No puede seleccionar más de 25 temas
Los temas deben comenzar con una letra o número, pueden incluir guiones ('-') y pueden tener hasta 35 caracteres de largo.
107 líneas
3.5 KiB
PHP
107 líneas
3.5 KiB
PHP
<?php
|
|
|
|
/*
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
*/
|
|
|
|
require_once __DIR__ . "/required.php";
|
|
require_once __DIR__ . "/lib/item.php";
|
|
|
|
switch ($VARS['action']) {
|
|
case "addtocart":
|
|
$item = $VARS['item'];
|
|
$qty = $VARS['qty'];
|
|
|
|
if (!$binstack->has('items', ['AND' => ['itemid' => $item, 'price[>]' => 0]])) {
|
|
header('Location: ./?page=cart&msg=invaliditem');
|
|
die("Invalid item");
|
|
}
|
|
$cart = [];
|
|
|
|
if (!empty($_SESSION['cart'])) {
|
|
$cart = $_SESSION['cart'];
|
|
}
|
|
|
|
if (empty($cart[$item])) {
|
|
$cart[$item] = $qty;
|
|
} else {
|
|
$cart[$item] += $qty;
|
|
}
|
|
$_SESSION['cart'] = $cart;
|
|
header('Location: ./?page=cart&msg=itemadded');
|
|
die();
|
|
break;
|
|
case "updatecart":
|
|
$item = $VARS['item'];
|
|
$qty = $VARS['qty'];
|
|
$cart = [];
|
|
if (!empty($_SESSION['cart'])) {
|
|
$cart = $_SESSION['cart'];
|
|
}
|
|
$cart[$item] = $qty;
|
|
if ($qty <= 0) {
|
|
unset($cart[$item]);
|
|
}
|
|
$_SESSION['cart'] = $cart;
|
|
header('Location: ./?page=cart&msg=itemupdated');
|
|
break;
|
|
case "login":
|
|
$email = $VARS['email'];
|
|
$password = $VARS['password'];
|
|
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
|
header('Location: ./?page=login&msg=invalidemail');
|
|
die("Invalid email address.");
|
|
}
|
|
if ($database->has('customers', ['email' => $email])) {
|
|
$hash = $database->get('customers', 'password', ['email' => $email]);
|
|
if (password_verify($password, $hash)) {
|
|
$_SESSION['shop_account'] = $database->get('customers', ['customerid (id)', 'name', 'password (hashed_password)', 'email'], ['email' => $email]);
|
|
header('Location: ./?page=account');
|
|
die();
|
|
} else {
|
|
header('Location: ./?page=login&msg=badlogin');
|
|
die("Bad login.");
|
|
}
|
|
} else {
|
|
header('Location: ./?page=login&msg=badlogin');
|
|
die("Bad login.");
|
|
}
|
|
break;
|
|
case "logout":
|
|
$_SESSION['shop_account'] = null;
|
|
header('Location: ./');
|
|
break;
|
|
case "signup":
|
|
$name = $VARS['name'];
|
|
$email = $VARS['email'];
|
|
$password = $VARS['password'];
|
|
$phone = $VARS['phone'];
|
|
|
|
if (empty($name) || empty($email) || empty($password)) {
|
|
header('Location: ./?page=signup&msg=missingdata');
|
|
die("Missing required data.");
|
|
}
|
|
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
|
|
header('Location: ./?page=signup&msg=invalidemail');
|
|
die("Invalid email address.");
|
|
}
|
|
|
|
if ($database->has('customers', ['OR' => ['name' => $name, 'email' => $email]])) {
|
|
header('Location: ./?page=signup&msg=accountinuse');
|
|
die("Name or email already in use.");
|
|
}
|
|
|
|
if (empty($phone)) {
|
|
$phone = null;
|
|
}
|
|
|
|
$database->insert('customers', ['name' => $name, 'email' => $email, 'password' => password_hash($password, PASSWORD_BCRYPT), 'phone' => $phone]);
|
|
|
|
$_SESSION['shop_account'] = $database->get('customers', ['name', 'password (hashed_password)', 'email'], ['email' => $email]);
|
|
header('Location: ./?page=account');
|
|
die();
|
|
|
|
break;
|
|
} |