-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathindex.php
353 lines (327 loc) · 19 KB
/
index.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
<?php
session_start();
include("config.php");
include("functions.php");
if(isset($_COOKIE["login_user"]))
{
$_SESSION['login_user'] = $_COOKIE["login_user"];
}
if(isset($_SESSION['login_user']))
{
$userID = $_SESSION['login_user'];
$user_details = getUserDetails($userID);
$name = $user_details["name"];
}
if(isset($_POST["buySelect"]) && $_SERVER["REQUEST_METHOD"] == "POST")
{
header("location: buy.php?college=". $_POST['buySelect']);
}
////////////////////////////////////
// publish ad
////////////////////////////////////
if(isset($_POST["postAd"]) && $_SERVER["REQUEST_METHOD"] == "POST")
{
if(!isset($userID))
{
$name = filter_input(INPUT_POST, "name", FILTER_SANITIZE_STRING);
$email = filter_input(INPUT_POST, "email", FILTER_SANITIZE_EMAIL);
$phone = filter_input(INPUT_POST, "phone", FILTER_SANITIZE_NUMBER_INT);
if(!filter_var($_POST["email"], FILTER_VALIDATE_EMAIL) || !preg_match("/^[a-zA-Z ]*$/", $_POST["name"]) || strlen($_POST["phone"]) < 10)
{
$success = 0;
$alert = "Oops, Your email, name or phone was not correct. Please fill in correct details.";
goto endPublish;
}
}
$title = filter_input(INPUT_POST, "title", FILTER_SANITIZE_STRING);
$description = filter_input(INPUT_POST, "description", FILTER_SANITIZE_STRING);
$price = filter_input(INPUT_POST, "price", FILTER_SANITIZE_NUMBER_INT);
$college_id = $_POST["sellSelect"];
//check is user already exists
$query = "SELECT id FROM admin WHERE email='$email'";
$result = mysqli_query($connection, $query);
if(mysqli_num_rows($result) != 0)
{
$success = 1;
$alert = "Oo, User account already exists. Please use another email.";
}else
{
if(is_uploaded_file($_FILES['product_image']['tmp_name']))
{
mt_srand(make_seed());
$randval = mt_rand();
$imgFile = $_FILES['product_image']['name'];
$tmp_dir = $_FILES['product_image']['tmp_name'];
$imgSize = $_FILES['product_image']['size'];
$upload_dir = 'product_images/';
$imgExt = strtolower(pathinfo($imgFile,PATHINFO_EXTENSION));
$userpic = $randval.".".$imgExt;
move_uploaded_file($tmp_dir,$upload_dir.$userpic);
if(!isset($userID))
{
$hash = md5(rand(0,1000));
$password = rand(10000,50000);
$enc_password = md5($password);
$query = "INSERT INTO admin (name, password, email, hash, college_id) VALUES('$name', '$enc_password', '$email', '$hash', $college_id)";
$result = mysqli_query($connection, $query);
$userID = $connection->insert_id;
//////////////////////////////
//send verification mail
/////////////////////////////
$to = $email; // Send email to our user
$subject = 'Signup | Verification'; // Give the email a subject
$message = "<h2>Thanks for signing up!</h2>
<p>Your account has been created. You can login with the following credentials after you have activated your account by pressing the url below.</p>
------------------------<br>
Username: $name<br>
Password: $password<br>
------------------------<br>
<p>Please click this link to activate your account:<a href='verify.php?email=$email&hash=$hash'>Click Me to verify</a> </p>";
sendMail($to, $message, $subject);
$success = 1;
$alert = "You accounted has been created. Please verify your account from your email. Your Ad will be live once verified from our end. Thank you.";
}
$query = "INSERT INTO products(price, title, description, date_of_posting, college_id, person_id, image_name) VALUES($price, '$title', '$description', NOW(), $college_id, $userID, '$userpic')";
$result = mysqli_query($connection, $query);
if(isset($userID))
{
$success = 1;
$alert = "Your Ad will be live once verified from our end. Thank you.";
}
}
}
}
endPublish:
?>
<!DOCTYPE HTML>
<html>
<head>
<title><?php echo $pageTitle; ?></title>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="">
<meta name="author" content="">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.5/css/bootstrap.min.css" integrity="sha384-AysaV+vQoT3kOAXZkl02PThvDr8HYKPZhNT5h/CXfBThSRXQ6jW5DO2ekP5ViFdi" crossorigin="anonymous">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js"></script>
<link href='http://fonts.googleapis.com/css?family=Titillium+Web:400,300,600' rel='stylesheet' type='text/css'>
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/normalize.min.css">
<style type="text/css">
.jumbotron{
padding-top: 10px;
padding-bottom: 10px;
background: inherit !important;
}
</style>
<script type="text/javascript">
function update() {
var len = document.getElementById("description").value.length;
document.getElementById("showLength").innerHTML = 200 - len;
}
<?php
if(isset($success))
{
echo "$(document).ready(function(){"."$('#alert').modal();});";
}
?>
function checkPhone()
{
var phoneNo = document.getElementById("phone").value;
var phoneMatch = /^\d{10}$/;
if(!phoneNo.match(phoneMatch))
{
document.getElementById("postAdver").disabled = true;
$('#phone').popover('show');
setTimeout(function(){$('#phone').popover('hide');}, 2000)
}else
{
document.getElementById("postAdver").disabled = false;
$('#phone').popover('hide');
}
}
function checkEmail()
{
var email = document.getElementById("email").value;
var mailformat = /^\w+([\.-]?\w+)*@\w+([\.-]?\w+)*(\.\w{2,3})+$/;
if(!email.match(mailformat))
{
document.getElementById("postAdver").disabled = true;
$('#email').popover('show');
setTimeout(function(){$('#email').popover('hide');}, 2000)
}else
{
document.getElementById("postAdver").disabled = false;
$('#email').popover('hide');
}
}
function checkDesc()
{
var email = document.getElementById("description").value;
if(email.length < 100)
{
document.getElementById("postAdver").disabled = true;
$('#description').popover('show');
setTimeout(function(){$('#description').popover('hide');}, 2000)
}else
{
document.getElementById("postAdver").disabled = false;
$('#description').popover('hide');
}
}
</script>
</head>
<body class="body" style="background: #f9f9f9">
<!-- header for page -->
<?php require 'header.php';?>
<!-- end of header -->
<div class="container">
<div class="row">
<div class="col-md-5 col-xs-12">
<div class="row text-xs-center">
<p class="text-justify text-primary" style="font-size: 120%; padding: 10px;">We help you sell your college stuff in your college itself. Why go anywhere when you have hundreds of students to buy and sell from!</p>
</div>
<div class="row">
<div class="col-xs-12 text-xs-center">
<img src="img/front_index.png" class="img-fluid">
</div>
</div>
<div class="col-xs-12">
<div class="card mt-1" style="box-shadow: gray -4px 4px 4px">
<div class="card-header bg-success"><span class="text-white">Buy Now</span></div>
<div class="card-block">
<div class="card-text">
<form method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>">
<div class="form-group">
<label for="buySelect">Select College</label>
<div class="input-group">
<select class="form-control" id="buySelect" name="buySelect">
<?php
printCollegeList();
?>
</select>
<span class="input-group-btn">
<input class="btn btn-secondary" type="submit" name="collegeSelected" value="Go!">
</span>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
<div class="col-md-6 col-xs-12 offset-md-1">
<div class="card" style="box-shadow: gray 4px 4px 4px">
<div class="card-header bg-primary">
<span class="text-white">Post an ad in seconds. For Free.</span>
</div>
<div class="card-block">
<div class="card-text">
<form method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>" enctype="multipart/form-data">
<div class="row">
<div class="col-xs-6">
<div class="form-group">
<label for="name" class="sr-only">Name</label>
<input type="text" name="name" id="name" class="form-control" placeholder="Name" required <?php if(isset($userID)) echo "disabled"; ?> value="<?php echo $user_details['name']; ?>">
</div>
</div>
<div class="col-xs-6">
<div class="form-group">
<label for="name" class="sr-only">Phone</label>
<input type="number" name="phone" id="phone" class="form-control" placeholder="Phone" required <?php if(isset($userID)) echo "disabled";?> value="<?php echo $user_details['phone']; ?>" onblur="checkPhone();" data-toggle="popover" data-trigger="manual" title="Error" data-content="Please enter a valid phone number, without any prefixes or service codes." data-placement="top" tabindex="0">
</div>
<br>
</div>
</div>
<div class="form-group">
<label for="email" class="sr-only">Email</label>
<input type="email" name="email" id="email" class="form-control" placeholder="Email" required <?php if(isset($userID)) echo "disabled";?> value="<?php echo $user_details['email']; ?>" onblur="checkEmail();" data-toggle="popover" data-trigger="manual" title="Error" data-content="Please enter a valid email id." data-placement="top" tabindex="0">
</div>
<?php if(isset($userID)) echo "<small>You cannot change these details. Please visit profile to change them.</small>"; ?>
<hr>
<span>Now please enter your Ad details.</span><br>
<div class="row">
<div class="col-xs-8">
<div class="form-group">
<label for="title" class="sr-only">Title</label>
<input type="text" name="title" id="title" class="form-control" placeholder="Title" required>
</div>
</div>
<div class="col-xs-4">
<div class="form-group">
<label for="price" class="sr-only">Price</label>
<input type="number" name="price" id="price" class="form-control" placeholder="Price" required>
</div>
</div>
</div>
<div class="form-group">
<label for="description" class="sr-only">Description</label>
<textarea class="form-control" name="description" id="description" required rows="2" placeholder="Ad Description" onkeyup="update();" maxlength="200" onblur="checkDesc();" data-toggle="popover" data-trigger="manual" title="Error" data-content="Enter a good description please, with minimum char-length of 100." data-placement="top" tabindex="0"></textarea>
<small class="form-text text-muted">Please enter a brief description of your product. (Chars left: <span id="showLength" class="text-success">200</span>)</small>
</div>
<div class="form-group">
<label for="product_image">Product image:</label>
<input type="file" class="form-control-file" id="product_image" aria-describedby="fileHelp" name="product_image" required>
<small id="fileHelp" class="form-text text-muted">Please upload a good quality image of your product.</small>
</div>
<div class="form-group">
<label for="sellSelect" class="sr-only">Select College</label>
<div class="input-group">
<select class="form-control" id="sellSelect" name="sellSelect">
<?php
printCollegeList();
?>
</select>
</div>
</div>
<div class="form-group float-xs-right">
<input type="submit" class="btn" name="postAd" value="Post Ad" id="postAdver">
</div>
</form>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="container marketing mt-3 text-xs-center">
<div class="row" style="margin-bottom : 50px;">
<div class="col-lg-4">
<img class="img-circle img-responsive" src="img/post-an-ad.png" alt="Generic placeholder image" width="140" height="140" style="margin-bottom: 20px;">
<h2>Post an Ad</h2>
<p class="text-justify">Wanna sell your college stuff? Fill out the form above, even without signing up and get your old stuff online.</p>
</div><!-- /.col-lg-4 -->
<div class="col-lg-4">
<img class="img-circle img-responsive" src="img/handshake.png" alt="Generic placeholder image" width="140" height="140" style="margin-bottom: 20px;">
<h2>Fix a Deal</h2>
<p class="text-justify">Students come here and check if they can find any useful material at resonable price. If they like they contact you for further enquiries.</p>
</div><!-- /.col-lg-4 -->
<div class="col-lg-4">
<img class="img-circle img-responsive" src="img/sell.png" alt="Generic placeholder image" width="140" height="140" style="margin-bottom: 20px;">
<h2>Sell</h2>
<p class="text-justify">Fix the deal, and Voila! your stuff is sold online in seconds. Could not get better than this. Post new ads to sell more.</p>
</div>
</div><!-- /.row -->
</div>
<!--page footer-->
<?php require 'footer.php'; ?>
<!--/ end of page footer-->
<div class="modal fade" id="alert" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
<h6 class="modal-title" id="myModalLabel"><?php echo $alert;?></h6>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-dismiss="modal">Close</button>
</div>
</div>
</div>
</div>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js" integrity="sha384-3ceskX3iaEnIogmQchP8opvBy3Mi7Ce34nWjpBIwVTHfGYWQS9jwHDVRnpKKHJg7" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/tether/1.3.7/js/tether.min.js" integrity="sha384-XTs3FgkjiBgo8qjEjBk0tGmf3wPrWtA6coPfQDfFEY8AnYJwjalXCiosYRBIBZX8" crossorigin="anonymous"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-alpha.5/js/bootstrap.min.js" integrity="sha384-BLiI7JTZm+JWlgKa0M0kGRpJbF2J8q+qreVrKBC47e3K6BW78kGLrCkeRX6I9RoK" crossorigin="anonymous"></script>
</body>
</html>