X-Git-Url: https://git.piment-noir.org/?p=Project_webapp.git;a=blobdiff_plain;f=includes%2Fformbooking.php;fp=includes%2Fformbooking.php;h=373e18bfbbe1fa1520ee9ba8a25489ae255bbd19;hp=0000000000000000000000000000000000000000;hb=33eb6f2ab954597a257e9eb8f793a9bc52dd9524;hpb=d5622f71ef49ac2313f5b98385bab231a9d64692

diff --git a/includes/formbooking.php b/includes/formbooking.php
new file mode 100644
index 0000000..373e18b
--- /dev/null
+++ b/includes/formbooking.php
@@ -0,0 +1,68 @@
+<?php
+$form_flight_id = filter_input(INPUT_POST, "flight_id", FILTER_SANITIZE_STRING);
+$form_class_name = filter_input(INPUT_POST, "class_name", FILTER_SANITIZE_STRING);
+$form_place_price = filter_input(INPUT_POST, "place_price", FILTER_VALIDATE_FLOAT);
+$form_nb_place = filter_input(INPUT_POST, "nb_place", FILTER_VALIDATE_INT);
+$form_return_flight = filter_input(INPUT_POST, "return_flight", FILTER_VALIDATE_BOOLEAN);
+
+global $is_logged_in;
+if (!$is_logged_in) {
+    echo "Please login first.";
+    redirect("index.php?page=login", 2);
+}
+
+$input_failure = false;
+
+if (!$form_place_price) {
+    echo "Prix invalide. <br>";
+    $input_failure = true;
+}
+
+if (!$form_nb_place) {
+    echo "Nombre de place(s) invalide. <br>";
+    $input_failure = true;
+}
+
+if (!$form_return_flight) {
+    echo "Vol retour invalide. <br>";
+    $input_failure = true;
+}
+
+if (!$input_failure && !empty($form_nb_place) && !empty($form_class_name)) {
+    global $connection;
+    $client_id = get_client_id($_SESSION['email']);
+    $nb_booked = nb_booked($client_id, $form_flight_id);
+    if (!empty($nb_booked)) {
+        echo "Vous avez de&#769;ja&#768; re&#769;serve&#769; ce vol, vous allez e&#770;tre redirige&#769; vers la liste de vos re&#769;servations dans 2 secondes. <br>";
+        redirect("index.php?page=reservations", 2);
+    }
+    $sql_pquery = "insert into RESERVATIONS (NumCl, NumVol, Classe, NbPlaces)
+                   values (?, ?, ?, ?)";
+    $connection->prepare_query($sql_pquery);
+    $connection->prepared_query_bind_param("issi", array($client_id, $form_flight_id, $form_class_name, $form_nb_place));
+    $connection->run_prepared_query();
+    $connection->close_prepared_query();
+    $sql_pquery = "select VilleD, DateD, VilleA, DateA from VOLS, DEFCLASSES
+                   where DEFCLASSES.NumVol = VOLS.NumVol and
+                   VOLS.NumVol = ? and Classe = ?";
+    $connection->prepare_query($sql_pquery);
+    $connection->prepared_query_bind_param("ss", array($form_flight_id, $form_class_name));
+    $connection->run_prepared_query();
+    $connection->get_pquery_result();
+    $rows = $connection->get_result_array();
+    $connection->close_prepared_query();
+    foreach ($rows as $row) {
+        echo "Vous avez re&#769;serve&#769; et paye&#769; " . $form_nb_place . " place(s) sur le vol " .$form_flight_id .
+             " au de&#769;part de " . $row['VilleD'].  " a&#768; " . $row['DateD'] . " arrivant a&#768; " . $row['VilleA'] . " a&#768; " . $row['DateA'] .
+             " pour un montant de " . $form_place_price * $form_nb_place . "&euro;. <br>";
+    }
+    if ($form_return_flight) {
+        redirect("index.php?page=search", 3);
+        $_SESSION['current_flight_id'] = $form_flight_id;
+        $_SESSION['return_flight'] = $form_return_flight;
+    } else {
+        redirect("index.php?page=reservations", 3);
+    }
+}
+
+?>