Refactor offerAdder to use mysqli for database connections and queries

2026-04-06 21:04:46 +02:00 · 2026-04-06 21:04:46 +02:00 · fe4aee5c25
commit fe4aee5c25
parent 3de11faaac
1 changed files with 19 additions and 7 deletions
--- a/offerAdder.php
+++ b/offerAdder.php
@ -18,7 +18,7 @@ if (empty($_SESSION['user_id']) || empty($_SESSION['user_roles']) || !in_array('
    exit;
 }

-$db = db_get_connection();
+$conn = db_connect();
 $message = '';
 $messageType = '';

@ -31,14 +31,16 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['
    $offerURL = trim($_POST['offer_url']);

    if ($productID > 0 && $shopID > 0 && $price >= 0) {
-        $stmt = $db->prepare("INSERT INTO offers (productID, shopID, price, shippingCost, inStock, offerURL) VALUES (?, ?, ?, ?, ?, ?)");
-        if ($stmt->execute([$productID, $shopID, $price, $shippingCost, $inStock, $offerURL])) {
+        $stmt = $conn->prepare("INSERT INTO offers (productID, shopID, price, shippingCost, inStock, offerURL) VALUES (?, ?, ?, ?, ?, ?)");
+        $stmt->bind_param("iiddiss", $productID, $shopID, $price, $shippingCost, $inStock, $offerURL);
+        if ($stmt->execute()) {
            $message = 'Angebot erfolgreich hinzugefügt!';
            $messageType = 'success';
        } else {
            $message = 'Fehler beim Hinzufügen des Angebots.';
            $messageType = 'error';
        }
+        $stmt->close();
    } else {
        $message = 'Bitte alle Pflichtfelder korrekt ausfüllen.';
        $messageType = 'error';
@ -46,12 +48,22 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['
 }

 // Get all products for dropdown
-$productsStmt = $db->query("SELECT productID, model FROM products ORDER BY model ASC");
-$products = $productsStmt->fetchAll(PDO::FETCH_ASSOC);
+$productsResult = $conn->query("SELECT productID, model FROM products ORDER BY model ASC");
+$products = [];
+if ($productsResult) {
+    while ($row = $productsResult->fetch_assoc()) {
+        $products[] = $row;
+    }
+}

 // Get all shops for dropdown
-$shopsStmt = $db->query("SELECT shopID, name FROM shops ORDER BY name ASC");
-$shops = $shopsStmt->fetchAll(PDO::FETCH_ASSOC);
+$shopsResult = $conn->query("SELECT shopID, name FROM shops ORDER BY name ASC");
+$shops = [];
+if ($shopsResult) {
+    while ($row = $shopsResult->fetch_assoc()) {
+        $shops[] = $row;
+    }
+}

 include 'header.php';
 ?>