Username/password is incorrect."; } } } // A function to register a new user function register () { if (isset($_REQUEST['username'])) { global $con; // removes backslashes $username = stripslashes($_REQUEST['username']); //escapes special characters in a string $username = mysqli_real_escape_string($con,$username); $email = stripslashes($_REQUEST['email']); $email = mysqli_real_escape_string($con,$email); $password = stripslashes($_REQUEST['password']); $password = mysqli_real_escape_string($con,$password); $query = "INSERT into users (userLogin, userPass, userEmail) VALUES ('$username', '$password', '$email')"; $result = mysqli_query($con,$query); // checks if the username or email addresse is already taken if ($result) { echo "

You are registered successfully.

Click here to Login

"; } elseif (mysqli_errno($con) == 1062) { echo "

Username or Email already taken.

"; } } } //A function to read out the userId of the current user function get_userid () { global $con; session_start(); $username = $_SESSION['username']; $sql = "select userId from users where userLogin = '$username'"; $userId = mysqli_query($con, $sql) or die(mysqli_error($con)); $row = $userId->fetch_object(); return $row->userId; } // A function to post a demand function post_demand () { if (isset($_POST['submit'])) { global $con; $userId = get_userid(); $piecesMax = $_POST['piecesMax']; $piecesMin = $_POST['piecesMin']; $qualityId = $_POST['quality']; $deliveryDate = $_POST['deliveryDate']; $title = $_POST['title']; $text = $_POST['text']; // Inserts Data into Database if ($piecesMax <= $piecesMin) { echo " The Maximum must be bigger than the Minimum! "; } else { $sql = "INSERT INTO demands (piecesMax, piecesMin, demandText, demandTitle, userId, deliveryDate, qualityId) VALUES ('$piecesMax', '$piecesMin', '$text', '$title', '$userId', '$deliveryDate', '$qualityId')"; $result = mysqli_query($con, $sql) or die(mysqli_error($con)); } } } // A function to insert the own posts from the database into the website function get_demand_titles () { global $con; $sql = "SELECT * FROM demands"; $result = mysqli_query($con, $sql); while ($row = $result->fetch_assoc()) { echo "

"; echo "" . $row['demandTitle'] . "" . "
"; echo $row['date'] . "
"; echo "

"; echo ""; echo "

"; } } // A function to edit a demand function edit_demand () { if (isset($_POST['edit'])) { global $con; $demandId = $_POST['demandId']; $piecesMax = $_POST['piecesMax']; $piecesMin = $_POST['piecesMin']; $deliveryDate = $_POST['deliveryDate']; $title = $_POST['title']; $text = $_POST['text']; // Inserts Updates Database if ($piecesMax <= $piecesMin) { echo " The Maximum must be bigger than the Minimum! "; } else { $sql = "UPDATE demands SET piecesMax='$piecesMax', piecesMin='$piecesMin', demandTitle='$title', demandText='$text', deliveryDate='$deliveryDate' WHERE demandId='$demandId'"; $result = mysqli_query($con, $sql) or die(mysqli_error($con)); header("Location: board.php"); } } } // A function to delete a post function delete_demand() { if (isset($_POST['deletepost'])) { global $con; $demandId = $_POST['demandId']; // Delete Post from Database $sql = "DELETE FROM demands WHERE demandId='$demandId'"; $result = mysqli_query($con, $sql) or die(mysqli_error($con)); header('Location: board.php'); } } function show_demand () { global $con; $demandId = $_POST['demandId']; $demand_query = "SELECT * FROM demands where demandId='$demandId'"; $demand_query_result = mysqli_query($con, $demand_query) or die(mysqli_error($con)); $demand_rows = $demand_query_result->fetch_object(); $qualityId = $demand_rows->qualityId; $quality_query = "SELECT * FROM quality where qualityId='$qualityId'"; $quality_query_result = mysqli_query($con, $quality_query) or die(mysqli_error($con)); $quality_rows = $quality_query_result->fetch_object(); echo "

" . $demand_rows->demandTitle . "

"; echo "

"; echo "Maximum required pieces: " . $demand_rows->piecesMax; echo "

"; echo "Minimum required pieces: " . $demand_rows->piecesMin; echo "

"; echo "Desired Date of Delivery: " . $demand_rows->deliveryDate; echo "

"; echo "Desired Quality: " . $quality_rows->qualityName; echo "

Description:
"; echo $demand_rows->demandText; } function post_offer() { if (isset($_POST['submit'])) { global $con; $userId = get_userid(); $pieces = $_POST['pieces']; $price = $_POST['price']; $qualityId = $_POST['quality']; $text = $_POST['text']; // Inserts Data into Database $sql = "INSERT INTO offers (pieces, text, price, userId, qualityId) VALUES ('$pieces', '$text', '$price', '$userId', '$qualityId')"; $result = mysqli_query($con, $sql) or die(mysqli_error($con)); } } ?>