-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathreview.php
124 lines (106 loc) · 3.28 KB
/
review.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
<?php
session_start();
$_SESSION["group"] = get_session();
$_SESSION["log"] = get_login();
if (isset($_SESSION['userName'])) {
$root = $_SESSION['userName'];
if ($_SESSION['userName'] == 'User') {
include("header_op.php");
include("configCSS_adm.html");
} else if ($_SESSION['userName'] == 'Root') {
include("header_op.php");
include("configCSS_adm.html");
} else {
include("header.php");
include("configCSS.html");
}
} else {
include("header.php");
include("configCSS.html");
}
include("config.php");
function get_session()
{
if (isset($_SESSION['userName'])) {
return $_SESSION['userName'];
} else {
return '';
}
}
function get_login() {
if(isset($_SESSION['login'])) {
return $_SESSION['login'];
} else {
return '';
}
}
?>
<html>
<head>
<title>Noter</title>
</head>
<body>
<?php
$idget = ($_GET["id"]);
echo "<h2>Mettre un commentaire</h2><br>";
echo "<div class=formulaire2>";
echo "Vous êtes actuellement sur le produit n°" . $idget;
echo "<br><br>";
$connectaumax = $conn->query("SELECT * FROM product WHERE id = " . $idget);
while ($row = $connectaumax->fetch_assoc()) {
echo "<div style='display: flex;justify-content: center;'>";
echo (empty($row['image'])) ? '<img class="fit-picture"' . "src=assets/no_image.png" . ">" : '<img class="fit-picture"' . "src=" . $row['image'] . ">";
echo "<br><br>";
echo "Libellé: ";
echo $row['name'];
echo "<br>";
echo "Catégorie: ";
echo $row['description'];
echo "<br>";
echo "Prix TTC: ";
echo $row['price'] * 1.2;
echo "<br>";
echo "Prix sans TVA: ";
echo $row['price'];
echo "<br>";
}
echo "Moyenne des notes: ";
$sql2 = 'SELECT CAST(AVG(rating.rate) AS DECIMAL(5, 2)) as MOY FROM rating,product WHERE rating.idProduct =' . $idget;
$resultat = $conn->query($sql2);
while ($ligne = mysqli_fetch_array($resultat)) {
echo (empty($ligne['MOY'])) ? "0/5" : $ligne['MOY'] . "/5";
}
echo "</div>";
echo "<br><br>";
?>
<form action="" class="form-container" method="POST">
Note : <br>
<input style="width:500px;" type="number" step="0.5" min="0" max="5" name="note" placeholder="Veuillez entrez une note de 0 à 5" required> <br>
Commentaire : <br>
<textarea style="width:500px;" type="text" name="comment" placeholder="Veuillez entrez votre commentaire sur ce produit" required ></textarea> <br>
<input type="submit" name="review_submit" value="Envoyer">
</form>
<?php
if (!empty($_POST['note']) && (!empty($_POST['comment']))) {
$review_submit = ($_POST['review_submit']);
if ($review_submit) {
//get id of connected user
$sql7 = 'SELECT DISTINCT utilisateur.id as idUser FROM utilisateur WHERE utilisateur.username ="'.$_SESSION["log"].'"';
$review_query7 = mysqli_query($conn, $sql7);
$result = mysqli_fetch_assoc($review_query7);
$actualuserid = $result['idUser'];
$n = $_POST['note'];
$c = $_POST['comment'];
$i = $actualuserid;
$p = $idget;
$sql4 = 'INSERT INTO rating (rate, comm, idUser, idProduct) VALUES ('.$n.',"'.$c.'",'.$i.",".$p.')';
mysqli_query($conn, $sql4);
?>
<div class="alert2"><span class="closebtn" onclick="this.parentElement.style.display='none';">×</span>Requête executée avec succès !</div>
<?php
}
}
?>
</div>
</body>
</html>