Review adder completed, only for logged users
This commit is contained in:
parent
5151f338b5
commit
c13a3f62b3
@ -368,10 +368,55 @@ $productId = isset($_GET['id']) ? (int)$_GET['id'] : 0;
|
|||||||
</div>
|
</div>
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
<?php
|
||||||
|
// Prüfen, ob eine Bewertung abgeschickt wurde und der Nutzer eingeloggt ist
|
||||||
|
if (
|
||||||
|
$_SERVER['REQUEST_METHOD'] === 'POST' &&
|
||||||
|
isset($_POST['submit_review']) &&
|
||||||
|
isset($_SESSION['user_id'])
|
||||||
|
) {
|
||||||
|
// Daten aus dem Formular holen und absichern
|
||||||
|
$rating = (int)$_POST['rating'];
|
||||||
|
$comment = trim($_POST['comment']);
|
||||||
|
$userID = $_SESSION['user_id'];
|
||||||
|
|
||||||
|
// Kleine Validierung: Ist das Rating gültig und der Kommentar nicht leer?
|
||||||
|
if ($rating >= 1 && $rating <= 5 && !empty($comment)) {
|
||||||
|
|
||||||
|
// SQL-Statement vorbereiten (wie im Screenshot: userID, productID, rating, comment)
|
||||||
|
$stmtInsertRev = mysqli_prepare(
|
||||||
|
$conn,
|
||||||
|
"INSERT INTO reviews (userID, productID, rating, comment) VALUES (?, ?, ?, ?)"
|
||||||
|
);
|
||||||
|
|
||||||
|
if ($stmtInsertRev) {
|
||||||
|
// "iiis" steht für: Integer, Integer, Integer, String
|
||||||
|
mysqli_stmt_bind_param(
|
||||||
|
$stmtInsertRev,
|
||||||
|
"iiis",
|
||||||
|
$userID,
|
||||||
|
$productId,
|
||||||
|
$rating,
|
||||||
|
$comment
|
||||||
|
);
|
||||||
|
|
||||||
|
mysqli_stmt_execute($stmtInsertRev);
|
||||||
|
mysqli_stmt_close($stmtInsertRev);
|
||||||
|
|
||||||
|
// WICHTIG: Die Seite neu laden, damit das Formular bei einem Refresh (F5) nicht doppelt gesendet wird
|
||||||
|
header("Location: productpage.php?id=" . $productId);
|
||||||
|
exit; // Stoppt das Skript hier, da wir weiterleiten
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
?>
|
||||||
|
|
||||||
<div class="review-add">
|
<div class="review-add">
|
||||||
<h2 class="reviews-title">Füge deine Bewertung hinzu!</h2>
|
<h2 class="reviews-title">Füge deine Bewertung hinzu!</h2>
|
||||||
|
|
||||||
<div class="review-card">
|
<div class="review-card">
|
||||||
|
<?php if (isset($_SESSION['user_id'])): ?>
|
||||||
<form class="review-input-form" method="post" autocomplete="off">
|
<form class="review-input-form" method="post" autocomplete="off">
|
||||||
<input type="hidden" name="submit_review" value="1">
|
<input type="hidden" name="submit_review" value="1">
|
||||||
|
|
||||||
@ -397,14 +442,15 @@ $productId = isset($_GET['id']) ? (int)$_GET['id'] : 0;
|
|||||||
|
|
||||||
<input class="auth__submit" type="submit" value="Senden">
|
<input class="auth__submit" type="submit" value="Senden">
|
||||||
</form>
|
</form>
|
||||||
|
<?php else: ?>
|
||||||
|
<p style="color: #cbd5e1; margin-bottom: 1rem;" >Du musst eingeloggt sein, um eine Bewertung abzugeben.</p>
|
||||||
|
<a href="login.php">
|
||||||
|
<input class="auth__submit" type="button" value="Zum Einloggen">
|
||||||
|
</a>
|
||||||
|
<?php endif; ?>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
</div>
|
|
||||||
|
|
||||||
</div>
|
|
||||||
|
|
||||||
|
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
<?php include 'footer.php'; ?>
|
<?php include 'footer.php'; ?>
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user