Username/password is incorrect."; } } } // A function to register a new user function register () { if (isset($_REQUEST['username'])) { global $con; // removes backslashes $username = stripslashes($_REQUEST['username']); //escapes special characters in a string $username = mysqli_real_escape_string($con,$username); $email = stripslashes($_REQUEST['email']); $email = mysqli_real_escape_string($con,$email); $password = stripslashes($_REQUEST['password']); $password = mysqli_real_escape_string($con,$password); $query = "INSERT into users (userLogin, userPass, userEmail) VALUES ('$username', '$password', '$email')"; $result = mysqli_query($con,$query); // checks if the username or email addresse is already taken if ($result) { echo "

You are registered successfully.

Click here to Login

"; } elseif (mysqli_errno($con) == 1062) { echo "

Username or Email already taken.

"; } } } //A function to read out the userId of the current user function get_userid () { global $con; session_start(); $username = $_SESSION['username']; $sql = "select userId from users where userLogin = '$username'"; $userId = mysqli_query($con, $sql) or die(mysqli_error($con)); $row = $userId->fetch_object(); return $row->userId; } // A function to post a demand function post_demand () { if (isset($_POST['submit'])) { global $con; $userId = get_userid(); $piecesMax = $_POST['piecesMax']; $piecesMin = $_POST['piecesMin']; $qualityId = $_POST['quality']; $deliveryDate = $_POST['deliveryDate']; $title = $_POST['title']; $text = $_POST['text']; // Inserts Data into Database if ($piecesMax <= $piecesMin) { echo " The Maximum must be bigger than the Minimum! "; } else { $sql = "INSERT INTO demands (piecesMax, piecesMin, demandText, demandTitle, userId, deliveryDate, qualityId) VALUES ('$piecesMax', '$piecesMin', '$text', '$title', '$userId', '$deliveryDate', '$qualityId')"; $result = mysqli_query($con, $sql) or die(mysqli_error($con)); } } } // A function to insert the own posts from the database into the website function get_demand_titles () { global $con; $sql = "SELECT * FROM demands"; $result = mysqli_query($con, $sql); while ($row = $result->fetch_assoc()) { echo "

"; echo "" . $row['demandTitle'] . "" . "
"; echo $row['date'] . "
"; echo "

"; echo ""; echo "

"; } } // A function to edit a demand function edit_demand () { if (isset($_POST['edit'])) { global $con; $demandId = $_POST['demandId']; $piecesMax = $_POST['piecesMax']; $piecesMin = $_POST['piecesMin']; $deliveryDate = $_POST['deliveryDate']; $title = $_POST['title']; $text = $_POST['text']; // Inserts Updates Database if ($piecesMax <= $piecesMin) { echo " The Maximum must be bigger than the Minimum! "; } else { $sql = "UPDATE demands SET piecesMax='$piecesMax', piecesMin='$piecesMin', demandTitle='$title', demandText='$text', deliveryDate='$deliveryDate' WHERE demandId='$demandId'"; $result = mysqli_query($con, $sql) or die(mysqli_error($con)); header("Location: board.php"); } } } // A function to delete a post function delete_demand() { if (isset($_POST['deletepost'])) { global $con; $demandId = $_POST['demandId']; // Delete Post from Database $sql = "DELETE FROM demands WHERE demandId='$demandId'"; $result = mysqli_query($con, $sql) or die(mysqli_error($con)); header('Location: board.php'); } } function show_demand () { global $con; $demandId = $_POST['demandId']; $demand_query = "SELECT * FROM demands where demandId='$demandId'"; $demand_query_result = mysqli_query($con, $demand_query) or die(mysqli_error($con)); $demand_rows = $demand_query_result->fetch_object(); $qualityId = $demand_rows->qualityId; $quality_query = "SELECT * FROM quality where qualityId='$qualityId'"; $quality_query_result = mysqli_query($con, $quality_query) or die(mysqli_error($con)); $quality_rows = $quality_query_result->fetch_object(); echo "

" . $demand_rows->demandTitle . "

"; echo "

"; echo "Maximum required pieces: " . $demand_rows->piecesMax; echo "

"; echo "Minimum required pieces: " . $demand_rows->piecesMin; echo "

"; echo "Desired Date of Delivery: " . $demand_rows->deliveryDate; echo "

"; echo "Desired Quality: " . $quality_rows->qualityName; echo "

Description:
"; echo "$demand_rows->demandText

"; echo "
"; } function post_offer() { if (isset($_POST['submit'])) { global $con; $userId = get_userid(); $demandId = $_POST['demandId']; $pieces = $_POST['pieces']; $price = $_POST['price']; $qualityId = $_POST['quality']; $text = $_POST['text']; // Inserts Data into Database $sql = "INSERT INTO offers (pieces, text, price, userId, qualityId, demandId) VALUES ('$pieces', '$text', '$price', '$userId', '$qualityId', '$demandId')"; $result = mysqli_query($con, $sql) or die(mysqli_error($con)); } } function show_offer () { global $con; $demandId = $_POST['demandId']; // get the offers matching the demand from the database $offer_query = "SELECT * FROM offers where demandId='$demandId'"; $offer_query_result = mysqli_query($con, $offer_query) or die(mysqli_error($con)); // if the query on the database returned data print the data while ($offer_rows = $offer_query_result->fetch_object()) { $qualityId = $offer_rows->qualityId; $quality_query = "SELECT * FROM quality where qualityId='$qualityId'"; $quality_query_result = mysqli_query($con, $quality_query) or die(mysqli_error($con)); $quality_rows = $quality_query_result->fetch_object(); echo "Offer Nr: " . $offer_rows->offerId; echo "

"; echo "Amount available: " . $offer_rows->pieces; echo "

"; echo "Price per piece: " . $offer_rows->price; echo "

"; echo "Provided Quality: " . $quality_rows->qualityName; echo "

Description:
"; echo $offer_rows->text . "

"; echo "

"; } } function export_offer () { global $con; $offerId = $_POST['offerId']; $offer_export_query = "SELECT o.offerId, o.text, o.price, o.date, o.pieces, q.qualityName, d.demandTitle FROM offers o INNER JOIN demands d on o.demandId = d.demandId INNER JOIN quality q on o.qualityId = q.qualityId WHERE o.offerId = '$offerId';"; $query_result = mysqli_query($con, $offer_export_query) or die(mysqli_error($con)); $export_rows = $query_result->fetch_object(); /* create a dom document with encoding utf8 */ $domtree = new DOMDocument('1.0', 'UTF-8'); /* create the root element of the xml tree */ $xmlRoot = $domtree->createElement("offer"); /* append it to the document created */ $offer_export = $domtree->appendChild($xmlRoot); /* you should enclose the following two lines in a cicle */ $offer_export->appendChild( $domtree->createElement('demand_title',$export_rows->demandTitle)); $offer_export->appendChild( $domtree->createElement('offer_id',$export_rows->offerId)); $offer_export->appendChild( $domtree->createElement('offer_text',$export_rows->text)); $offer_export->appendChild( $domtree->createElement('offer_price',$export_rows->price)); $offer_export->appendChild( $domtree->createElement('offer_pieces',$export_rows->pieces)); $offer_export->appendChild( $domtree->createElement('offer_quality',$export_rows->qualityName)); $offer_export->appendChild( $domtree->createElement('offer_date',$export_rows->date)); /* get the xml printed */ echo $domtree->saveXML(); } ?>