Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- if ((!isset($_POST['login'])) || (!isset($_POST['haslo'])))
- {
- header('Location: ../index.php');
- exit();
- }
- require("polacz.php");
- $login = $_POST['login'];
- $haslo = $_POST['haslo'];
- $login = htmlentities($login, ENT_QUOTES, "UTF-8");
- if ($rezultat = @$connection->query(
- sprintf("SELECT * FROM users WHERE login='%s'",
- mysqli_real_escape_string($connection,$login))))
- {
- $ilu_userow = $rezultat->num_rows;
- if($ilu_userow>0)
- {
- $row = $rezultat->fetch_assoc();
- if (password_verify($haslo, $row['haslo']))
- {
- $_SESSION['zalogowany'] = true;
- $_SESSION['login'] = $row['login'];
- $_SESSION['uprawnienia'] = $row['uprawnienia'];
- unset($_SESSION['blad']);
- $rezultat->free_result();
- header('Location: ../php2/index2.php');
- }
- else
- {
- $_SESSION['blad'] = 'Zły login lub hasło!';
- echo $_POST['haslo'];
- header('Location: ../index.php');
- }
- } else {
- $_SESSION['blad'] = 'Zły login lub hasło!';
- header('Location: ../index.php');
- }
- }
- $connection->close();
- ?>
- SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
- SET AUTOCOMMIT = 0;
- START TRANSACTION;
- SET time_zone = "+00:00";
- CREATE DATABASE IF NOT EXISTS `Wynajem` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci;
- USE `Wynajem`;
- CREATE TABLE `klient` (
- `Id_Klienta` int(11) NOT NULL,
- `NazwaKlienta` text NOT NULL
- ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
- INSERT INTO `klient` (`Id_Klienta`, `NazwaKlienta`) VALUES
- (1, 'admin'),
- (2, 'user');
- CREATE TABLE `samochod` (
- `Id` int(11) NOT NULL,
- `Model` text COLLATE utf8_polish_ci NOT NULL,
- `Marka` text COLLATE utf8_polish_ci NOT NULL,
- `Cena` float NOT NULL,
- `data` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
- ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_polish_ci;
- INSERT INTO `samochod` (`Id`, `Model`, `Marka`, `Cena`, `data`) VALUES
- (1, 'a1', 'audi', 1250.99, '2018-06-07 08:29:57'),
- (2, 'a2', 'audi', 2250.99, '2018-06-07 08:30:27'),
- (3, 'a3', 'audi', 3250.99, '2018-06-07 08:31:37'),
- (4, 'a4', 'audi', 4250.99, '2018-06-07 08:31:47'),
- (5, 'a5', 'audi', 5250.99, '2018-06-07 08:31:59'),
- (6, 'a6', 'audi', 6250.99, '2018-06-07 08:32:04'),
- (7, 'a7', 'audi', 7250.99, '2018-06-07 08:32:16'),
- (8, 'a8', 'audi', 8250.99, '2018-06-07 08:32:29'),
- (9,'a9', 'audi', 9250.99, '2018-06-07 08:32:43'),
- (10, 'a10', 'audi', 1250.99, '2018-06-07 08:32:54');
- CREATE TABLE `users` (
- `user_id` int(11) NOT NULL,
- `login` text NOT NULL,
- `email` text NOT NULL,
- `haslo` text NOT NULL,
- `uprawnienia` text NOT NULL
- ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
- INSERT INTO `users` (`user_id`, `login`, `email`, `haslo`, `uprawnienia`) VALUES
- (0, 'admin', 'admin@interia.pl', '$2y$10$zzVLOlNOTyfoZBoGoHKdiOVGYr8qly3ga8CgE9YXPwWFmfmd0.nQ6', 'kierownik'),
- (4, 'pracownik', 'pracownik@interia.pl', '$2y$10$yF0ITtf9lLKbu0F.JY6PTOrBORfYNKCJwG0TNxvbLFNwW7q5K8THa', 'pracownik'),
- (5, 'Kierownik', 'kierownik@interia.pl', '$2y$10$TwdfSlN1munSqzggmJpcp.zy1h/7mZQIWrESBIKOKdsTtOqvivrxm', 'kierownik');
- ALTER TABLE `samochod`
- ADD PRIMARY KEY (`Id`);
- ALTER TABLE `users`
- ADD PRIMARY KEY (`user_id`);
- ALTER TABLE `klient`
- ADD PRIMARY KEY (`Id_Klienta`);
- ALTER TABLE `klient`
- MODIFY `Id_Klienta` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=3;
- ALTER TABLE `samochod`
- MODIFY `Id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=11;
- ALTER TABLE `users`
- MODIFY `user_id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=6;
- COMMIT;
- <?php
- session_start();
- if ((isset($_SESSION['zalogowany'])) && ($_SESSION['zalogowany']==true))
- {
- header('Location: index2.php');
- exit();
- }
- if (isset($_POST['email']))
- {
- $walidacja=true;
- $login = $_POST['login'];
- if ((strlen($login)<3) || (strlen($login)>20))
- {
- $walidacja=false;
- $_SESSION['e_login']="login od 3 do 20 znaków!";
- }
- $email = $_POST['email'];
- $haslo1 = $_POST['haslo1'];
- $haslo2 = $_POST['haslo2'];
- if ((strlen($haslo1)<8) || (strlen($haslo1)>20))
- {
- $walidacja=false;
- $_SESSION['e_haslo']="Hasło od 8 do 20 znaków!";
- }
- if ($haslo1!=$haslo2)
- {
- $walidacja=false;
- $_SESSION['e_haslo']="Podane hasła nie identyczne!";
- }
- $haslo_hash = password_hash($haslo1, PASSWORD_DEFAULT);
- if (!isset($_POST['regulamin']))
- {
- $walidacja=false;
- $_SESSION['e_regulamin']="Potwierdź regulamin!";
- }
- require_once "php/polacz.php";
- mysqli_report(MYSQLI_REPORT_STRICT);
- try
- {
- if ($connection->connect_errno!=0)
- {
- throw new Exception(mysqli_connect_errno());
- }
- else
- {
- $result = $connection->query("SELECT user_id FROM users WHERE email='$email'");
- if (!$result) throw new Exception($connection->error);
- $mails_number = $result->num_rows;
- if($mails_number>0)
- {
- $walidacja=false;
- $_SESSION['e_email']="Istnieje już konto przypisane do tego adresu e-mail!";
- }
- $result = $connection->query("SELECT user_id FROM users WHERE login='$login'");
- if (!$result) throw new Exception($connection->error);
- $ile_takich_loginow = $result->num_rows;
- if($ile_takich_loginow>0)
- {
- $walidacja=false;
- $_SESSION['e_login']="Istnieje już gracz o takim loginu! Wybierz inny.";
- }
- if ($walidacja==true)
- {
- if ($connection->query("INSERT INTO users (login, haslo, email ) VALUES ('$login', '$haslo_hash', '$email')"))
- {
- $_SESSION['udanarejestracja']=true;
- header('Location: index.php');
- }
- else
- {
- throw new Exception($connection->error);
- }
- }
- $connection->close();
- }
- }
- catch(Exception $e)
- {
- echo '<span style="color:red;">Błąd!</span>';
- }
- }
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="utf-8">
- <meta http-equiv="X-UA-Compatible" content="IE=edge">
- <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
- <title>Wypożyczyalnia</title>
- <link href="vendor/bootstrap/css/bootstrap.min.css" rel="stylesheet">
- <link href="vendor/datatables/dataTables.bootstrap4.css" rel="stylesheet">
- <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.0.13/css/all.css" integrity="sha384-DNOHZ68U8hZfKXOrtjWvjxusGo9WQnrNx2sqG0tfsghAvtVlRW3tvkXWZh58N9jp" crossorigin="anonymous">
- </head>
- <body class="bg-dark">
- <div class="container">
- <div class="card card-register mx-auto mt-7">
- <div class="card-header">Zarejestruj nowe konto</div>
- <div class="card-body">
- <form method="post">
- <div class="form-group">
- <label>Login</label>
- <input class="form-control" type="text" placeholder="Podaj login" name="login" / >
- </div>
- <div class="form-group">
- <label>Email</label>
- <input class="form-control" type="email" placeholder="Podaj email" name="email">
- </div>
- <div class="form-group">
- <div class="form-row">
- <div class="col-md-4">
- <label>Hasło</label>
- <input class="form-control" type="password" placeholder="Hasło" name="haslo1" />
- </div>
- <div class="col-md-6">
- <label>Powtórz Hasło</label>
- <input class="form-control" type="password" placeholder="Powtórz Hasło" name="haslo2" />
- </div>
- </div>
- </div>
- <div class="form-group">
- <label>
- <input type="checkbox" name="regulamin" />
- Akceptuję regulamin
- </label>
- </div>
- <div class="sub">
- <input class="btn btn-primary btn-block" type="submit" value="Zarejestruj się" />
- </div>
- </form>
- <div class="text-center">
- <a class="d-block small mt-3" href="index.php">Jeśli posiadasz konto to przejdź do panelu logowania</a> <br />
- </div>
- </div>
- </div>
- </div>
- </body>
- </html>
- <?php
- //Potrzebne dane do połączenia z bazą danych
- $servername = "localhost";
- $username = "root";
- $password = "";
- $dbname = "Wynajem";
- $connection = new mysqli($servername, $username, $password, $dbname);
- if ($connection->connect_error) {
- die("Connection failed: " . $connection->connect_error);
- }
- ?>
- <?php
- //Potrzebne dane do połączenia z bazą danych
- $servername = "localhost";
- $username = "root";
- $password = "";
- $dbname = "Wynajem";
- $connection = new mysqli($servername, $username, $password, $dbname);
- if ($connection->connect_error) {
- die("Connection failed: " . $connection->connect_error);
- }
- ?>
- <?php
- //----------------------------------
- session_start();
- require("polacz.php");
- $queryShow = 'SELECT * FROM samochod';
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="utf-8">
- <meta http-equiv="X-UA-Compatible" content="IE=edge">
- <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
- <title>Wypożyczyalnia</title>
- <link href="vendor/bootstrap/css/bootstrap.min.css" rel="stylesheet">
- <link href="vendor/datatables/dataTables.bootstrap4.css" rel="stylesheet">
- </head>
- <body class="fixed-nav sticky-footer bg-dark" id="page-top">
- <a href="logout.php">
- <i class="fas fa-sign-out-alt"></i> Logout</a>
- <?php
- if(isset($_SESSION['komunikat'])){
- echo '<div class="alert alert-danger error" role="alert"><strong>Komunikat!</strong> '. $_SESSION['komunikat'] . '</div>';
- unset($_SESSION['komunikat']);
- }
- ?>
- <table width="100%" cellspacing="0" , bgcolor="white">
- <thead>
- <tr>
- <th>Id Samochodu</th>
- <th>Model</th>
- <th>Marka</th>
- <th>Cena</th>
- <th>Data dodania</th>
- <th>Usuń</th>
- </tr>
- </thead>
- <tbody>
- <?php
- $result = $connection->query($queryShow);
- while ($row=$result->fetch_assoc()) {
- $id = $row['Id'];
- $marka = $row['Marka'];
- $model = $row['Model'];
- $cena = $row['Cena'];
- $time = strtotime($row["data"]);
- $rok = date('Y', $time);
- $miesiac = date('m', $time);
- $dzien = date('d', $time);
- echo "<tr><td>$id</td> <td>$marka</td> <td>$model</td> <td>$cena</td> <td>$rok/$miesiac/$dzien</td>";
- if($_SESSION['uprawnienia'] == "kierownik"){
- echo "<td><form action=\"php/funkcje.php\" method=\"post\"><button type=\"submit\" name=\"delete\"class=\"btn btn-danger btn-sm\" value=\"" . htmlspecialchars($id) . "\">DEL</button></form></td></tr>";}
- else echo "</tr>";
- }
- ?>
- </tbody>
- </table>
- <?php if($_SESSION['uprawnienia'] == "pracownik"){ ?>
- <div class="container-fluid">
- <h3>Dodaj</h3>
- <form class="klasa" action="php/funkcje.php" method="POST">
- <div class="form-row">
- <div class="col">
- <input type="text" class="form-control" placeholder="Id" name="IdSamochodu" required>
- </div>
- <div class="col">
- <input type="text" class="form-control" placeholder="Model" name="ModelSamochodu" required>
- </div>
- <div class="col">
- <input type="text" class="form-control" placeholder="Marka" name="MarkaSamochodu" required>
- </div>
- <div class="col">
- <input type="number" step="any" min="0" class="form-control" placeholder="cena" name="cenaWynajmu" required>
- </div>
- <button type="submit" class="btn btn-primary" name="dodaj">OK</button>
- </div>
- </form>
- </div>
- <br /><br />
- <?php } ?>
- <?php if($_SESSION['uprawnienia'] == "kierownik"){ ?>
- <div class="container-fluid">
- <h3>Dodaj</h3>
- <form class="klasa" action="php/funkcje.php" method="POST">
- <div class="form-row">
- <div class="col">
- <input type="text" class="form-control" placeholder="Id" name="IdSamochodu" required>
- </div>
- <div class="col">
- <input type="text" class="form-control" placeholder="Model" name="ModelSamochodu" required>
- </div>
- <div class="col">
- <input type="text" class="form-control" placeholder="Marka" name="MarkaSamochodu" required>
- </div>
- <div class="col">
- <input type="number" step="any" min="0" class="form-control" placeholder="cena" name="cenaWynajmu" required>
- </div>
- <button type="submit" class="btn btn-primary" name="dodaj">OK</button>
- </div>
- </form>
- </div>
- <br /><br />
- <?php } ?>
- <?php if($_SESSION['uprawnienia'] == "kierownik"){ ?>
- <!-- Formularz aktualizujący rekord w bazie -->
- <div class="container-fluid">
- <h3>Edytuj</h3>
- <form class="klasa" action="php/funkcje.php" method="POST">
- <div class="form-row">
- <div class="col">
- <input type="text" class="form-control" placeholder="Id" name="IdS" required>
- </div>
- <div class="col">
- <input type="text" class="form-control" placeholder="Model" name="Model" required>
- </div>
- <div class="col">
- <input type="text" class="form-control" placeholder="Marka" name="Marka" required>
- </div>
- <div class="col">
- <input type="number" step="any" min="0" class="form-control" placeholder="cena" name="cena">
- </div>
- <button type="submit" class="btn btn-primary" name="update">OK</button>
- </div>
- </form>
- </div>
- <br /><br />
- </div>
- <?php } ?>
- </div>
- </body>
- </html>
- <?php
- //----------------------------------
- session_start();
- if ((isset($_SESSION['zalogowany'])) && ($_SESSION['zalogowany']==true))
- {
- header('Location: index2.php');
- exit();
- }
- require("polacz.php");
- $queryShow = 'SELECT * FROM samochod';
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="utf-8">
- <meta http-equiv="X-UA-Compatible" content="IE=edge">
- <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
- <title>Wypożyczyalnia</title>
- <link href="vendor/bootstrap/css/bootstrap.min.css" rel="stylesheet">
- <link href="vendor/datatables/dataTables.bootstrap4.css" rel="stylesheet">
- </head>
- <body class="fixed-nav sticky-footer bg-dark" id="page-top">
- <form action="zaloguj.php" method="post">
- <div class="form-group">
- <label for="exampleInputLogin" color="white">Login pracownik lub kierownik</label>
- <input class="form-control" id="exampleInputLogin" type="text" aria-describedby="loginHelp" name="login" placeholder="Podaj login" required>
- </div>
- <div class="form-group">
- <label for="exampleInputPassword1">Hasło Pracownik123 lub Kierownik123 odpowiednio</label>
- <input class="form-control" id="exampleInputPassword1" type="password" name="haslo" placeholder="Hasło" required>
- </div>
- <button class="btn btn-primary btn-block" type="submit">Login</button>
- </form>
- <div class="text-center">
- <a class="d-block small mt-3" href="register.php">Zarejestruj się</a>
- </div>
- <table width="100%" cellspacing="0" , bgcolor="white">
- <thead>
- <tr>
- <th>Id Samochodu</th>
- <th>Model</th>
- <th>Marka</th>
- <th>Cena</th>
- <th>Data dodania</th>
- </tr>
- </thead>
- <tbody>
- <?php
- $result = $connection->query($queryShow);
- while ($row=$result->fetch_assoc()) {
- $id = $row['Id'];
- $marka = $row['Marka'];
- $model = $row['Model'];
- $cena = $row['Cena'];
- $time = strtotime($row["data"]);
- $rok = date('Y', $time);
- $miesiac = date('m', $time);
- $dzien = date('d', $time);
- echo "<tr><td>$id</td> <td>$marka</td> <td>$model</td> <td>$cena</td> <td>$rok/$miesiac/$dzien</td>";
- }
- ?>
- </tbody>
- </table>
- </div>
- </body>
- </html>
- <?php
- //----------------------------------
- session_start();
- require("polacz.php");
- //----------------------------------
- /* ### DODAJ DO BAZY DANYCH ### */
- function Dodaj($connection) {
- // Escape user inputs for security
- $Id = mysqli_real_escape_string($connection, $_REQUEST['Id']);
- $Model = mysqli_real_escape_string($connection, $_REQUEST['Model']);
- $Marka = mysqli_real_escape_string($connection, $_REQUEST['Marka']);
- $Cena = mysqli_real_escape_string($connection, $_REQUEST['Cena']);
- $sql = "INSERT INTO samochod (Id, Model, Marka, Cena) VALUES ('$Id', '$Model', '$Marka', '$Cena')";
- if(mysqli_query($connection, $sql) == True){
- $_SESSION['komunikat'] = "Dodano.";
- } else {
- $_SESSION['komunikat'] = "Nie dodano.";
- }
- mysqli_close($connection);
- }
- function Usun($connection) {
- // Escape user inputs for security
- $Id = mysqli_real_escape_string($connection, $_REQUEST['delete']);
- $sql = "DELETE FROM samochod WHERE Id=$Id";
- if(mysqli_query($connection, $sql) == True){
- $_SESSION['komunikat'] = "Usunięto wiersz";
- } else {
- $_SESSION['komunikat'] = "Niepowodzenie usuwania";
- }
- mysqli_close($connection);
- }
- function Edytuj($connection) {
- $Id = mysqli_real_escape_string($connection, $_REQUEST['Id']);
- $query = "SELECT * FROM samochod where Id=$Id";
- $result = mysqli_query($connection, $query);
- while ($row=$result->fetch_assoc()) {
- $id = $row['Id'];
- $Model = $row['Model'];
- $Marka = $row['Marka'];
- $Cena = $row['Cena'];
- }
- if(!empty($_REQUEST['Model'])) { $Model = mysqli_real_escape_string($connection, $_REQUEST['Model']); } else { $Model = mysqli_real_escape_string($connection, $Model); }
- if(!empty($_REQUEST['Marka'])) { $Marka = mysqli_real_escape_string($connection, $_REQUEST['Marka']); } else { $Marka = mysqli_real_escape_string($connection, $Marka); }
- if(!empty($_REQUEST['Cena'])) { $Cena = mysqli_real_escape_string($connection, $_REQUEST['Cena']); } else { $Cena = mysqli_real_escape_string($connection, $Cena); }
- $sql = "UPDATE samochod SET Model='$Model', Marka='$Marka', Cena='$Cena' WHERE Id=$Id";
- if(mysqli_query($connection, $sql) == True){
- $_SESSION['komunikat'] = "Pomyślna aktualizacja wierszu";
- } else {
- $_SESSION['komunikat'] = "Nie zaktualizowano wiersza.";
- }
- mysqli_close($connection);
- }
- /* ### W ZALEŻNOŚCI OD KLIKNIĘTEGO BUTTONA WYKONAJ DANĄ FUNKCJE ### */
- if($_SERVER['REQUEST_METHOD'] == "POST" and isset($_POST['dodaj'])) {
- Dodaj($connection);
- }
- else if($_SERVER['REQUEST_METHOD'] == "POST" and isset($_POST['delete'])) {
- Usun($connection);
- }
- else if($_SERVER['REQUEST_METHOD'] == "POST" and isset($_POST['update'])) {
- Edytuj($connection);
- }
- header('Location: ../index2.php');
- ?>
- ------ DRUGIE
- <?php
- session_start();
- if ((!isset($_POST['login'])) || (!isset($_POST['haslo'])))
- {
- header('Location: ../index.php');
- exit();
- }
- require("polacz.php");
- $login = $_POST['login'];
- $haslo = $_POST['haslo'];
- $login = htmlentities($login, ENT_QUOTES, "UTF-8");
- if ($rezultat = @$connection->query(
- sprintf("SELECT * FROM users WHERE login='%s'",
- mysqli_real_escape_string($connection,$login))))
- {
- $ilu_userow = $rezultat->num_rows;
- if($ilu_userow>0)
- {
- $row = $rezultat->fetch_assoc();
- if (password_verify($haslo, $row['haslo']))
- {
- $_SESSION['zalogowany'] = true;
- $_SESSION['login'] = $row['login'];
- $_SESSION['uprawnienia'] = $row['uprawnienia'];
- unset($_SESSION['blad']);
- $rezultat->free_result();
- header('Location: ../php3/index2.php');
- }
- else
- {
- $_SESSION['blad'] = 'Zły login lub hasło!';
- echo $_POST['haslo'];
- header('Location: ../index.php');
- }
- } else {
- $_SESSION['blad'] = 'Zły login lub hasło!';
- header('Location: ../index.php');
- }
- }
- $connection->close();
- ?>
- <?php
- session_start();
- if ((isset($_SESSION['zalogowany'])) && ($_SESSION['zalogowany']==true))
- {
- header('Location: index2.php');
- exit();
- }
- if (isset($_POST['email']))
- {
- $walidacja=true;
- $login = $_POST['login'];
- if ((strlen($login)<3) || (strlen($login)>20))
- {
- $walidacja=false;
- $_SESSION['e_login']="login od 3 do 20 znaków!";
- }
- $email = $_POST['email'];
- $haslo1 = $_POST['haslo1'];
- $haslo2 = $_POST['haslo2'];
- if ((strlen($haslo1)<8) || (strlen($haslo1)>20))
- {
- $walidacja=false;
- $_SESSION['e_haslo']="Hasło od 8 do 20 znaków!";
- }
- if ($haslo1!=$haslo2)
- {
- $walidacja=false;
- $_SESSION['e_haslo']="Podane hasła nie identyczne!";
- }
- $haslo_hash = password_hash($haslo1, PASSWORD_DEFAULT);
- if (!isset($_POST['regulamin']))
- {
- $walidacja=false;
- $_SESSION['e_regulamin']="Potwierdź regulamin!";
- }
- require_once "php/polacz.php";
- mysqli_report(MYSQLI_REPORT_STRICT);
- try
- {
- if ($connection->connect_errno!=0)
- {
- throw new Exception(mysqli_connect_errno());
- }
- else
- {
- $result = $connection->query("SELECT user_id FROM users WHERE email='$email'");
- if (!$result) throw new Exception($connection->error);
- $mails_number = $result->num_rows;
- if($mails_number>0)
- {
- $walidacja=false;
- $_SESSION['e_email']="Istnieje już konto przypisane do tego adresu e-mail!";
- }
- $result = $connection->query("SELECT user_id FROM users WHERE login='$login'");
- if (!$result) throw new Exception($connection->error);
- $ile_takich_loginow = $result->num_rows;
- if($ile_takich_loginow>0)
- {
- $walidacja=false;
- $_SESSION['e_login']="Istnieje już gracz o takim loginu! Wybierz inny.";
- }
- if ($walidacja==true)
- {
- if ($connection->query("INSERT INTO users (login, haslo, email ) VALUES ('$login', '$haslo_hash', '$email')"))
- {
- $_SESSION['udanarejestracja']=true;
- header('Location: index.php');
- }
- else
- {
- throw new Exception($connection->error);
- }
- }
- $connection->close();
- }
- }
- catch(Exception $e)
- {
- echo '<span style="color:red;">Błąd!</span>';
- }
- }
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="utf-8">
- <meta http-equiv="X-UA-Compatible" content="IE=edge">
- <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
- <title>Wypożyczyalnia</title>
- <link href="vendor/bootstrap/css/bootstrap.min.css" rel="stylesheet">
- <link href="vendor/datatables/dataTables.bootstrap4.css" rel="stylesheet">
- <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.0.13/css/all.css" integrity="sha384-DNOHZ68U8hZfKXOrtjWvjxusGo9WQnrNx2sqG0tfsghAvtVlRW3tvkXWZh58N9jp" crossorigin="anonymous">
- </head>
- <body class="bg-dark">
- <div class="container">
- <div class="card card-register mx-auto mt-7">
- <div class="card-header">Zarejestruj nowe konto</div>
- <div class="card-body">
- <form method="post">
- <div class="form-group">
- <label>Login</label>
- <input class="form-control" type="text" placeholder="Podaj login" name="login" / >
- </div>
- <div class="form-group">
- <label>Email</label>
- <input class="form-control" type="email" placeholder="Podaj email" name="email">
- </div>
- <div class="form-group">
- <div class="form-row">
- <div class="col-md-4">
- <label>Hasło</label>
- <input class="form-control" type="password" placeholder="Hasło" name="haslo1" />
- </div>
- <div class="col-md-6">
- <label>Powtórz Hasło</label>
- <input class="form-control" type="password" placeholder="Powtórz Hasło" name="haslo2" />
- </div>
- </div>
- </div>
- <div class="form-group">
- <label>
- <input type="checkbox" name="regulamin" />
- Akceptuję regulamin
- </label>
- </div>
- <div class="sub">
- <input class="btn btn-primary btn-block" type="submit" value="Zarejestruj się" />
- </div>
- </form>
- <div class="text-center">
- <a class="d-block small mt-3" href="index.php">Jeśli posiadasz konto to przejdź do panelu logowania</a> <br />
- </div>
- </div>
- </div>
- </div>
- </body>
- </html>
- <?php
- //Potrzebne dane do połączenia z bazą danych
- $servername = "localhost";
- $username = "root";
- $password = "";
- $dbname = "Magazyn";
- $connection = new mysqli($servername, $username, $password, $dbname);
- if ($connection->connect_error) {
- die("Connection failed: " . $connection->connect_error);
- }
- ?>
- <?php
- session_start();
- session_unset();
- header('Location: ../php3/index.php');
- ?>
- SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
- SET AUTOCOMMIT = 0;
- START TRANSACTION;
- SET time_zone = "+00:00";
- CREATE DATABASE IF NOT EXISTS `Magazyn` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci;
- USE `Magazyn`;
- CREATE TABLE `Faktury` (
- `Id_Faktury` int(11) NOT NULL,
- `NazwaFaktury` text NOT NULL
- ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
- INSERT INTO `Faktury` (`Id_Faktury`, `NazwaFaktury`) VALUES
- (1, 'admin'),
- (2, 'user');
- CREATE TABLE `Towar` (
- `Id` int(11) NOT NULL,
- `Nazwa` text COLLATE utf8_polish_ci NOT NULL,
- `Marka` text COLLATE utf8_polish_ci NOT NULL,
- `Cena` float NOT NULL,
- `data` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
- ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_polish_ci;
- INSERT INTO `Towar` (`Id`, `Nazwa`, `Marka`, `Cena`, `data`) VALUES
- (1, 'drabina', 'marka1', 1250.99, '2018-06-07 08:29:57'),
- (2, 'szpachla', 'marka2', 2250.99, '2018-06-07 08:30:27'),
- (3, 'koparka', 'marka3', 3250.99, '2018-06-07 08:31:37'),
- (4, 'dzwig', 'marka4', 4250.99, '2018-06-07 08:31:47'),
- (5, 'tapeta', 'marka1', 5250.99, '2018-06-07 08:31:59'),
- (6, 'gwozdzie', 'marka1', 6250.99, '2018-06-07 08:32:04'),
- (7, 'mlotek', 'marka1', 7250.99, '2018-06-07 08:32:16'),
- (8, 'siekiera', 'marka1', 8250.99, '2018-06-07 08:32:29'),
- (9,'lopata', 'marka1', 9250.99, '2018-06-07 08:32:43'),
- (10, 'kilof', 'marka1', 1250.99, '2018-06-07 08:32:54');
- CREATE TABLE `users` (
- `user_id` int(11) NOT NULL,
- `login` text NOT NULL,
- `email` text NOT NULL,
- `haslo` text NOT NULL,
- `uprawnienia` text NOT NULL
- ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
- INSERT INTO `users` (`user_id`, `login`, `email`, `haslo`, `uprawnienia`) VALUES
- (0, 'admin', 'admin@interia.pl', '$2y$10$zzVLOlNOTyfoZBoGoHKdiOVGYr8qly3ga8CgE9YXPwWFmfmd0.nQ6', 'kierownik'),
- (4, 'pracownik', 'pracownik@interia.pl', '$2y$10$yF0ITtf9lLKbu0F.JY6PTOrBORfYNKCJwG0TNxvbLFNwW7q5K8THa', 'pracownik'),
- (5, 'Kierownik', 'kierownik@interia.pl', '$2y$10$TwdfSlN1munSqzggmJpcp.zy1h/7mZQIWrESBIKOKdsTtOqvivrxm', 'kierownik');
- ALTER TABLE `Towar`
- ADD PRIMARY KEY (`Id`);
- ALTER TABLE `users`
- ADD PRIMARY KEY (`user_id`);
- ALTER TABLE `Faktury`
- ADD PRIMARY KEY (`Id_Faktury`);
- ALTER TABLE `Faktury`
- MODIFY `Id_Faktury` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=3;
- ALTER TABLE `Towar`
- MODIFY `Id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=11;
- ALTER TABLE `users`
- MODIFY `user_id` int(11) NOT NULL AUTO_INCREMENT, AUTO_INCREMENT=6;
- COMMIT;
- <?php
- //----------------------------------
- session_start();
- require("polacz.php");
- $queryShow = 'SELECT * FROM Towar';
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="utf-8">
- <meta http-equiv="X-UA-Compatible" content="IE=edge">
- <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
- <title>Wypożyczyalnia</title>
- <link href="vendor/bootstrap/css/bootstrap.min.css" rel="stylesheet">
- <link href="vendor/datatables/dataTables.bootstrap4.css" rel="stylesheet">
- </head>
- <body class="fixed-nav sticky-footer bg-dark" id="page-top">
- <a href="logout.php">
- <i class="fas fa-sign-out-alt"></i> Logout</a>
- <?php
- if(isset($_SESSION['komunikat'])){
- echo '<div class="alert alert-danger error" role="alert"><strong>Komunikat!</strong> '. $_SESSION['komunikat'] . '</div>';
- unset($_SESSION['komunikat']);
- }
- ?>
- <table width="100%" cellspacing="0" , bgcolor="white">
- <thead>
- <tr>
- <th>Id Towaru</th>
- <th>Nazwa</th>
- <th>Marka</th>
- <th>Cena</th>
- <th>Data dodania</th>
- <th>Usuń</th>
- </tr>
- </thead>
- <tbody>
- <?php
- $result = $connection->query($queryShow);
- while ($row=$result->fetch_assoc()) {
- $id = $row['Id'];
- $nazwa = $row['Nazwa'];
- $marka = $row['Marka'];
- $cena = $row['Cena'];
- $time = strtotime($row["data"]);
- $rok = date('Y', $time);
- $miesiac = date('m', $time);
- $dzien = date('d', $time);
- echo "<tr><td>$id</td> <td>$nazwa</td> <td>$marka</td> <td>$cena</td> <td>$rok/$miesiac/$dzien</td>";
- if($_SESSION['uprawnienia'] == "kierownik"){
- echo "<td><form action=\"php/funkcje.php\" method=\"post\"><button type=\"submit\" name=\"delete\"class=\"btn btn-danger btn-sm\" value=\"" . htmlspecialchars($id) . "\">DEL</button></form></td></tr>";}
- else echo "</tr>";
- }
- ?>
- </tbody>
- </table>
- <?php if($_SESSION['uprawnienia'] == "pracownik"){ ?>
- <div class="container-fluid">
- <h3>Dodaj</h3>
- <form class="klasa" action="php/funkcje.php" method="POST">
- <div class="form-row">
- <div class="col">
- <input type="text" class="form-control" placeholder="Id" name="Id" required>
- </div>
- <div class="col">
- <input type="text" class="form-control" placeholder="Nazwa" name="Nazwa" required>
- </div>
- <div class="col">
- <input type="text" class="form-control" placeholder="Marka" name="Marka" required>
- </div>
- <div class="col">
- <input type="number" step="any" min="0" class="form-control" placeholder="cena" name="Cena" required>
- </div>
- <button type="submit" class="btn btn-primary" name="dodaj">OK</button>
- </div>
- </form>
- </div>
- <br /><br />
- <?php } ?>
- <?php if($_SESSION['uprawnienia'] == "kierownik"){ ?>
- <div class="container-fluid">
- <h3>Dodaj</h3>
- <form class="klasa" action="php/funkcje.php" method="POST">
- <div class="form-row">
- <div class="col">
- <input type="text" class="form-control" placeholder="Id" name="Id" required>
- </div>
- <div class="col">
- <input type="text" class="form-control" placeholder="Nazwa" name="Nazwa" required>
- </div>
- <div class="col">
- <input type="text" class="form-control" placeholder="Marka" name="Marka" required>
- </div>
- <div class="col">
- <input type="number" step="any" min="0" class="form-control" placeholder="cena" name="Cena" required>
- </div>
- <button type="submit" class="btn btn-primary" name="dodaj">OK</button>
- </div>
- </form>
- </div>
- <br /><br />
- <?php } ?>
- <?php if($_SESSION['uprawnienia'] == "kierownik"){ ?>
- <!-- Formularz aktualizujący rekord w bazie -->
- <div class="container-fluid">
- <h3>Edytuj</h3>
- <form class="klasa" action="php/funkcje.php" method="POST">
- <div class="form-row">
- <div class="col">
- <input type="text" class="form-control" placeholder="Id" name="Id" required>
- </div>
- <div class="col">
- <input type="text" class="form-control" placeholder="Nazwa" name="Nazwa" required>
- </div>
- <div class="col">
- <input type="text" class="form-control" placeholder="Marka" name="Marka" required>
- </div>
- <div class="col">
- <input type="number" step="any" min="0" class="form-control" placeholder="cena" name="Cena" required>
- </div>
- <button type="submit" class="btn btn-primary" name="update">OK</button>
- </div>
- </form>
- </div>
- <br /><br />
- </div>
- <?php } ?>
- </div>
- </body>
- </html>
- <?php
- //----------------------------------
- session_start();
- if ((isset($_SESSION['zalogowany'])) && ($_SESSION['zalogowany']==true))
- {
- header('Location: index2.php');
- exit();
- }
- require("polacz.php");
- $queryShow = 'SELECT * FROM Towar';
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <meta charset="utf-8">
- <meta http-equiv="X-UA-Compatible" content="IE=edge">
- <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
- <title>Wypożyczyalnia</title>
- <link href="vendor/bootstrap/css/bootstrap.min.css" rel="stylesheet">
- <link href="vendor/datatables/dataTables.bootstrap4.css" rel="stylesheet">
- </head>
- <body class="fixed-nav sticky-footer bg-dark" id="page-top">
- <form action="zaloguj.php" method="post">
- <div class="form-group">
- <label for="exampleInputLogin" color="white">Login pracownik lub kierownik</label>
- <input class="form-control" id="exampleInputLogin" type="text" aria-describedby="loginHelp" name="login" placeholder="Podaj login" required>
- </div>
- <div class="form-group">
- <label for="exampleInputPassword1">Hasło Pracownik123 lub Kierownik123 odpowiednio</label>
- <input class="form-control" id="exampleInputPassword1" type="password" name="haslo" placeholder="Hasło" required>
- </div>
- <button class="btn btn-primary btn-block" type="submit">Login</button>
- </form>
- <div class="text-center">
- <a class="d-block small mt-3" href="register.php">Zarejestruj się</a>
- </div>
- <table width="100%" cellspacing="0" , bgcolor="white">
- <thead>
- <tr>
- <th>Id Towaru</th>
- <th>Nazwa</th>
- <th>Marka</th>
- <th>Cena</th>
- <th>Data dodania</th>
- </tr>
- </thead>
- <tbody>
- <?php
- $result = $connection->query($queryShow);
- while ($row=$result->fetch_assoc()) {
- $id = $row['Id'];
- $nazwa = $row['Nazwa'];
- $marka = $row['Marka'];
- $cena = $row['Cena'];
- $time = strtotime($row["data"]);
- $rok = date('Y', $time);
- $miesiac = date('m', $time);
- $dzien = date('d', $time);
- echo "<tr><td>$id</td> <td>$nazwa</td> <td>$marka</td> <td>$cena</td> <td>$rok/$miesiac/$dzien</td>";
- }
- ?>
- </tbody>
- </table>
- </div>
- </body>
- </html>
- <?php
- //----------------------------------
- session_start();
- require("polacz.php");
- //----------------------------------
- /* ### DODAJ DO BAZY DANYCH ### */
- function Dodaj($connection) {
- // Escape user inputs for security
- $Id = mysqli_real_escape_string($connection, $_REQUEST['Id']);
- $Nazwa = mysqli_real_escape_string($connection, $_REQUEST['Nazwa']);
- $Marka = mysqli_real_escape_string($connection, $_REQUEST['Marka']);
- $Cena = mysqli_real_escape_string($connection, $_REQUEST['Cena']);
- $sql = "INSERT INTO towar (Id, Nazwa, Marka, Cena) VALUES ('$Id', '$Nazwa', '$Marka', '$Cena')";
- if(mysqli_query($connection, $sql) == True){
- $_SESSION['komunikat'] = "Dodano.";
- } else {
- $_SESSION['komunikat'] = "Nie dodano.";
- }
- mysqli_close($connection);
- }
- function Usun($connection) {
- // Escape user inputs for security
- $Id = mysqli_real_escape_string($connection, $_REQUEST['delete']);
- $sql = "DELETE FROM towar WHERE Id=$Id";
- if(mysqli_query($connection, $sql) == True){
- $_SESSION['komunikat'] = "Usunięto wiersz";
- } else {
- $_SESSION['komunikat'] = "Niepowodzenie usuwania";
- }
- mysqli_close($connection);
- }
- function Edytuj($connection) {
- $Id = mysqli_real_escape_string($connection, $_REQUEST['Id']);
- $query = "SELECT * FROM towar where Id=$Id";
- $result = mysqli_query($connection, $query);
- while ($row=$result->fetch_assoc()) {
- $id = $row['Id'];
- $Nazwa = $row['Nazwa'];
- $Marka = $row['Marka'];
- $Cena = $row['Cena'];
- }
- if(!empty($_REQUEST['Nazwa'])) { $Nazwa = mysqli_real_escape_string($connection, $_REQUEST['Nazwa']); } else { $Nazwa = mysqli_real_escape_string($connection, $Nazwa); }
- if(!empty($_REQUEST['Marka'])) { $Marka = mysqli_real_escape_string($connection, $_REQUEST['Marka']); } else { $Marka = mysqli_real_escape_string($connection, $Marka); }
- if(!empty($_REQUEST['Cena'])) { $Cena = mysqli_real_escape_string($connection, $_REQUEST['Cena']); } else { $Cena = mysqli_real_escape_string($connection, $Cena); }
- $sql = "UPDATE towar SET Nazwa='$Nazwa', Marka='$Marka', Cena='$Cena' WHERE Id=$Id";
- if(mysqli_query($connection, $sql) == True){
- $_SESSION['komunikat'] = "Pomyślna aktualizacja wierszu";
- } else {
- $_SESSION['komunikat'] = "Nie zaktualizowano wiersza.";
- }
- mysqli_close($connection);
- }
- /* ### W ZALEŻNOŚCI OD KLIKNIĘTEGO BUTTONA WYKONAJ DANĄ FUNKCJE ### */
- if($_SERVER['REQUEST_METHOD'] == "POST" and isset($_POST['dodaj'])) {
- Dodaj($connection);
- }
- else if($_SERVER['REQUEST_METHOD'] == "POST" and isset($_POST['delete'])) {
- Usun($connection);
- }
- else if($_SERVER['REQUEST_METHOD'] == "POST" and isset($_POST['update'])) {
- Edytuj($connection);
- }
- header('Location: ../index2.php');
- ?>
- <?php
- //Potrzebne dane do połączenia z bazą danych
- $servername = "localhost";
- $username = "root";
- $password = "";
- $dbname = "Magazyn";
- $connection = new mysqli($servername, $username, $password, $dbname);
- if ($connection->connect_error) {
- die("Connection failed: " . $connection->connect_error);
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement