includes/formbooking.php

   1 <?php
   2 $form_flight_id = filter_input(INPUT_POST, "flight_id", FILTER_SANITIZE_STRING);
   3 $form_class_name = filter_input(INPUT_POST, "class_name", FILTER_SANITIZE_STRING);
   4 $form_place_price = filter_input(INPUT_POST, "place_price", FILTER_VALIDATE_FLOAT);
   5 $form_nb_place = filter_input(INPUT_POST, "nb_place", FILTER_VALIDATE_INT);
   6 $form_return_flight = filter_input(INPUT_POST, "return_flight", FILTER_VALIDATE_BOOLEAN);
   7
   8 global $is_logged_in;
   9 if (!$is_logged_in) {
  10     echo "Please login first.";
  11     redirect("index.php?page=login", 2);
  12 }
  13
  14 $input_failure = false;
  15
  16 if (!$form_place_price) {
  17     echo "Prix invalide. <br>";
  18     $input_failure = true;
  19 }
  20
  21 if (!$form_nb_place) {
  22     echo "Nombre de place(s) invalide. <br>";
  23     $input_failure = true;
  24 }
  25
  26 if (!$form_return_flight) {
  27     echo "Vol retour invalide. <br>";
  28     $input_failure = true;
  29 }
  30
  31 if (!$input_failure && $is_logged_in && !empty($form_nb_place) && !empty($form_class_name)) {
  32     global $connection;
  33     $client_id = get_client_id($_SESSION['email']);
  34     $nb_booked = nb_booked($client_id, $form_flight_id);
  35     if (!empty($nb_booked)) {
  36         echo "Vous avez de&#769;ja&#768; re&#769;serve&#769; ce vol, vous allez e&#770;tre redirige&#769; vers la liste de vos re&#769;servations dans 2 secondes. <br>";
  37         redirect("index.php?page=reservations", 2);
  38     }
  39     $sql_pquery = "insert into RESERVATIONS (NumCl, NumVol, Classe, NbPlaces)
  40                    values (?, ?, ?, ?)";
  41     $connection->prepare_query($sql_pquery);
  42     $connection->prepared_query_bind_param("issi", array($client_id, $form_flight_id, $form_class_name, $form_nb_place));
  43     $connection->run_prepared_query();
  44     $connection->close_prepared_query();
  45     $sql_pquery = "select VilleD, DateD, VilleA, DateA from VOLS, DEFCLASSES
  46                    where DEFCLASSES.NumVol = VOLS.NumVol and
  47                    VOLS.NumVol = ? and Classe = ?";
  48     $connection->prepare_query($sql_pquery);
  49     $connection->prepared_query_bind_param("ss", array($form_flight_id, $form_class_name));
  50     $connection->run_prepared_query();
  51     $connection->get_pquery_result();
  52     $rows = $connection->get_result_array();
  53     $connection->close_prepared_query();
  54     foreach ($rows as $row) {
  55         echo "(Simulation de paiement d'une re&#769;servation) <br>";
  56         echo "Vous avez re&#769;serve&#769; et paye&#769; " . $form_nb_place . " place(s) sur le vol " .$form_flight_id .
  57              " au de&#769;part de " . $row['VilleD'].  " a&#768; " . $row['DateD'] . " arrivant a&#768; " . $row['VilleA'] . " a&#768; " . $row['DateA'] .
  58              " pour un montant de " . $form_place_price * $form_nb_place . "&euro;. <br>";
  59     }
  60     if ($form_return_flight) {
  61         redirect("index.php?page=search", 3);
  62         $_SESSION['current_flight_id'] = $form_flight_id;
  63         $_SESSION['return_flight'] = $form_return_flight;
  64     } else {
  65         redirect("index.php?page=reservations", 3);
  66     }
  67 } else {
  68     echo "Make an error message. <br>";
  69 }
  70
  71 ?>