validation_error ("Email-ul este obligatoriu !");
 						$page_valid = false;
@@ -42,15 +53,15 @@
 			<input type = "text" id = "username" name = "username" placeholder = "Username" value = 
 			<?php echo '"'.$edit_data["username"].'"'; ?> />
 			<?php
-				if (isset($_GET['username']))	
+				if (isset($_POST['username']))	
 				{			
-					if (!param_exists_get("username"))
+					if (!param_exists_post("username"))
 					{
 						validation_error ("Username-ul este obligatoriu !");
 						$page_valid = false;
 					}
 					else
-					if (user_exists($_GET['username']) && $_GET['username'] != $edit_data['username'])
+					if (user_exists($_POST['username']) && $_POST['username'] != $edit_data['username'])
 					{
 						validation_error("Username-ul este deja folosit !");
 						$page_valid = false;
@@ -59,13 +70,22 @@
 			?>
 		</div>
 	</div>
+	<div class = "control-group">
+		<label class = "control-label" for = "usertype">Tip de utilizator</label>
+		<div class = "controls">
+			<select name = "usertype">
+				<option value = "user" <?php echo ($edit_data['usertype'] == 'user') ? 'selected' : ''; ?>>Utilizator normal</option>
+				<option value = "administrator" <?php echo ($edit_data['usertype'] == 'administrator') ? 'selected' : ''; ?>>Administrator</option>
+			</select>
+		</div>
+	</div>
 	<div class = "control-group">
 		<label class = "control-label" for = "password">Password</label>
 		<div class = "controls">
 			<input type = "password" id = "password" name = "password" placeholder = "Password"/>
 			<?php
-		/*		if (isset($_GET) && sizeof($_GET) != 0)				
-					if (!param_exists_get("password"))
+		/*		if (isset($_POST) && sizeof($_POST) != 0)				
+					if (!param_exists_post("password"))
 					{
 						validation_error ("Parola este obligatorie !");
 						$page_valid = false;
@@ -84,7 +104,7 @@
 
 <h4>Achizitionari</h4>
 <?php 
-$result = mysql_query("select * from products join tranzactii on tranzactii.product_id = products.id_product where user_id = ".$_GET['user_id']);
+$result = mysql_query("select * from products join tranzactii on tranzactii.product_id = products.id_product where user_id = ".$edit_data['user_id']);
 $num = 0;
 	echo '<br/>
 				<table class = "table table-hover">
@@ -102,7 +122,7 @@
 					<td>'.$num.'</td>
 					<td>'.$row["name"].'</td>
 					<td>'.$row["price"].'</td>
-					<td><a href = "edit_user.php?id='.$row["id_tranzactie"].'">Renunta</a></td>
+					<td><a href = "edit_user.php?user_id = '.$edit_data['user_id'].'id='.$row["id_tranzactie"].'">Renunta</a></td>
 				  	</tr>';
 		}
 		echo
@@ -113,32 +133,35 @@
 
 <?php
 
-	if (isset($_GET) && !empty($_GET))
-		if (!empty($_GET['id']))
+	if (isset($_POST) && !empty($_POST))
+		{
+			if (!empty($_POST['id']))
 			{
-				$tranzactie = mysql_fetch_assoc(mysql_query("select * from tranzactii where id_tranzactie = " . $_GET["id"]));
-				$new_quantity = mysql_fetch_assoc(mysql_query("select * from products where id_product = ". $tranzactie["product_id"]))["quantity"] + $tranzactie["quantity"];
-				mysql_query("update products set quantity = ".$new_quantity." where id_product = ".$tranzactie["product_id"]);
-				mysql_query("delete from tranzactii where id_tranzactie = '".$_GET["id"]."'");
-
+					$tranzactie = mysql_fetch_assoc(mysql_query("select * from tranzactii where id_tranzactie = " . $_POST["id"]));
+					$new_quantity = mysql_fetch_assoc(mysql_query("select * from products where id_product = ". $tranzactie["product_id"]))["quantity"] + $tranzactie["quantity"];
+					mysql_query("update products set quantity = ".$new_quantity." where id_product = ".$tranzactie["product_id"]);
+					mysql_query("delete from tranzactii where id_tranzactie = '".$_POST["id"]."'");
+				
 			}
 
-	//if (!isset($_GET['id']))
+		}
+
+	//if (!isset($_POST['id']))
 	if ($page_valid == true)
 	{
 		//Prelucrarea datelor de editare
 
 		//In cazul in care nu se introduc noi date
-		$edit_data['password'] = (empty($_GET['password'])) ? $edit_data['password'] : $_GET['password'];
-		$edit_data['username'] = (empty($_GET['username'])) ? $edit_data['username'] : $_GET['username'];
-		$edit_data['last_name'] = (empty($_GET['nume'])) ? $edit_data['last_name'] : $_GET['nume'];
-		$edit_data['first_name'] = (empty($_GET['prenume'])) ? $edit_data['first_name'] : $_GET['prenume'];
-		$edit_data['email'] = (empty($_GET['email'])) ? $edit_data['email'] : $_GET['email'];
+		$edit_data['password'] = (empty($_POST['password'])) ? $edit_data['password'] : $_POST['password'];
+		$edit_data['username'] = (empty($_POST['username'])) ? $edit_data['username'] : $_POST['username'];
+		$edit_data['last_name'] = (empty($_POST['nume'])) ? $edit_data['last_name'] : $_POST['nume'];
+		$edit_data['first_name'] = (empty($_POST['prenume'])) ? $edit_data['first_name'] : $_POST['prenume'];
+		$edit_data['email'] = (empty($_POST['email'])) ? $edit_data['email'] : $_POST['email'];
 
-		if (empty($_GET['password'])) //Daca nu e setat GET-ul, parola e deja critata
-			mysql_query("update users set username = '".$edit_data['username']."', last_name='".$edit_data["last_name"]."', first_name='".$edit_data["first_name"]."', email='".$edit_data["email"]."', password='".$edit_data['password']."' where user_id=".$_GET['user_id']);
+		if (empty($_POST['password'])) //Daca nu e setat POST-ul, parola e deja criptata
+			mysql_query("update users set username = '".$edit_data['username']."', last_name='".$edit_data["last_name"]."', first_name='".$edit_data["first_name"]."', email='".$edit_data["email"]."', usertype = '". $_POST['usertype'] ."', password='".$edit_data['password']."' where user_id=".$_POST['user_id']);
 		else
-			mysql_query("update users set username = '".$edit_data['username']."', last_name='".$edit_data["last_name"]."', first_name='".$edit_data["first_name"]."', email='".$edit_data["email"]."', password='".sha1($edit_data['password'])."' where user_id=".$_GET['user_id']);
+			mysql_query("update users set username = '".$edit_data['username']."', last_name='".$edit_data["last_name"]."', first_name='".$edit_data["first_name"]."', email='".$edit_data["email"]."', usertype = '". $_POST['usertype'] ."', password='".sha1($edit_data['password'])."' where user_id=".$_POST['user_id']);
 
 		echo '<label class = "text-success">A fost introdusa o noua linie in baza de date !</label>';
 	}

diff --git a/factura.php b/factura.php
@@ -0,0 +1,134 @@
+<?php
+include 'header/init.php';
+redirect_if_logged_out();
+if (empty($tranzactii_user)) header("Location: index.php");
+require_once('tcpdf/config/lang/eng.php');
+require_once('tcpdf/tcpdf.php');
+
+// create new PDF document
+$pdf = new TCPDF(PDF_PAGE_ORIENTATION, PDF_UNIT, PDF_PAGE_FORMAT, true, 'UTF-8', false);
+
+// set document information
+$pdf->SetCreator(PDF_CREATOR);
+$pdf->SetAuthor('Magazin Online');
+$pdf->SetTitle('Factura client <Nume client>');
+//$pdf->SetSubject('TCPDF Tutorial');
+//$pdf->SetKeywords('Factura, PDF, example, test, guide');
+
+// set default header data
+//$pdf->SetHeaderData(PDF_HEADER_LOGO, PDF_HEADER_LOGO_WIDTH, PDF_HEADER_TITLE.' 006', PDF_HEADER_STRING);
+
+// set header and footer fonts
+$pdf->setHeaderFont(Array(PDF_FONT_NAME_MAIN, '', PDF_FONT_SIZE_MAIN));
+$pdf->setFooterFont(Array(PDF_FONT_NAME_DATA, '', PDF_FONT_SIZE_DATA));
+
+// set default monospaced font
+$pdf->SetDefaultMonospacedFont(PDF_FONT_MONOSPACED);
+
+//set margins
+$pdf->SetMargins(PDF_MARGIN_LEFT, PDF_MARGIN_TOP, PDF_MARGIN_RIGHT);
+$pdf->SetHeaderMargin(PDF_MARGIN_HEADER);
+$pdf->SetFooterMargin(PDF_MARGIN_FOOTER);
+
+//set auto page breaks
+$pdf->SetAutoPageBreak(TRUE, PDF_MARGIN_BOTTOM);
+
+//set image scale factor
+$pdf->setImageScale(PDF_IMAGE_SCALE_RATIO);
+
+//set some language-dependent strings
+$pdf->setLanguageArray($l);
+
+// ---------------------------------------------------------
+
+// set font
+$pdf->SetFont('dejavusans', '', 10);
+
+// add a page
+$pdf->AddPage();
+
+// writeHTML($html, $ln=true, $fill=false, $reseth=false, $cell=false, $align='')
+// writeHTMLCell($w, $h, $x, $y, $html='', $border=0, $ln=0, $fill=0, $reseth=true, $align='', $autopadding=true)
+
+//Informatiile utilizatorului care vor aparea pe factura
+
+//Generez numarul de factura
+$id_factura = 0;
+foreach ($tranzactii_user as $tranzactie)
+	$id_factura += $tranzactie;
+$id_factura *= $user_data['user_id'];
+
+
+$produse_tabel = '';
+$nr = 0;
+$pret_total = 0;
+$result = mysql_query("select products.id_product from products 
+		join tranzactii on tranzactii.product_id = products.id_product
+        join users on tranzactii.user_id = users.user_id
+where users.user_id = " . $user_data['user_id']);
+$produse_user_id = array();
+while ($produse_user_id = mysql_fetch_array($result)){
+
+	//Populez tabelul cu produse
+	$produs_user = mysql_fetch_assoc(mysql_query("select * from products where id_product = " . $produse_user_id[0]));
+
+	$produs_user['quantity'] = mysql_fetch_assoc(mysql_query("select tranzactii.quantity from products 
+		join tranzactii on tranzactii.product_id = products.id_product
+        join users on tranzactii.user_id = users.user_id
+		where users.user_id = " . $user_data['user_id'] . " and product_id = " . $produs_user['id_product']))['quantity'];
+
+		$pret_total += $produs_user['quantity'] * $produs_user['price'];
+		$nr++;
+		$produse_tabel .= 
+		'<tr>
+			<td>'.$nr.'</td>
+			<td colspan = "3">'.$produs_user['name'].'</td>
+			<td>'.$produs_user['quantity'].'</td>
+			<td>'.$produs_user['price'].'</td>
+		</tr>';
+}
+
+// create some HTML content
+$html = '<h1>Factura Online Store</h1></br><h4>Nr. '. $id_factura .'</h4>';
+$html .= '<table>
+			<tr>
+				<td><b>Cumparator:</b></td>
+				<td>'.$user_data['last_name'].' '.$user_data['first_name'].'</td>
+			</tr>
+			<tr>
+				<td><b>Email:</b></td>
+				<td>'.$user_data['email'].'</td>
+			</tr>
+		 </table><br/><br/>';
+$html .= '<table border = "1" cellspacing="3" cellpadding="4">
+			<tr>
+				<th>Nr.crt.</th>
+				<th colspan = "3">Denumire produs</th>
+				<th>Cantitate</th>
+				<th>Pret unitar</th>
+			</tr>'
+			.$produse_tabel.
+		'</table></br></br></br>	Intocmit de: <br/>Garantie:<br/>';
+$html .= '<table>
+			<tr>
+				<th>Semnatura si stampila furnizorului</th>
+				<th>Semnatura de primire</th>
+				<th>Total de plata</th>
+			</tr>
+			<tr>
+				<td></td>
+				<td></td>
+				<td>'.$pret_total.' RON</td>
+			</tr>
+		</table>';
+// output the HTML content
+$pdf->writeHTML($html, true, false, true, false, '');
+
+
+
+//Close and output PDF document
+$pdf->Output('factura_magazin_online.pdf', 'I');
+
+//============================================================+
+// END OF FILE                                                
+//============================================================+
diff --git a/header/functions.php b/header/functions.php
@@ -27,33 +27,29 @@ function render_product ($id,$name,$price,$description,$image,$quantity)
 	{
 		$quantity_display = ($quantity > 0) ? "<h5 class = 'text-success'>Exista in stoc ".$quantity. " produse !</h5>"
 												: "<h5 class = 'text-error'>Nu mai exista in stoc !</h5>";
-		echo (logged_in()) ? 
-				'<form action = "buy.php" method = "POST">
-				<ul class="thumbnails">
+		$buton_cumpara = '';
+		if (logged_in())
+		{
+			$buton_cumpara = (mysql_num_rows(mysql_query("select * from tranzactii where product_id = " . $id . " and user_id = " . $_SESSION['user_id'])) != 0) ? '' : '<input type = "submit" class = "btn btn-primary" value = "Buy" />';
+		}
+		echo 
+				'
+			<!--	<ul class="thumbnails"> -->
   					<li style = "padding-right:10;"  class="span4">
   						<div class = "thumbnail">
-		    				<a href="#" class="thumbnail">
-		      				<img width = "360" height ="270" src = "'.$image.'" alt = "Imagine Produs" />
-		    				</a>
-		    				<input type = "hidden" name = "product_id" value = "'.$id.'" />
-			    			<h3>'.$name.'</h3> <h4>'.$price.' RON</h4></br>
-			    			'.$quantity_display.'</br>
-			    			<p>'.$description.'</p>
-			    			<input type = "text" name = "quantity" />
-			    			<input type = "submit" class = "btn btn-primary" value = "Buy" />
-			      			<!-- <a href = "buy.php?product_id='.$id.'"><input type = "button" class = "btn btn-primary" value = "Buy"></a> -->
-			      			<input type = "button" class = "btn btn-info" value = "Info">
-		      			</div>
-  					</li>' : 
-  					'<ul class="thumbnails">
-  					<li style = "padding-right:10;" class="span4">
-  						<div class = "thumbnail">
-		    				<a href="#" class="thumbnail">
-		      				<img src = "'.$image.'" alt = "Imagine Produs" />
-		    				</a>
-			    			<h3>'.$name.'</h3> <h4>'.$price.' RON</h4></br>
-			    			<p>'.$description.'</p>
-			      			<input type = "button" class = "btn btn-info" value = "Info">
+  							<form action = "buy.php" method = "POST">
+			    				<a href="#" class="thumbnail">
+			      				<img width = "360" height ="270" src = "'.$image.'" alt = "Imagine Produs" />
+			    				</a>
+			    				<input type = "hidden" name = "product_id" value = "'.$id.'" />
+				    			<h3>'.$name.'</h3> <h4>'.$price.' RON</h4></br>
+				    			'.$quantity_display.'</br>
+				    			<p>'.$description.'</p>
+				    			<input type = "text" name = "quantity" value = "1" />
+				    			'.$buton_cumpara.'
+				      			<!-- <a href = "buy.php?product_id='.$id.'"><input type = "button" class = "btn btn-primary" value = "Buy"></a> -->
+				      			<input type = "button" class = "btn btn-info" value = "Info">
+			      			</form>
 		      			</div>
   					</li>';
 	}