139 lines
6.2 KiB
PHP
139 lines
6.2 KiB
PHP
<?php
|
|
/**
|
|
* @file offerAdder.php
|
|
* @brief Angebot hinzufügen
|
|
*/
|
|
|
|
require_once __DIR__ . '/lib/bootstrap.php';
|
|
|
|
// Only ADMIN
|
|
if (empty($_SESSION['user_id']) || empty($_SESSION['user_roles']) || !in_array('ADMIN', $_SESSION['user_roles'], true)) {
|
|
http_response_code(403);
|
|
include 'header.php';
|
|
echo '<main class="auth"><section class="auth__grid"><div class="auth__card">';
|
|
echo '<h2 class="auth__title">Zugriff verweigert</h2>';
|
|
echo '<p>Du hast keine Berechtigung, Angebote hinzuzufügen.</p>';
|
|
echo '</div></section></main>';
|
|
include 'footer.php';
|
|
exit;
|
|
}
|
|
|
|
$conn = db_connect();
|
|
$message = '';
|
|
$messageType = '';
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'add_offer') {
|
|
$productID = (int)$_POST['product_id'];
|
|
$shopID = (int)$_POST['shop_id'];
|
|
$price = (float)$_POST['price'];
|
|
$shippingCost = isset($_POST['shipping_cost']) && $_POST['shipping_cost'] !== '' ? (float)$_POST['shipping_cost'] : 0.00;
|
|
$inStock = isset($_POST['in_stock']) ? 1 : 0;
|
|
$offerURL = trim($_POST['offer_url']);
|
|
|
|
if ($productID > 0 && $shopID > 0 && $price >= 0) {
|
|
$stmt = $conn->prepare("INSERT INTO offers (productID, shopID, price, shippingCost, inStock, offerURL) VALUES (?, ?, ?, ?, ?, ?)");
|
|
$stmt->bind_param("iiddis", $productID, $shopID, $price, $shippingCost, $inStock, $offerURL);
|
|
if ($stmt->execute()) {
|
|
$message = 'Angebot erfolgreich hinzugefügt!';
|
|
$messageType = 'success';
|
|
} else {
|
|
$message = 'Fehler beim Hinzufügen des Angebots.';
|
|
$messageType = 'error';
|
|
}
|
|
$stmt->close();
|
|
} else {
|
|
$message = 'Bitte alle Pflichtfelder korrekt ausfüllen.';
|
|
$messageType = 'error';
|
|
}
|
|
}
|
|
|
|
// Get all products for dropdown
|
|
$productsResult = $conn->query("SELECT productID, model FROM products ORDER BY model ASC");
|
|
$products = [];
|
|
if ($productsResult) {
|
|
while ($row = $productsResult->fetch_assoc()) {
|
|
$products[] = $row;
|
|
}
|
|
}
|
|
|
|
// Get all shops for dropdown
|
|
$shopsResult = $conn->query("SELECT shopID, name FROM shops ORDER BY name ASC");
|
|
$shops = [];
|
|
if ($shopsResult) {
|
|
while ($row = $shopsResult->fetch_assoc()) {
|
|
$shops[] = $row;
|
|
}
|
|
}
|
|
|
|
include 'header.php';
|
|
?>
|
|
<main class="auth">
|
|
<section class="auth__grid" style="grid-template-columns: 1fr;">
|
|
<div class="auth__card">
|
|
<header class="auth__header">
|
|
<h2 class="auth__title">Angebot hinzufügen</h2>
|
|
</header>
|
|
|
|
<?php if ($message): ?>
|
|
<p class="<?php echo $messageType === 'success' ? 'auth__alert__sucess' : 'auth__alert__error'; ?>" style="margin-bottom: 1rem;">
|
|
<?php echo htmlspecialchars($message); ?>
|
|
</p>
|
|
<?php endif; ?>
|
|
|
|
<form method="POST" action="offerAdder.php" class="auth__form">
|
|
<input type="hidden" name="action" value="add_offer">
|
|
|
|
<div class="auth__select__wrap">
|
|
<label class="auth__select__label" for="product_id">Produkt auswählen *</label>
|
|
<select id="product_id" name="product_id" class="auth__select" required>
|
|
<option value="">-- Bitte wählen --</option>
|
|
<?php foreach ($products as $product): ?>
|
|
<option value="<?php echo htmlspecialchars($product['productID']); ?>" <?php echo (isset($_GET['productID']) && $_GET['productID'] == $product['productID']) ? 'selected' : ''; ?>>
|
|
<?php echo htmlspecialchars($product['model']); ?>
|
|
</option>
|
|
<?php endforeach; ?>
|
|
</select>
|
|
</div>
|
|
|
|
<div class="auth__select__wrap" style="margin-top: 1rem;">
|
|
<label class="auth__select__label" for="shop_id">Shop auswählen *</label>
|
|
<select id="shop_id" name="shop_id" class="auth__select" required>
|
|
<option value="">-- Bitte wählen --</option>
|
|
<?php foreach ($shops as $shop): ?>
|
|
<option value="<?php echo htmlspecialchars($shop['shopID']); ?>">
|
|
<?php echo htmlspecialchars($shop['name']); ?>
|
|
</option>
|
|
<?php endforeach; ?>
|
|
</select>
|
|
</div>
|
|
|
|
<div style="display: flex; gap: 1rem; margin-top: 1rem;">
|
|
<div style="flex: 1;">
|
|
<label for="price" style="display: block; margin-bottom: 0.5rem; font-weight: 500; color: var(--text-muted);">Preis (€) *</label>
|
|
<input type="number" id="price" name="price" class="auth__input" step="0.01" min="0" required>
|
|
</div>
|
|
<div style="flex: 1;">
|
|
<label for="shipping_cost" style="display: block; margin-bottom: 0.5rem; font-weight: 500; color: var(--text-muted);">Versandkosten (€)</label>
|
|
<input type="number" id="shipping_cost" name="shipping_cost" class="auth__input" step="0.01" min="0" value="0.00">
|
|
</div>
|
|
</div>
|
|
|
|
<div style="margin-top: 1rem; display: flex; align-items: center; gap: 0.5rem;">
|
|
<input type="checkbox" id="in_stock" name="in_stock" value="1" checked style="width: 18px; height: 18px; accent-color: var(--primary-color);">
|
|
<label for="in_stock" style="font-weight: 500; color: var(--text-muted); cursor: pointer;">Auf Lager</label>
|
|
</div>
|
|
|
|
<div style="margin-top: 1rem;">
|
|
<label for="offer_url" style="display: block; margin-bottom: 0.5rem; font-weight: 500; color: var(--text-muted);">Angebots-URL</label>
|
|
<input type="url" id="offer_url" name="offer_url" class="auth__input" placeholder="https://">
|
|
</div>
|
|
|
|
<div class="auth__actions" style="margin-top: 1.5rem;">
|
|
<button type="submit" class="auth__submit">Angebot hinzufügen</button>
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</section>
|
|
</main>
|
|
<?php include 'footer.php'; ?>
|