| 1 | <?php |
| 2 | $form_flight_id = filter_input(INPUT_POST, "flight_id", FILTER_SANITIZE_STRING); |
| 3 | $form_class_name = filter_input(INPUT_POST, "class_name", FILTER_SANITIZE_STRING); |
| 4 | $form_place_price = filter_input(INPUT_POST, "place_price", FILTER_VALIDATE_FLOAT); |
| 5 | $form_nb_place = filter_input(INPUT_POST, "nb_place", FILTER_VALIDATE_INT); |
| 6 | $form_return_flight = filter_input(INPUT_POST, "return_flight", FILTER_VALIDATE_BOOLEAN); |
| 7 | |
| 8 | global $is_logged_in; |
| 9 | if (!$is_logged_in) { |
| 10 | echo "Please login first."; |
| 11 | redirect("index.php?page=login", 2); |
| 12 | } |
| 13 | |
| 14 | $input_failure = false; |
| 15 | |
| 16 | if (!$form_place_price) { |
| 17 | echo "Prix invalide. <br>"; |
| 18 | $input_failure = true; |
| 19 | } |
| 20 | |
| 21 | if (!$form_nb_place) { |
| 22 | echo "Nombre de place(s) invalide. <br>"; |
| 23 | $input_failure = true; |
| 24 | } |
| 25 | |
| 26 | if (!$form_return_flight) { |
| 27 | echo "Vol retour invalide. <br>"; |
| 28 | $input_failure = true; |
| 29 | } |
| 30 | |
| 31 | if (!$input_failure && !empty($form_nb_place) && !empty($form_class_name)) { |
| 32 | global $connection; |
| 33 | $client_id = get_client_id($_SESSION['email']); |
| 34 | $nb_booked = nb_booked($client_id, $form_flight_id); |
| 35 | if (!empty($nb_booked)) { |
| 36 | echo "Vous avez déjà réservé ce vol, vous allez être redirigé vers la liste de vos réservations dans 2 secondes. <br>"; |
| 37 | redirect("index.php?page=reservations", 2); |
| 38 | } |
| 39 | $sql_pquery = "insert into RESERVATIONS (NumCl, NumVol, Classe, NbPlaces) |
| 40 | values (?, ?, ?, ?)"; |
| 41 | $connection->prepare_query($sql_pquery); |
| 42 | $connection->prepared_query_bind_param("issi", array($client_id, $form_flight_id, $form_class_name, $form_nb_place)); |
| 43 | $connection->run_prepared_query(); |
| 44 | $connection->close_prepared_query(); |
| 45 | $sql_pquery = "select VilleD, DateD, VilleA, DateA from VOLS, DEFCLASSES |
| 46 | where DEFCLASSES.NumVol = VOLS.NumVol and |
| 47 | VOLS.NumVol = ? and Classe = ?"; |
| 48 | $connection->prepare_query($sql_pquery); |
| 49 | $connection->prepared_query_bind_param("ss", array($form_flight_id, $form_class_name)); |
| 50 | $connection->run_prepared_query(); |
| 51 | $connection->get_pquery_result(); |
| 52 | $rows = $connection->get_result_array(); |
| 53 | $connection->close_prepared_query(); |
| 54 | foreach ($rows as $row) { |
| 55 | echo "Vous avez réservé et payé " . $form_nb_place . " place(s) sur le vol " .$form_flight_id . |
| 56 | " au départ de " . $row['VilleD']. " à " . $row['DateD'] . " arrivant à " . $row['VilleA'] . " à " . $row['DateA'] . |
| 57 | " pour un montant de " . $form_place_price * $form_nb_place . "€. <br>"; |
| 58 | } |
| 59 | if ($form_return_flight) { |
| 60 | redirect("index.php?page=search", 3); |
| 61 | $_SESSION['current_flight_id'] = $form_flight_id; |
| 62 | $_SESSION['return_flight'] = $form_return_flight; |
| 63 | } else { |
| 64 | redirect("index.php?page=reservations", 3); |
| 65 | } |
| 66 | } |
| 67 | |
| 68 | ?> |