From 33eb6f2ab954597a257e9eb8f793a9bc52dd9524 Mon Sep 17 00:00:00 2001
From: =?utf8?q?J=C3=A9r=C3=B4me=20Benoit?= <jerome.benoit@piment-noir.org>
Date: Tue, 16 Jan 2018 16:44:21 +0100
Subject: [PATCH] Add the flight search and booking features.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit
Signed-off-by: Jérôme Benoit <jerome.benoit@piment-noir.org>
---
includes/account.php | 3 +
includes/config-example.php | 1 +
includes/formbooking.php | 68 +++++++++++++
includes/formlogin.php | 2 +-
includes/formsearch.php | 109 +++++++++++++++++++++
includes/header.php | 9 +-
includes/login.php | 2 +-
includes/{booking.php => reservations.php} | 1 +
includes/search.php | 5 +-
lib/db.php | 15 ++-
lib/utils.php | 30 +++++-
styles/airpolytech.css | 16 ++-
12 files changed, 248 insertions(+), 13 deletions(-)
create mode 100644 includes/formbooking.php
create mode 100644 includes/formsearch.php
rename includes/{booking.php => reservations.php} (80%)
diff --git a/includes/account.php b/includes/account.php
index 74fbddb..dc25449 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -5,3 +5,6 @@ if (!$is_logged_in) {
redirect("index.php?page=login", 2);
}
?>
+
+<h2>Mes informations</h2>
+<h2>Mes réversations</h2>
diff --git a/includes/config-example.php b/includes/config-example.php
index d7ad853..a7edf02 100644
--- a/includes/config-example.php
+++ b/includes/config-example.php
@@ -11,6 +11,7 @@
'login',
'logout',
'register',
+ 'reservations',
'booking',
'search',
'account'
diff --git a/includes/formbooking.php b/includes/formbooking.php
new file mode 100644
index 0000000..373e18b
--- /dev/null
+++ b/includes/formbooking.php
@@ -0,0 +1,68 @@
+<?php
+$form_flight_id = filter_input(INPUT_POST, "flight_id", FILTER_SANITIZE_STRING);
+$form_class_name = filter_input(INPUT_POST, "class_name", FILTER_SANITIZE_STRING);
+$form_place_price = filter_input(INPUT_POST, "place_price", FILTER_VALIDATE_FLOAT);
+$form_nb_place = filter_input(INPUT_POST, "nb_place", FILTER_VALIDATE_INT);
+$form_return_flight = filter_input(INPUT_POST, "return_flight", FILTER_VALIDATE_BOOLEAN);
+
+global $is_logged_in;
+if (!$is_logged_in) {
+ echo "Please login first.";
+ redirect("index.php?page=login", 2);
+}
+
+$input_failure = false;
+
+if (!$form_place_price) {
+ echo "Prix invalide. <br>";
+ $input_failure = true;
+}
+
+if (!$form_nb_place) {
+ echo "Nombre de place(s) invalide. <br>";
+ $input_failure = true;
+}
+
+if (!$form_return_flight) {
+ echo "Vol retour invalide. <br>";
+ $input_failure = true;
+}
+
+if (!$input_failure && !empty($form_nb_place) && !empty($form_class_name)) {
+ global $connection;
+ $client_id = get_client_id($_SESSION['email']);
+ $nb_booked = nb_booked($client_id, $form_flight_id);
+ if (!empty($nb_booked)) {
+ echo "Vous avez déjà réservé ce vol, vous allez être redirigé vers la liste de vos réservations dans 2 secondes. <br>";
+ redirect("index.php?page=reservations", 2);
+ }
+ $sql_pquery = "insert into RESERVATIONS (NumCl, NumVol, Classe, NbPlaces)
+ values (?, ?, ?, ?)";
+ $connection->prepare_query($sql_pquery);
+ $connection->prepared_query_bind_param("issi", array($client_id, $form_flight_id, $form_class_name, $form_nb_place));
+ $connection->run_prepared_query();
+ $connection->close_prepared_query();
+ $sql_pquery = "select VilleD, DateD, VilleA, DateA from VOLS, DEFCLASSES
+ where DEFCLASSES.NumVol = VOLS.NumVol and
+ VOLS.NumVol = ? and Classe = ?";
+ $connection->prepare_query($sql_pquery);
+ $connection->prepared_query_bind_param("ss", array($form_flight_id, $form_class_name));
+ $connection->run_prepared_query();
+ $connection->get_pquery_result();
+ $rows = $connection->get_result_array();
+ $connection->close_prepared_query();
+ foreach ($rows as $row) {
+ echo "Vous avez réservé et payé " . $form_nb_place . " place(s) sur le vol " .$form_flight_id .
+ " au départ de " . $row['VilleD']. " à " . $row['DateD'] . " arrivant à " . $row['VilleA'] . " à " . $row['DateA'] .
+ " pour un montant de " . $form_place_price * $form_nb_place . "€. <br>";
+ }
+ if ($form_return_flight) {
+ redirect("index.php?page=search", 3);
+ $_SESSION['current_flight_id'] = $form_flight_id;
+ $_SESSION['return_flight'] = $form_return_flight;
+ } else {
+ redirect("index.php?page=reservations", 3);
+ }
+}
+
+?>
diff --git a/includes/formlogin.php b/includes/formlogin.php
index 73cdff0..ed17f80 100644
--- a/includes/formlogin.php
+++ b/includes/formlogin.php
@@ -15,7 +15,7 @@ if (!$form_email) {
echo "You're successfully authenticated. <br>";
redirect("index.php", 3);
} else {
- echo "Your password is incorrect for the account email" . $form_email . ". <br>";
+ echo "Your password is incorrect for the account email " . $form_email . ". <br>";
echo "<a href=\"javascript:history.go(-1)\">Retour</a>";
}
} else {
diff --git a/includes/formsearch.php b/includes/formsearch.php
new file mode 100644
index 0000000..951bef1
--- /dev/null
+++ b/includes/formsearch.php
@@ -0,0 +1,109 @@
+<?php
+
+$form_departure_city = filter_input(INPUT_POST, "departure_city", FILTER_SANITIZE_STRING);
+$form_departure_date = filter_input(INPUT_POST, "departure_date", FILTER_SANITIZE_STRING);
+$form_arrival_city = filter_input(INPUT_POST, "arrival_city", FILTER_SANITIZE_STRING);
+$form_arrival_date = filter_input(INPUT_POST, "arrival_date", FILTER_SANITIZE_STRING);
+$form_date_now = filter_input(INPUT_POST, "date_now", FILTER_SANITIZE_STRING);
+
+$oDepartureDate = new DateTime($form_departure_date);
+$oArrivalDate = new DateTime($form_arrival_date);
+$oDateNow = new Datetime($form_date_now);
+
+/**
+ * Sanity checks
+ */
+
+$input_failure = false;
+
+if ($form_departure_city === $form_arrival_city) {
+ echo "Departure and arrival city are the same. <br>";
+ $input_failure = true;
+}
+
+if ($oDepartureDate < $oDateNow) {
+ echo "The departure date is before the current date. <br>";
+ $input_failure = true;
+}
+
+if ($oArrivalDate <= $oDepartureDate) {
+ echo "Arrival date is before departure date. <br>";
+ $input_failure = true;
+}
+
+?>
+
+<h1> Rechercher un vol </h1>
+
+<form action="index.php" id="search" method="post">
+ <input type="hidden" name="form" value="search" />
+ <input type="hidden" name="date_now" value="<?php echo $form_date_now; ?>" />
+ <label> Départ : Ville -> </label>
+ <input type="text" size="15" name="departure_city" value="<?php echo $form_departure_city; ?>" required/>
+ <label> Date -> </label>
+ <input type="datetime-local" name="departure_date" value="<?php echo $form_departure_date; ?>" required/>
+ <label> Arrivée : Ville -> </label>
+ <input type="text" size="15" name="arrival_city" value="<?php echo $form_arrival_city; ?>" required/>
+ <label> Date -> </label>
+ <input type="datetime-local" name="arrival_date" value="<?php echo $form_arrival_date; ?>" required/>
+ <input type="submit" value="Valider">
+</form>
+<br>
+
+<?php
+if (!$input_failure) {
+ global $connection;
+ $sql_pquery = "select VOLS.NumVol as NumVol, VilleD, DateD, VilleA, DateA, Classe, round(CoutVol*CoeffPrix, 2) as Prix from VOLS, DEFCLASSES
+ where DEFCLASSES.NumVol = VOLS.NumVol and
+ DateD >= ? and VilleD = ? and DateA <= ? and VilleA = ?
+ order by DateD, NumVol, Prix";
+ $connection->prepare_query($sql_pquery);
+ $connection->prepared_query_bind_param("ssss", array($form_departure_date, $form_departure_city, $form_arrival_date, $form_arrival_city));
+ $connection->run_prepared_query();
+ $connection->get_pquery_result();
+ $rows = $connection->get_result_array();
+ $connection->close_prepared_query();
+ //var_dump($rows);
+ if (empty($rows)) {
+ echo "Aucun vol ne correspond aux critères de recherche. <br>";
+ } else {
+ echo "<table id=\"search\">\n";
+ echo " <tr>\n";
+ echo " <th>Numéro de vol</th>\n";
+ echo " <th>Ville de départ</th>\n";
+ echo " <th>Date de départ</th>\n";
+ echo " <th>Ville d'arrivée</th>\n";
+ echo " <th>Date d'arrivée</th>\n";
+ echo " <th>Classe</th>\n";
+ echo " <th>Prix d'une place</th>\n";
+ echo " <th>Réserver</th>\n";
+ echo " </tr>\n";
+ foreach ($rows as $row) {
+ echo " <tr>\n";
+ echo " <td>" . $row['NumVol'] . "</td>\n";
+ echo " <td>" . $row['VilleD'] . "</td>\n";
+ echo " <td>" . $row['DateD'] . "</td>\n";
+ echo " <td>" . $row['VilleA'] . "</td>\n";
+ echo " <td>" . $row['DateA'] . "</td>\n";
+ echo " <td>" . $row['Classe'] . "</td>\n";
+ echo " <td>" . $row['Prix'] . "€</td>\n";
+ echo " <td>
+ <form action=\"index.php\" id=\"booking\" method=\"post\">
+ <input type=\"hidden\" name=\"form\" value=\"booking\" />
+ <input type=\"hidden\" name=\"flight_id\" value=\"" . $row['NumVol'] . "\" />
+ <input type=\"hidden\" name=\"class_name\" value=\"" . $row['Classe'] . "\" />
+ <input type=\"hidden\" name=\"place_price\" value=\"" . $row['Prix'] . "\" />
+ <label> Place(s) : </label>
+ <input type=\"number\" name=\"nb_place\" min=\"1\" max=\"9\" value=\"1\" required/>
+ <label> Vol retour : </label>
+ <input type=\"checkbox\" name=\"return_flight\" checked required/>
+ <input type=\"submit\" value=\"Reserver\">
+ </form>
+ </td>\n";
+ echo " </tr>\n";
+ }
+ echo "</table>";
+ }
+}
+
+?>
diff --git a/includes/header.php b/includes/header.php
index 2e32552..4dae576 100644
--- a/includes/header.php
+++ b/includes/header.php
@@ -33,10 +33,15 @@ $is_logged_in = chk_logged_in();
</div>
<div id="menu">
| <a href="<?php echo $configs['root_url'] ?>/index.php?page=home">Accueil</a>
- | <a href="<?php echo $configs['root_url'] ?>/index.php?page=search">Rechercher un vol</a> |
+ | <a href="<?php echo $configs['root_url'] ?>/index.php?page=search">Rechercher un vol</a>
+ |
+ <?php
+ if ($is_logged_in) {
+ echo "<a href=\"" . $configs['root_url'] . "/index.php?page=reservations\">Mes réservations</a> |";
+ }
+ ?>
</div>
-
<?php
diff --git a/includes/login.php b/includes/login.php
index fe5c0fa..05f8714 100644
--- a/includes/login.php
+++ b/includes/login.php
@@ -3,7 +3,7 @@
<form action="index.php" id="login" method="post">
<input type="hidden" name="form" value="login" />
<label> Email : </label>
- <input type="email"size="25" name="email" required/>
+ <input type="email" size="25" name="email" required/>
<label> Mot de passe : </label>
<input type="password" size="15" name="password" required/>
<input type="submit" value="Valider">
diff --git a/includes/booking.php b/includes/reservations.php
similarity index 80%
rename from includes/booking.php
rename to includes/reservations.php
index 74fbddb..b2d8f4f 100644
--- a/includes/booking.php
+++ b/includes/reservations.php
@@ -5,3 +5,4 @@ if (!$is_logged_in) {
redirect("index.php?page=login", 2);
}
?>
+<h1>Mes réservations<h1>
diff --git a/includes/search.php b/includes/search.php
index 366c962..aab5733 100644
--- a/includes/search.php
+++ b/includes/search.php
@@ -1,7 +1,10 @@
<h1> Rechercher un vol </h1>
+<?php if (isset($_SESSION['return_flight'])) ?>
+
<form action="index.php" id="search" method="post">
<input type="hidden" name="form" value="search" />
+ <input type="hidden" name="date_now" value="<?php echo date('Y-m-d\TH:i'); ?>" />
<label> Départ : Ville -> </label>
<input type="text" size="15" name="departure_city" required/>
<label> Date -> </label>
@@ -9,6 +12,6 @@
<label> Arrivée : Ville -> </label>
<input type="text" size="15" name="arrival_city" required/>
<label> Date -> </label>
- <input type="datetime-local" name="arrival_date" value="<?php echo date('Y-m-d\TH:i'); ?>" required/>
+ <input type="datetime-local" name="arrival_date" value="<?php echo date('Y-m-d\TH:i', time() + 86400); ?>" required/>
<input type="submit" value="Valider">
</form>
diff --git a/lib/db.php b/lib/db.php
index c7c2d48..cd9b082 100644
--- a/lib/db.php
+++ b/lib/db.php
@@ -80,6 +80,7 @@ class CustomDB
/**
* [prepared_query_bind_param description]
+ * @param [type] $types [description]
* @param [type] $params [description]
* @return [type] [description]
*/
@@ -116,9 +117,18 @@ class CustomDB
public function get_result_array()
{
- $rt_val = $this->current_result->fetch_array();
- if (!$rt_val) {
+ $row = $this->current_result->fetch_array();
+ if (is_null($row)) {
+ $rt_val = [];
+ } elseif (!isset($row)) {
echo "Fail to build SQL query result array : (" . $this->current_stmt->errno . ") " . $this->current_stmt->error . " - " . $this->current_pquery . "<br>";
+ $rt_val = false;
+ } else {
+ $rows[] = $row;
+ while ($row = $this->current_result->fetch_array()) {
+ $rows[] = $row;
+ }
+ $rt_val = $rows;
}
return $rt_val;
}
@@ -136,4 +146,5 @@ class CustomDB
return $rt_val;
}
}
+
?>
diff --git a/lib/utils.php b/lib/utils.php
index 8fdb0aa..47c8bda 100644
--- a/lib/utils.php
+++ b/lib/utils.php
@@ -28,7 +28,7 @@ function chk_account($email)
$connection->get_pquery_result();
$row = $connection->get_result_array();
$connection->close_prepared_query();
- if (!empty($row[0])) {
+ if (!empty($row[0][0])) {
return true;
} else {
return false;
@@ -45,13 +45,39 @@ function chk_password($email, $password)
$connection->get_pquery_result();
$row = $connection->get_result_array();
$connection->close_prepared_query();
- if (password_verify($password, $row[0])) {
+ if (password_verify($password, $row[0][0])) {
return true;
} else {
return false;
}
}
+function get_client_id($email)
+{
+ global $connection;
+ $sql_pquery = "select NumCl from CLIENTS where EmailCl = ?";
+ $connection->prepare_query($sql_pquery);
+ $connection->prepared_query_bind_param("s", array($email));
+ $connection->run_prepared_query();
+ $connection->get_pquery_result();
+ $row = $connection->get_result_array();
+ $connection->close_prepared_query();
+ return $row[0][0];
+}
+
+function nb_booked($client_id, $flight_id)
+{
+ global $connection;
+ $sql_pquery = "select SUM(NbPlaces) from RESERVATIONS where NumCl = ? and NumVol = ?";
+ $connection->prepare_query($sql_pquery);
+ $connection->prepared_query_bind_param("is", array($client_id, $flight_id));
+ $connection->run_prepared_query();
+ $connection->get_pquery_result();
+ $row = $connection->get_result_array();
+ $connection->close_prepared_query();
+ return $row[0][0];
+}
+
function chk_logged_in()
{
if (isset($_SESSION['email']) && isset($_SESSION['IP_address'])) {
diff --git a/styles/airpolytech.css b/styles/airpolytech.css
index e5a93bf..a05683e 100644
--- a/styles/airpolytech.css
+++ b/styles/airpolytech.css
@@ -41,6 +41,10 @@ form#register {
width: 720px;
}
+form#booking {
+ width: 250px;
+}
+
label, input {
/* in order to define widths */
display: inline-block;
@@ -75,12 +79,16 @@ table#home {
line-height: 1em;
}
-table#result tr:nth-child(even) {
- background-color: #eee;
+table#search {
+ border: none;
+}
+
+table#search tr:nth-child(even) {
+ background-color: #675b5b;
}
-table#result tr:nth-child(odd) {
- background-color: #fff;
+table#search tr:nth-child(odd) {
+ background-color: #474343;
}
#header {
--
2.43.0