-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathfunctions_borrow.php
More file actions
103 lines (82 loc) · 3.39 KB
/
functions_borrow.php
File metadata and controls
103 lines (82 loc) · 3.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
<?php
/*** return_book ***/
function return_book(){
check_admin_permissions();
global $connection;
if ($_SERVER['REQUEST_METHOD'] == 'POST'
&& !empty($_POST['return'])
&& !empty($_POST['book_id'])){
$book_id = mysqli_real_escape_string($connection, htmlspecialchars($_POST['book_id']));
$sql = "UPDATE tvari_kodu_books SET borrower = NULL, borrow_date = NULL WHERE id = ".$book_id;
$result = mysqli_query($connection, $sql);
if ($result){
if (isset($_POST['book_page'])){
header("Location: ?page=book&id=".htmlspecialchars($_POST['book_id']));
} else {
header("Location: ?page=start");
}
}
} else {
$errors[] = 'Raamatu tagastamine ebaõnnestus';
include_once('views/start_page.php');
die();
}
}
/*** borrow_book ***/
function borrow_book(){
global $connection;
check_admin_permissions();
/*
echo $_POST['borrow_book'];
echo $_POST['borrowers'];
echo $_POST['new_borrower'];
echo $_POST['book_id'];
//die();*/
if ($_SERVER['REQUEST_METHOD'] == 'POST'
&& !empty($_POST['borrow_book'])
&& isset($_POST['borrowers'])
&& !empty($_POST['book_id'])){
$borrower = intval(htmlspecialchars($_POST['borrowers']));
$book_id = htmlspecialchars($_POST['book_id']);
$b_id = mysqli_real_escape_string($connection, $book_id);
if ($borrower != 0){
// olemasolev laenutaja
$b = mysqli_real_escape_string($connection, $borrower);
$sql = "UPDATE tvari_kodu_books SET borrower=".$b.", borrow_date=CURDATE() WHERE id = ".$b_id;
$result = mysqli_query($connection, $sql);
if ($result){
header("Location: ?page=book&id=".$book_id);
die();
} else {
$_SESSION["notices"]["borrowing"]= "Laenutamine ebaõnnestus";
header("Location: ?page=book&id=".$book_id);
}
} else {
// uus laenutaja
if (!empty($_POST['new_borrower'])){
$b = mysqli_real_escape_string($connection, htmlspecialchars($_POST['new_borrower']));
$sql = "INSERT INTO tvari_kodu_users (name, role) VALUES ('".$b."', 'guest')";
$result = mysqli_query($connection, $sql);
if ($result && mysqli_insert_id($connection) > 0){
$sql = "UPDATE tvari_kodu_books SET borrower=".mysqli_insert_id($connection).", borrow_date=CURDATE() WHERE id = ".$b_id;
$result = mysqli_query($connection, $sql);
if ($result){
header("Location: ?page=book&id=".$book_id);
die();
} else {
$_SESSION["notices"]["borrowing"]= "Laenutamine uuele kasutajale ebaõnnestus";
header("Location: ?page=book&id=".$book_id);
}
} else {
$_SESSION["notices"]["borrowing"]= "Laenutaja lisamine ebaõnnestus";
header("Location: ?page=book&id=".$book_id);
}
}
}
}
else {
$_SESSION["notices"]["borrowing"]= "Laenutamiseks ei olenud piisavalt väljad täidetud!!!";
header("Location: ?page=book&id=".htmlspecialchars($_POST['book_id']));
}
}
?>