API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 14th, 2019
279
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 26.75 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. $servername = "localhost";
  3. $username = "devhelpr_ancapiu";
  4. $password = "ancapi123!";
  5. $db = "devhelpr_ancapi";
  6.  
  7. function getProdStoc($stoc=10)
  8. {
  9. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  10. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  11.  
  12. $query = "SELECT nume, (SELECT nume FROM categorii WHERE categorii.id = produse.categorie) AS categorie, stoc, aprovizionare FROM produse WHERE stoc<=:stoc";
  13. $stmt = $conn->prepare($query);
  14. $stmt -> bindParam(":stoc", $stoc);
  15. $stmt -> execute();
  16.  
  17. return json_encode($stmt->fetchAll());
  18. }
  19. function adaugaCod($cod, $key)
  20. {
  21. if(checkLoginKey($key))
  22. {
  23. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  24. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  25. $query = "UPDATE accounts SET codReducere = :cod WHERE loginKey = :key";
  26. $stmt = $conn ->prepare($query);
  27. $stmt -> bindParam(":cod", $cod);
  28. $stmt -> bindParam(":key", $key);
  29. $stmt -> execute();
  30.  
  31.  
  32. return 1;
  33. }
  34. return 0;
  35. }
  36. function marcareComanda($x)
  37. {
  38. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  39. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  40. $query = "UPDATE comenzi SET status = 1 WHERE id=:id";
  41. $stmt = $conn -> prepare($query);
  42. $stmt -> bindParam(":id", $x);
  43. $stmt -> execute();
  44. return 1;
  45.  
  46. }
  47. function getComenzi()
  48. {
  49. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  50. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  51. $query = "SELECT id, (SELECT CONCAT(nume,' ',prenume) FROM accounts WHERE accounts.id = comenzi.cumparator) AS nume, adresa, mail, telefon, total FROM comenzi WHERE status = 0 ORDER BY data ASC";
  52. $stmt = $conn -> prepare($query);
  53. $stmt -> execute();
  54. return json_encode($stmt -> fetchAll());
  55. }
  56. function stergereReducere($id)
  57. {
  58. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  59. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  60. $query = "DELETE FROM reduceri WHERE id=:id";
  61. $stmt = $conn -> prepare($query);
  62. $stmt -> bindParam(":id", $id);
  63. $stmt -> execute();
  64. return 1;
  65. }
  66. function addReducere($cod, $categorii,$valoare)
  67. {
  68. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  69. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  70. $categorii = json_decode($categorii);
  71. $toAdd="";
  72. foreach($categorii as $categorie)
  73. {
  74. $toAdd.=$categorie;
  75. }
  76. if(count($categorii) != 0)
  77. $tip = 1;
  78. else
  79. $tip = 0;
  80. $query = "INSERT INTO reduceri(tip, cod, categorii,valoare) VALUES(:tip,:cod,:categorii,:valoare)";
  81. $stmt = $conn -> prepare($query);
  82. $stmt -> bindParam(":tip", $tip);
  83. $stmt -> bindParam(":cod", $cod);
  84. $stmt -> bindParam(":categorii", $toAdd);
  85. $stmt -> bindParam(":valoare", $valoare);
  86. $stmt -> execute();
  87.  
  88. }
  89. function getDiscount()
  90. {
  91. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  92. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  93. $query = "SELECT * FROM reduceri";
  94. $stmt = $conn -> prepare($query);
  95. $stmt -> execute();
  96. return json_encode($stmt->fetchAll());
  97. }
  98. function getOrderById($key, $id)
  99. {
  100. if(checkLoginKey($key))
  101. {
  102. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  103. // set the PDO error mode to exception
  104. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  105. $query = "SELECT id FROM accounts WHERE loginKey = :lgk ";
  106. $stmt = $conn -> prepare($query);
  107. $stmt -> bindParam(":lgk", $key);
  108. $stmt -> execute();
  109. $uId = $stmt -> fetchColumn();
  110.  
  111. $query="SELECT cumparator,produse FROM comenzi WHERE id = :id";
  112. $stmt=$conn->prepare($query);
  113. $stmt->bindParam(":id",$id);
  114. $stmt->execute();
  115. $result = $stmt->fetchAll();
  116.  
  117. foreach ($result as $comanda)
  118. {
  119. if($uId != $comanda["cumparator"]) return -1;
  120.  
  121. $prod = $comanda["produse"];
  122. $prod = explode(",", $prod);
  123. $return = array();
  124. foreach ($prod as $produs)
  125. {
  126. $query = "SELECT id, nume, pret, img FROM produse WHERE id=:id";
  127. $stmt = $conn -> prepare($query);
  128. $stmt -> bindParam(":id", $produs);
  129. $stmt -> execute();
  130. $row = $stmt->fetchAll();
  131. $return[] = array("nume" => $row[0]["nume"], "pret" => $row[0]["pret"], "img" => $row[0]["img"], "id" => $row[0]["id"]);
  132. }
  133. }
  134. return json_encode($return);
  135. }
  136. else return -1;
  137. }
  138. function placeOrder($key)
  139. {
  140. if(checkLoginKey($key))
  141. {
  142. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  143. // set the PDO error mode to exception
  144. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  145. $query="SELECT id, cos, oras, judet, adresa, telefon,email, codReducere FROM accounts WHERE loginKey = :key";
  146. $stmt=$conn->prepare($query);
  147. $stmt->bindParam(":key",$key);
  148. $stmt->execute();
  149. $row = $stmt->fetchAll();
  150.  
  151.  
  152. $queryReduceri = "SELECT valoare,tip, categorii FROM reduceri WHERE cod = :cod";
  153. $state = $conn->prepare($queryReduceri);
  154. $state -> bindParam(":cod", $row[0]["codReducere"]);
  155. $state -> execute();
  156. $state = $state->fetchAll();
  157.  
  158. $valoareReducere = $state[0]["valoare"];
  159. $categoriiRed = explode(",",$state[0]["categorii"]);
  160. $tipReducere = $state[0]["tip"];
  161.  
  162. $produse = explode(",", $row[0]["cos"]);
  163. $prodAct = $row[0]["cos"];
  164. $id = $row[0]["id"];
  165. $adresa = $row[0]["oras"].",".$row[0]["judet"].",".$row[0]["adresa"];
  166. $mail = $row[0]["email"];
  167. $telefon = $row[0]["telefon"];
  168.  
  169. $cnt = 0;
  170. $total = 0;
  171. foreach($produse as $prod)
  172. {
  173. if($cnt > 0)
  174. {
  175. $update = "UPDATE produse SET stoc=stoc-1 WHERE id=:id";
  176. $state = $conn -> prepare($update);
  177. $state->bindParam(":id", $prod);
  178. $state->execute();
  179. $query = "SELECT pret,categorie FROM produse WHERE id=:id";
  180. $stmt = $conn -> prepare($query);
  181. $stmt -> bindParam(":id", $prod);
  182. $stmt -> execute();
  183. $stmt = $stmt -> fetchAll();
  184.  
  185. $pret = $stmt[0]["pret"];
  186. $categ = $stmt[0]["categorie"];
  187. $total += $pret;
  188. if(in_array($categ, $categoriiRed) || $tipReducere == 0)
  189. $total-=$valoareReducere;
  190. }
  191. $cnt++;
  192. }
  193. $query = "INSERT INTO comenzi (cumparator, produse, adresa, mail, telefon, total) VALUES (:id, :produse, :adresa, :mail, :telefon, :total)";
  194. $stmt = $conn -> prepare($query);
  195. $stmt -> bindParam(":id", $id);
  196. $stmt -> bindParam(":produse", $prodAct);
  197. $stmt -> bindParam(":adresa", $adresa);
  198. $stmt -> bindParam(":mail", $mail);
  199. $stmt -> bindParam(":telefon", $telefon);
  200. $stmt -> bindParam(":total", $total);
  201. $stmt -> execute();
  202.  
  203. $query = "UPDATE accounts SET cos='' WHERE loginKey=:id";
  204. $stmt = $conn -> prepare($query);
  205. $stmt -> bindParam(':id', $key);
  206. $stmt -> execute();
  207. return 1;
  208. }
  209. else
  210. return -1;
  211. }
  212. function editData($oras,$judet,$adresa,$telefon,$key)
  213. {//Funcite de editare date utilizator.
  214. //Se trimit catre server variabilele;oras,judet,adresa,telefon si loginkey;in caz de succes,reuseste sa modifice datele in baza de date.
  215. if(checkLoginKey($key))
  216. {
  217. try {
  218. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  219. // set the PDO error mode to exception
  220. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  221. $query="UPDATE accounts SET oras=:oras, judet=:judet, adresa=:adresa,telefon=:telefon WHERE loginKey = :key";
  222. $stmt=$conn->prepare($query);
  223. $stmt->bindParam(":oras",$oras);
  224. $stmt->bindParam(":judet",$judet);
  225. $stmt->bindParam(":adresa",$adresa);
  226. $stmt->bindParam(":telefon",$telefon);
  227. $stmt->bindParam(":key",$key);
  228. $stmt->execute();
  229. return 1;
  230. }
  231. catch(PDOException $e)
  232. {
  233. return -1;
  234. }
  235. }
  236. }
  237. function addToPref($key, $prod)
  238. {//Functia de adaugare produs
  239. //Trimite catre baza de date produsul si loginkey-ul,daca reuseste sa introduca in baza de date ,returneaza 1.
  240. if(checkLoginKey($key))
  241. {
  242. try {
  243. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  244. // set the PDO error mode to exception
  245. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  246. $query="UPDATE accounts SET favorite=CONCAT(favorite, :prod) WHERE loginKey = :key";
  247. $stmt=$conn->prepare($query);
  248. $prod = ",".$prod;
  249. $stmt->bindParam(":prod",$prod);
  250. $stmt->bindParam(":key",$key);
  251. $stmt->execute();
  252. return 1;
  253. }
  254. catch(PDOException $e)
  255. {
  256. return -1;
  257. }
  258. }
  259. }
  260. function addToCart($key, $prod)
  261. {
  262. /***************** FUNCTION DESCRIPTION BELOW *****************************
  263. *
  264. * In this function we add the requested product to our user's shopping cart
  265. *
  266. ***************************************************************************/
  267.  
  268. if(checkLoginKey($key))
  269. {
  270. try {
  271. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  272. // set the PDO error mode to exception
  273. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  274. $query="UPDATE accounts SET cos=CONCAT(cos,:prod) WHERE loginKey = :key";
  275. $stmt=$conn->prepare($query);
  276. $prod = ",".$prod;
  277. $stmt->bindParam(":prod",$prod);
  278. $stmt->bindParam(":key",$key);
  279. $stmt->execute();
  280.  
  281. return 1;
  282. }
  283. catch(PDOException $e)
  284. {
  285. return -1;
  286. }
  287. }
  288.  
  289. }
  290. function checkLoginKey($key)
  291. {
  292. //Functia verifica daca acestui login-key ii corespunde un cont in baza de date. In caz afirmativ, intoarce 1, altfel intoarce -1.
  293. try {
  294. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  295. // set the PDO error mode to exception
  296. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  297. $query="SELECT count(*) from accounts WHERE loginKey=:lgk";
  298. $stmt=$conn->prepare($query);
  299. $stmt->bindParam(":lgk",$key);
  300. $stmt->execute();
  301. return $stmt->fetchColumn();
  302. }
  303. catch(PDOException $e)
  304. {
  305. return -1;
  306. }
  307. }
  308. function delProd($y)
  309. { // Functia cu care stergem produsele din baza de date
  310. // returns: 1=> cand produsul s-a sters.
  311. // 0=> cand pordusul nu s-a sters.
  312. try {
  313. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  314. // set the PDO error mode to exception
  315. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  316. $query="DELETE FROM produse WHERE id=:b";
  317. $stmt=$conn->prepare($query);
  318. $stmt->bindParam(":b",$y);
  319. $stmt->execute();
  320. return 1;
  321. }
  322. catch(PDOException $e)
  323. {
  324. return 0;
  325. }
  326. }
  327.  
  328. function getProd($x=-1)
  329. {
  330. //aceasta functie isi modifica valoarea intoarsa in functie de parametrul x
  331. // x = -1 => functia intoarce pentru fiecare produs din baza de date: nume, id, numele categoriei, pretul, descrierea, imaginea codate in format JSON
  332. // x != -1 =>functia intoarce aceleasi date ca mai sus, insa pentru produsul care are id-ul X
  333. // in caz de erori, functia intoarce 0 in ambele cazuri
  334. try {
  335. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  336. // set the PDO error mode to exception
  337. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  338. if($x==-1)
  339. $query="SELECT produse.nume,produse.id,categorii.nume AS categorie ,produse.pret,produse.descriere,produse.img AS imagine FROM produse JOIN categorii ON categorii.id=produse.categorie";
  340. else
  341. $query="SELECT produse.nume,produse.id,categorii.nume AS categorie ,produse.pret,produse.descriere,produse.img AS imagine FROM produse,categorii WHERE produse.id=:id AND categorii.id=produse.categorie";
  342. $stmt=$conn->prepare($query);
  343. if($x!=-1)
  344. $stmt->bindParam(":id",$x);
  345. $stmt->execute();
  346.  
  347. return json_encode($stmt->fetchAll());
  348. }
  349. catch(PDOException $e)
  350. {
  351. return 0;
  352. }
  353. }
  354. function uploadImg($img)
  355. {//Aceasta functie incarca imaginile produselor in baza de date
  356.  
  357. $target_dir = "./images/";
  358. $target_file = $target_dir . basename($img["name"]);
  359. move_uploaded_file($img["tmp_name"], $target_file);
  360. return $target_file;
  361. }
  362. function adaugareProdus($nume,$categorie,$desc,$pret,$img, $stoc)
  363. {//Aceasta functie adauga produsele in baza de date
  364. //returns: 1=>daca produsul a fost adaugat cu succes
  365. // 0=>daca produsul nu a fost adaugat cu succes
  366. $img=uploadImg($img);
  367. // 'telefon.jpg' -> 'images/telefon.jpg'
  368.  
  369. try {
  370. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  371. // set the PDO error mode to exception
  372. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  373. $query="INSERT INTO produse(nume,categorie,descriere,pret,img,stoc) VALUES(:nume,:categorie,:descriere,:pret,:img,:stoc) ";
  374. $stmt=$conn->prepare($query);
  375. $stmt->bindParam(":nume",$nume);
  376. $stmt->bindParam(":categorie",$categorie);
  377. $stmt->bindParam(":descriere",$desc);
  378. $stmt->bindParam(":pret",$pret);
  379. $stmt->bindParam(":img",$img);
  380. $stmt->bindParam(":stoc",$stoc);
  381. $stmt->execute();
  382. return 1;
  383. }
  384. catch(PDOException $e)
  385. {
  386. return 0;
  387. }
  388. }
  389. function delCat($x)
  390. {//Aceasta functie sterge categoriile din baza de date
  391. //returns: 1=> intoarce 1 cand categoria s-a sters cu succes
  392. // 0=>intoarce 0 cand categoria nu s-a sters cu succes
  393.  
  394. try {
  395. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  396. // set the PDO error mode to exception
  397. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  398. $query="DELETE FROM categorii WHERE id=:a";
  399. $stmt=$conn->prepare($query);
  400. $stmt->bindParam(':a',$x);
  401. $stmt->execute();
  402. return 1;
  403. }
  404. catch(PDOException $e)
  405. {
  406. return 0;
  407. }
  408. }
  409. function rCat()
  410. {//Aceasta functie intoarce in caz de succes id,nume,numarProduse
  411.  
  412. try {
  413. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  414. // set the PDO error mode to exception
  415. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  416. $query="SELECT id,nume,numarProduse FROM categorii";
  417. $stmt = $conn->prepare($query);
  418. $stmt ->execute();
  419. return json_encode($stmt ->fetchAll());
  420. }
  421. catch(PDOException $e)
  422. {
  423. return 0;
  424. }
  425.  
  426. }
  427. function addcat($nm)
  428. {
  429. /***************** FUNCTION DESCRIPTION BELOW *****************************
  430. *
  431. * Function adds a category to our database.
  432. * Returns:
  433. * 0 => category was not added
  434. * 1 => category was successfully added
  435. *
  436. ***************************************************************************/
  437.  
  438. try {
  439. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  440. // set the PDO error mode to exception
  441. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  442. $query="SELECT count(*) FROM categorii where nume=:nume";
  443. $stmt = $conn->prepare($query);
  444. $stmt ->bindParam(":nume",$nm);
  445. $stmt ->execute();
  446. $nr = $stmt -> fetchColumn();
  447. if($nr == 0)
  448. {
  449. $query="INSERT INTO categorii(nume,numarProduse) VALUES(:nume,0)";
  450. $stmt= $conn->prepare($query);
  451. $stmt->bindParam(":nume",$nm);
  452. $stmt->execute();
  453. return 1;
  454. }
  455. else
  456. return 0;
  457. }
  458. catch(PDOException $e)
  459. {
  460. return 0;
  461. }
  462.  
  463. }
  464. function getDetails($loginKey)
  465. {
  466. /***************** OBJECT DESCRIPTION BELOW ********************************
  467. *
  468. * $uData
  469. * succes => it is true when user exists in
  470. * our database, and false when
  471. * there is no user with those
  472. * credentials
  473. * cos => List of user's products in his
  474. * shopping cart. Every product
  475. * separed by a comma
  476. * favorite => List of user's products in his
  477. * favorite list. Every product
  478. * separed by a comma
  479. * prenume => User's first name
  480. ***************************************************************************/
  481. try {
  482. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  483. // set the PDO error mode to exception
  484. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  485.  
  486. $query="SELECT cos,favorite,prenume,oras,judet,adresa,telefon,id,codReducere FROM accounts WHERE loginKey=:lgk";
  487. $stmt = $conn -> prepare ($query);
  488. $stmt -> bindParam(":lgk",$loginKey);
  489. $stmt ->execute();
  490.  
  491. while($row = $stmt->fetch())
  492. if(checkLoginKey($loginKey))
  493. {
  494. $dates = $row;
  495. $queryReduceri = "SELECT tip,categorii,valoare FROM reduceri WHERE cod = :cod";
  496. $state = $conn->prepare($queryReduceri);
  497. $state -> bindParam(":cod", $row["codReducere"]);
  498. $state -> execute();
  499. $state = $state -> fetchAll();
  500. $categoriiReducere = $state[0]["categorii"];
  501. $categoriiReducere = explode(",",$categoriiReducere);
  502. $valReducere = $state[0]["valoare"];
  503. $tipReducere = $state[0]["tip"];
  504.  
  505. $fav = explode(",", $row["favorite"]);
  506. $cos = explode(",", $row["cos"]);
  507. $uId = $row["id"];
  508. $returnFav = array();
  509.  
  510. foreach($fav as $prod)
  511. {
  512.  
  513. $query = "SELECT nume, count(*) AS total FROM produse WHERE id=:id";
  514. $stmt = $conn -> prepare($query);
  515. $stmt -> bindParam(":id", $prod);
  516. $stmt -> execute();
  517. $row = $stmt -> fetch();
  518. if($row["total"] != 0)
  519. $returnFav[] = array("id" => $prod, "nume" => $row[0]);
  520. }
  521.  
  522. $returnCos = array();
  523.  
  524. foreach($cos as $prod)
  525. {
  526. $query = "SELECT nume,count(*) AS total,img,pret,categorie FROM produse WHERE id=:id";
  527. $stmt = $conn -> prepare($query);
  528. $stmt -> bindParam(":id", $prod);
  529. $stmt -> execute();
  530. $row = $stmt -> fetch();
  531. if($row["total"] != 0)
  532. {
  533. if(in_array($row["categorie"], $categoriiReducere) || $tipReducere == 0)
  534. $returnCos[] = array("id" => $prod, "nume" => $row["nume"], "imagine" => $row["img"], "pret" => $row["pret"] - $valReducere);
  535. else
  536. $returnCos[] = array("id" => $prod, "nume" => $row["nume"], "imagine" => $row["img"], "pret" => $row["pret"]);
  537. }
  538. }
  539.  
  540. $query = "SELECT id,data,total,status FROM comenzi WHERE cumparator = :id ORDER BY data DESC";
  541. $stmt = $conn -> prepare($query);
  542. $stmt -> bindParam(":id", $uId);
  543. $stmt -> execute();
  544. $result = $stmt -> fetchAll();
  545. $comenzi = array();
  546. foreach($result as $comanda)
  547. {
  548. $comenzi[]= array("id" => $comanda["id"], "data" => $comanda["data"], "total" => $comanda["total"], "status" => $comanda["status"]);
  549. }
  550.  
  551. $uData = array("success"=>1,"cos"=>$returnCos,
  552. "favorite"=>$returnFav,"prenume"=>$dates[2],
  553. "oras"=>$dates["oras"], "judet"=>$dates["judet"],
  554. "adresa"=>$dates["adresa"], "telefon"=>$dates["telefon"],
  555. "comenzi" => $comenzi);
  556. return json_encode($uData);
  557. }
  558. return json_encode(array("success"=>0));
  559. }
  560. catch(PDOException $e)
  561. {
  562. return json_encode(array("success"=>0));
  563. }
  564. }
  565.  
  566.  
  567. function logIn($email,$uPass)
  568. {
  569. //Functia cu care utilizatorul se poate loga la contul creat.
  570. //returns : 1 => daca utilizator s-a conectat cu succes dupa verificarea parolei
  571. // 0=>daca au aparut erori la logare.
  572. // OBJECTS EXPLAINED BELOW
  573. // $uPass
  574.  
  575. try {
  576. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  577. // set the PDO error mode to exception
  578. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  579.  
  580. $query="SELECT count(*),password FROM accounts WHERE email=:email";
  581. $stmt = $conn -> prepare ($query);
  582. $stmt -> bindParam(":email",$email);
  583.  
  584. $stmt ->execute();
  585. while($row = $stmt->fetch())
  586. if($row[0]!=0)
  587. if(password_verify($uPass, $row[1]))
  588. {//Creaza loginKey,apoi il cripteaza. Trimite catre baza de date noul loginKey corespunzator adresei de email.
  589. $loginKey="".date()."$729ask28".$row[1]."288429429sASF2".$email;
  590. $loginKey=password_hash($loginKey, PASSWORD_BCRYPT);
  591. $query = "UPDATE accounts SET loginKey ='$loginKey' WHERE email=:email";
  592. $stmt = $conn -> prepare($query);
  593. $stmt -> bindParam(":email",$email);
  594. $stmt -> execute();
  595.  
  596. setcookie("loginKey", $loginKey, time() + (86400 * 30), "/"); // 86400 = 1 day
  597. return 1;
  598. }
  599. return 0;
  600. }
  601. catch(PDOException $e)
  602. {
  603. return 0;
  604. }
  605.  
  606. }
  607. function register($nume,$prenume,$email,$pass)
  608. {
  609. /* returns 1 if account was successfully added, otherwise it will return 0 as an error */
  610.  
  611.  
  612. try {
  613. $conn = new PDO("mysql:host=".$GLOBALS["servername"].";dbname=".$GLOBALS["db"], $GLOBALS['username'], $GLOBALS['password']);
  614. // set the PDO error mode to exception
  615. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  616.  
  617. /* Checking if account already exists in our database */
  618. $query2="SELECT count(*) FROM accounts WHERE email=:email";
  619. $stmt = $conn -> prepare($query2);
  620. $stmt -> bindParam(":email",$email);
  621. $stmt ->execute();
  622. $nr = $stmt -> fetchColumn();
  623. if($nr == 0)
  624. {
  625. /* If email is not in our database, we proceed adding it */
  626. $query="INSERT INTO accounts (nume,prenume,email,password) VALUES (:nume,:prenume,:email,:pass)";
  627. $pass = password_hash($pass,PASSWORD_BCRYPT);
  628. $stmt = $conn -> prepare($query);
  629. $stmt -> bindParam(":nume", $nume);
  630. $stmt -> bindParam(":prenume",$prenume);
  631. $stmt -> bindParam(":email",$email);
  632. $stmt -> bindParam(":pass",$pass);
  633. $stmt -> execute();
  634.  
  635. return 1;
  636. }
  637. return 0;
  638. }
  639. catch(PDOException $e)
  640. {
  641. return 0;
  642. }
  643. }
  644.  
  645. function main()
  646. {
  647. $action=$_GET['action'];
  648. switch ($action) {
  649. case "register":
  650. echo register($_POST["nume"],$_POST["prenume"],$_POST["email"],$_POST["pass"]); break;
  651. case "login":
  652. echo logIn($_POST["email"],$_POST["pass"]); break;
  653. case "getDetails":
  654. echo getDetails($_POST["loginKey"]); break;
  655. case "addCat":
  656. echo addcat($_POST["numeCategorie"]); break;
  657. case "retriveCat":
  658. echo rCat(); break;
  659. case "delCat":
  660. echo delCat($_POST["idCat"]);break;
  661. case "addProd":
  662. echo adaugareProdus($_POST["numeProd"],$_POST["catProd"],$_POST["descProd"],$_POST["pretProd"],$_FILES["imgProd"], $_POST["stocProd"]);break;
  663. case "retriveProd":
  664. echo getProd();break;
  665. case "delProd":
  666. echo delProd($_POST["id"]);break;
  667. case "getCategorii":
  668. echo rCat();break;
  669. case "getProdById":
  670. echo getProd($_POST["id"]);break;
  671. case "a2c":
  672. echo addToCart($_POST["loginKey"], $_POST["prodId"]);break;
  673. case "a2p":
  674. echo addToPref($_POST["loginKey"], $_POST["prodId"]);break;
  675. case "editUserDetails":
  676. echo editData($_POST["oras"], $_POST["judet"], $_POST["adresa"],$_POST["telefon"], $_POST["loginKey"]);break;
  677. case "placeOrder":
  678. echo placeOrder($_POST["loginKey"]);break;
  679. case "getOrderById":
  680. echo getOrderById($_POST["loginKey"], $_POST["id"]);break;
  681. case "getDiscount":
  682. echo getDiscount();break;
  683. case "addReducere":
  684. echo addReducere($_POST["cod"], $_POST["cat"],$_POST["val"]);break;
  685. case "stergereReducere":
  686. echo stergereReducere($_POST["id"]);break;
  687. case "getComenzi":
  688. echo getComenzi();break;
  689. case "marcareComanda":
  690. echo marcareComanda($_POST["id"]);break;
  691. case "adaugaCodReducere":
  692. echo adaugaCod($_POST["cod"], $_POST["loginKey"]);break;
  693. case "getProdStocMic":
  694. echo getProdStoc();break;
  695. default:
  696. // code...
  697. break;
  698. }
  699. }
  700.  
  701.  
  702.  
  703. main();
  704.  
  705. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!