-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathschedView.php
254 lines (194 loc) · 8.43 KB
/
schedView.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
<?php
// INCLUDE ON EVERY TOP-LEVEL PAGE!
include("includes/init.php");
$title = 'Schedule Viewer';
session_start();
$post_list = $_SESSION["post_list"];
$id = $_GET['id'];
if (isset($_GET['id'])){
$id = filter_input(INPUT_GET, 'id', FILTER_VALIDATE_INT);
//majors
$sql = "SELECT majors.major FROM majors INNER JOIN post_majors ON majors.id = post_majors.major_id WHERE post_majors.post_id = :post_id;";
$params = array(':post_id' => $id);
$post_majors = exec_sql_query($db, $sql, $params)->fetchAll();
//var_dump($post_majors);
//minors
$sql = "SELECT minors.minor FROM minors INNER JOIN post_minors ON minors.id = post_minors.minor_id WHERE post_minors.post_id = :post_id;";
$params = array(':post_id' => $id);
$post_minors = exec_sql_query($db, $sql, $params)->fetchAll();
//tracks
$sql = "SELECT tracks.track FROM tracks INNER JOIN post_tracks ON tracks.id = post_tracks.track_id WHERE post_tracks.post_id = :post_id;";
$params = array(':post_id' => $id);
$tracks = exec_sql_query($db, $sql, $params)->fetchAll();
//var_dump($tracks);
//term
$sql = "SELECT terms.term FROM posts INNER JOIN terms ON terms.id = posts.term_id WHERE posts.id = :post_id;";
$params = array(':post_id' => $id);
$term = exec_sql_query($db, $sql, $params)->fetchAll();
$term = $term[0];
//var_dump($term["term"]);
//year
$sql = "SELECT years.year FROM posts INNER JOIN years ON years.id = posts.year_id WHERE posts.id = :post_id;";
$params = array(':post_id' => $id);
$year = exec_sql_query($db, $sql, $params)->fetchAll();
$year = $year[0];
//var_dump($year["year"]);
//school
$sql = "SELECT schools.school FROM posts INNER JOIN schools ON schools.id = posts.school_id WHERE posts.id = :post_id;";
$params = array(':post_id' => $id);
$school = exec_sql_query($db, $sql, $params)->fetchAll();
$school = $school[0]["school"];
$school = $schools_dict[$school];
//description
$sql = "SELECT posts.a_description FROM posts WHERE posts.id = :post_id;";
$params = array(':post_id' => $id);
$a_description = exec_sql_query($db, $sql, $params)->fetchAll();
$a_description = $a_description[0]["a_description"];
//var_dump($a_description["a_description"]);
//Prints heading
//getting majors printable
$print_majors = "Major(s): ";
$major_count = 0;
foreach($post_majors as $major){
$major = ucwords($major["major"]);
if($major_count == 0){ //first major
$print_majors = $print_majors . $major;
}
else{
$print_majors = $print_majors . ", " . $major;
}
$major_count = $major_count + 1;
}
if(sizeof($post_minors) > 0){ //1+ minors recorded
//getting majors printable
$print_minors = "Minor(s): ";
$minor_count = 0;
foreach($post_minors as $minor){
$minor = ucwords($minor["minor"]);
if($minor_count == 0){ //first minor
$print_minors = $print_minors . $minor;
}
else{
$print_minors = $print_minors . ", " . $minor;
}
$minor_count = $minor_count + 1;
}
}
//making tracks printable
if(sizeof($tracks) > 0){
$print_tracks = "Track(s): ";
$track_count = 0;
foreach($tracks as $track){
$track = ucfirst($track["track"]);
if($track_count == 0){ //first track
$print_tracks = $print_tracks . $track;
}
else{
$print_tracks = $print_tracks . ", " . $track;
}
$track_count = $track_count + 1;
}
}
else{
$print_tracks = "";
}
//term printable
$term = str_replace("_", " ", $term["term"]);
$term = ucwords($term);
$print_term = "Term: " . $term;
//year printable
$year = ucfirst($year["year"]);
$print_year = "Year: " . $year;
//post_id printable
$print_post_id = "#" . htmlspecialchars($id);
//post heading
if(sizeof($tracks) > 0 and sizeof($post_minors) > 0){ //minors and tracks included
$heading = htmlspecialchars($print_term) . " ♦ " . htmlspecialchars($print_year) . " ♦ " . htmlspecialchars($print_majors) . " ♦ " . htmlspecialchars($print_minors) . " ♦ " . htmlspecialchars($print_tracks);
}
elseif (sizeof($tracks) <= 0 and sizeof($post_minors) > 0){ //minors not tracks included
$heading = htmlspecialchars($print_term) . " ♦ " . htmlspecialchars($print_year) . " ♦ " . htmlspecialchars($print_majors) . " ♦ " . htmlspecialchars($print_minors);
}
elseif (sizeof($tracks) > 0 and sizeof($post_minors) <= 0){ //tracks not minors included
$heading = htmlspecialchars($print_term) . " ♦ " . htmlspecialchars($print_year) . " ♦ " . htmlspecialchars($print_majors) . " ♦ " . htmlspecialchars($print_tracks);
}
else{ //tracks and minors NOT included
$heading = htmlspecialchars($print_term) . " ♦ " . htmlspecialchars($print_year) . " ♦ " . htmlspecialchars($print_majors);
}
$a_description_exists = True; //in case no description for post
if ($a_description == ""){
$a_description_exists = False;
}
//-------------COMMENTS------------
//Adding comments into db
if (isset($_POST["comment_button"])){
if (isset($_POST["comment_input"]) and $_POST["comment_input"] != "" and filter_input(INPUT_POST, 'comment_input', FILTER_SANITIZE_STRING) != ""){
$comment_inputIsValid = True;
$comment_input = filter_input(INPUT_POST, 'comment_input', FILTER_SANITIZE_STRING);
//add comment into db
$sql1 = "INSERT INTO comments (comment) VALUES (:comment);";
$params1 = array(':comment' => $comment_input);
$result1 = exec_sql_query($db, $sql1, $params1);
$newCommentId = $db->lastInsertId("id");
$sql2 = "INSERT INTO post_comments (post_id, comment_id) VALUES (:post_id, :comment_id);";
$params2 = array(
':post_id' => $id,
':comment_id' => $newCommentId
);
$result2 = exec_sql_query($db, $sql2, $params2);
}
}
//to display comments
$sql = "SELECT comments.comment FROM comments INNER JOIN post_comments ON comments.id = post_comments.comment_id WHERE post_comments.post_id = :post_id;";
$params = array(':post_id' => $id);
$post_comments = exec_sql_query($db, $sql, $params)->fetchAll();
//function to print comment divs
function print_comments($post_comments){
if (count($post_comments) > 0){ //there are comments to print
foreach($post_comments as $post_comment){
$comment = html_entity_decode($post_comment["comment"], ENT_QUOTES);
// var_dump($comment);
$comment = htmlspecialchars($comment, ENT_NOQUOTES);
// var_dump($comment);
echo("<div class='comment'><p>" . $comment . "</p></div>");
}
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<?php include("includes/head.php");?>
<body>
<?php include("includes/header.php");?>
<div id="entire_schedView">
<div id="search_results_schedView">
<div id="search_results_schedView_wrapper">
<h2>Search Results</h2>
<?php print_posts($post_list, $db) ?>
</div>
</div>
<div id="current_schedView">
<h2><?php echo $heading ?></h2>
<h3><?php echo htmlspecialchars($school)?></h3>
<h3 id="post_id_schedView"><?php echo htmlspecialchars($print_post_id) ?></h3>
<div id="current_img"><?php insert_img($id, $db) ?></div>
<?php if($a_description_exists){?>
<h3>Description</h3>
<p><?php echo htmlspecialchars($a_description)?></p>
<?php } ?>
<hr>
<div id="comments_div">
<h3 id="comments">Comments</h3>
<form id="comment_form" action="<?php echo 'schedView.php?' . http_build_query( array( "id" => $id ) ); ?>" method="post">
<textarea rows="4" cols="50" name="comment_input" id="comment_input" placeholder="Add a comment here..." required></textarea>
<button name="comment_button" type="submit">Comment</button>
</form>
<!-- TO DO: Display all comments -->
<?php print_comments($post_comments) ?>
</div>
<a href="index.php">Return to All Results</a>
</div>
</div>
<?php include("includes/footer.php");?>
</body>
</html>