DB-SmartHouse/sellproduct.php at master · AUTProjects/DB-SmartHouse · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
<?php


echo <<<TAG

<!doctype html>

<html lang="en">
<head>
  <meta charset="utf-8">

  <title>The HTML5 Herald</title>
  <meta name="description" content="The HTML5 Herald">
  <meta name="author" content="SitePoint">

  <link rel="stylesheet" href="css/styles.css?v=1.0">

   <script type="text/javascript" src="js/scripts.js"></script>
  <!--[if lt IE 9]>
    <script src="https://cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv.js"></script>
  <![endif]-->
</head>

TAG;


if (isset($_POST['username'])) {
    $username = $_POST['username'];
    $code = $_POST['code'];


    $servername = "127.0.0.1";
    $DBusername = "root";
    $password = "";
    $dbname = "smarthouse";
    $conn = new mysqli($servername, $DBusername, $password, $dbname);
    if ($conn->connect_error) {
        die("Connection failed: " . $conn->connect_error);
    }


    $sql = "select stock from product_stock where product_code = \"" . $code . "\";";
    $result = $conn->query($sql);
    while ($row = $result->fetch_assoc()) {
        if ($result->num_rows > 0) {

            $stock = $row['stock'];
        }

    };


    echo <<<TAG
        <body>
            <div class="form">
TAG;

    if (isset($stock))
        if ($stock == 0) {
            echo "<h1>موجودی تمام شده است</h1>";
        } else {
            $stock -= 1;
            $sql = "update product_stock set stock = " . $stock . " where product_code =  \"" . $code . "\"";
            $conn->query($sql);


            $sql = "select * from USER where username = \"" . $username . "\";";
            $result = $conn->query($sql);
            while ($row = $result->fetch_assoc()) {
                if ($result->num_rows > 0) {

                    $usernameexist = true;
                }

            };

            if (isset($usernameexist)) {
                $sql = "INSERT INTO `sell` (`order_number`, `order_time`, `product_code`, `username`)
            VALUES (NULL, CURRENT_TIMESTAMP, '" . $code . "', '" . $username . "');";

                if ($conn->query($sql) === TRUE) {

                    echo "<h1>فروش انجام شد</h1>";
                } else {
//                if (strpos($conn->error, 'PRIMARY') !== true)
//                    echo "<h1>خطا: " . "<br>" . "نام کاربری وارد شده تکراری است" . "</h1>";
//                else
                    echo "<h1>Error: " . "<br>" . $conn->error . "</h1>";


                }
            }
            else{
                echo "<h1> کاربر وارد شده یافت نشد</h1>";
            }

        }
    else {
        echo "<h1>" . "محصول وارد شده یافت نشد" . "</h1>";
    }

    echo "<a href=\"#\" onclick=\"back()\" class=\"btn btn-red\">بازگشت</a>";
    echo <<<TAG
</div> <!-- /form -->
</body>
TAG;

} else {
    echo <<<TAG

<body>
 <div class="form">


        <div id="signup">
          <h1>خرید محصول</h1>

          <form action="./sellproduct.php" method="post">

         <div class="field-wrap">
            <input type="text" name="username" required placeholder="نام کاربری خریدار">
          </div>

          <div class="field-wrap">
            <input type="text" name="code" required placeholder="کد محصول">
          </div>


          <button type="submit" class="button button-block"/>اضافه کن!</button>

          </form>

        </div>


</div> <!-- /form -->

</body>


TAG;
}
echo <<<TAG
</html>
TAG;