| 1 | <?php |
| 2 | $form_flight_id = filter_input(INPUT_POST, "flight_id", FILTER_SANITIZE_STRING); |
| 3 | $form_class_name = filter_input(INPUT_POST, "class_name", FILTER_SANITIZE_STRING); |
| 4 | $form_place_price = filter_input(INPUT_POST, "place_price", FILTER_VALIDATE_FLOAT); |
| 5 | $form_nb_place = filter_input(INPUT_POST, "nb_place", FILTER_VALIDATE_INT); |
| 6 | $form_return_flight = filter_input(INPUT_POST, "return_flight", FILTER_VALIDATE_BOOLEAN); |
| 7 | |
| 8 | global $is_logged_in; |
| 9 | if (!$is_logged_in) { |
| 10 | echo "Please login first. <br>"; |
| 11 | $_SESSION['login_referer'] = $_SERVER['HTTP_REFERER']; |
| 12 | redirect("index.php?page=login", 2); |
| 13 | } |
| 14 | |
| 15 | $input_failure = false; |
| 16 | |
| 17 | if (!$form_place_price) { |
| 18 | echo "Prix invalide. <br>"; |
| 19 | $input_failure = true; |
| 20 | } |
| 21 | |
| 22 | if (!$form_nb_place) { |
| 23 | echo "Nombre de place(s) invalide. <br>"; |
| 24 | $input_failure = true; |
| 25 | } |
| 26 | |
| 27 | if (is_null($form_return_flight)) { |
| 28 | $form_return_flight = false; |
| 29 | } elseif (!$form_return_flight) { |
| 30 | echo "Vol retour invalide. <br>"; |
| 31 | $input_failure = true; |
| 32 | } |
| 33 | |
| 34 | if (!$input_failure && $is_logged_in && !empty($form_nb_place) && !empty($form_class_name)) { |
| 35 | global $connection; |
| 36 | $client_id = get_client_id($_SESSION['email']); |
| 37 | $nb_booked = nb_booked($client_id, $form_flight_id, $form_class_name); |
| 38 | if (!empty($nb_booked)) { |
| 39 | echo "Vous avez déjà réservé ce vol, vous allez être redirigé vers la liste de vos réservations dans 2 secondes. <br>"; |
| 40 | redirect("index.php?page=reservations", 2); |
| 41 | include('footer.html'); |
| 42 | exit(); |
| 43 | } |
| 44 | $sql_pquery = "insert into RESERVATIONS (NumCl, NumVol, Classe, NbPlaces) |
| 45 | values (?, ?, ?, ?)"; |
| 46 | $connection->prepare_query($sql_pquery); |
| 47 | $connection->prepared_query_bind_param("issi", array($client_id, $form_flight_id, $form_class_name, $form_nb_place)); |
| 48 | $connection->run_prepared_query(); |
| 49 | $connection->close_prepared_query(); |
| 50 | $sql_pquery = "select VilleD, DateD, VilleA, DateA from VOLS, DEFCLASSES |
| 51 | where DEFCLASSES.NumVol = VOLS.NumVol and |
| 52 | VOLS.NumVol = ? and Classe = ?"; |
| 53 | $connection->prepare_query($sql_pquery); |
| 54 | $connection->prepared_query_bind_param("ss", array($form_flight_id, $form_class_name)); |
| 55 | $connection->run_prepared_query(); |
| 56 | $connection->get_pquery_result(); |
| 57 | $rows = $connection->get_result_array(); |
| 58 | $connection->close_prepared_query(); |
| 59 | foreach ($rows as $row) { |
| 60 | echo "(Simulation de validation et paiement d'une réservation) <br>"; |
| 61 | echo "Vous avez réservé et payé " . $form_nb_place . " place(s) sur le vol " .$form_flight_id . |
| 62 | " au départ de " . $row['VilleD']. " à " . $row['DateD'] . " arrivant à " . $row['VilleA'] . " à " . $row['DateA'] . |
| 63 | " pour un montant total de " . $form_place_price * $form_nb_place . "€. <br>"; |
| 64 | } |
| 65 | if ($form_return_flight) { |
| 66 | $_SESSION['return_flight_departure_city'] = $row['VilleA']; |
| 67 | $_SESSION['return_flight_arrival_city'] = $row['VilleD']; |
| 68 | $_SESSION['return_flight_departure_date'] = $row['DateA']; |
| 69 | $_SESSION['return_flight_nb_place'] = $form_nb_place; |
| 70 | redirect("index.php?page=search&action=return_flight", 3); |
| 71 | } else { |
| 72 | redirect("index.php?page=reservations", 3); |
| 73 | } |
| 74 | } else { |
| 75 | echo "Make an error message. <br>"; |
| 76 | } |
| 77 | |
| 78 | ?> |