From 1f6cca7d69daa88f00d3b9f873b2fb10ce021e70 Mon Sep 17 00:00:00 2001
From: gvalgerist <gvalgerist@users.noreply.github.com>
Date: Mon, 19 Jun 2017 03:36:45 +0300
Subject: [PATCH] Add files via upload

---
 edit.php      |  55 ++++++++++
 functions.php | 280 ++++++++++++++++++++++++++++++++++++++++++++++++++
 loginpb.php   | 160 +++++++++++++++++++++++++++++
 movies.php    | 132 ++++++++++++++++++++++++
 4 files changed, 627 insertions(+)
 create mode 100644 edit.php
 create mode 100644 functions.php
 create mode 100644 loginpb.php
 create mode 100644 movies.php

diff --git a/edit.php b/edit.php
new file mode 100644
index 0000000..2c05a5d
--- /dev/null
+++ b/edit.php
@@ -0,0 +1,55 @@
+<?php
+	
+	require("../../config.php");
+	require("functions.php");
+	
+	
+	
+
+	
+
+	if(isset($_POST["update"])){
+		
+		updatecontact($_POST["nimi"], $_POST["staatus"], $_POST["kuup"], $_POST["uusnimi"], $_POST["reiting"] );
+		
+	
+		
+		header("Location:movies.php");
+        exit();	
+		
+	}
+	
+	if(isset($_POST["delete"])){
+		
+		deletecontact($_POST["nimi"]);
+		
+		header("Location:movies.php");
+        exit();	
+		
+	}
+	
+	
+	$c = getSingleContactData($_GET["nimi"]);
+	
+	
+?>
+
+<br><br>
+<a href="movies.php"> tagasi </a>
+
+<h2>Muuda kirjet</h2>
+  <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>" method="post" >
+	<label for="reiting" >Reiting</label><br>
+	<input id="reiting" type="integer" name="reiting"  ><br><br>
+  	<label for="nimi" >Filmi nimi</label><br>
+	<input type="hidden" name="nimi" value="<?=$_GET["nimi"];?>" >
+	<input id="nimi" name="uusnimi" type="text" value="<?php echo $c->nimi;?>" ><br><br>
+  	<label for="staatus" >Staatus</label><br>
+	<input id="staatus" name="staatus" type="text" value="<?=$c->staatus;?>"><br><br>
+	<label for="kuup" >Kuupaev</label><br>
+	<input id="kuup" name="kuup" type="text" value="<?=$c->kuup;?>"><br><br>
+  	
+	<input type="submit" name="update" value="Salvesta">
+	<br><br><br>
+	<input type="submit" name="delete" value="Kustuta Film">
+  </form>
diff --git a/functions.php b/functions.php
new file mode 100644
index 0000000..0b78629
--- /dev/null
+++ b/functions.php
@@ -0,0 +1,280 @@
+<?php
+
+	session_start();
+	
+	
+	function signUp ($email, $password) {
+		
+		$database = "if16_georg";
+		$mysqli = new mysqli($GLOBALS["serverHost"], $GLOBALS["serverUsername"], $GLOBALS["serverPassword"], $database);
+		
+		$stmt = $mysqli->prepare("INSERT INTO eksam(email, password) VALUES(?, ?)");
+	
+		echo $mysqli->error;
+		
+		$stmt->bind_param("ss", $email, $password);
+		
+		if($stmt->execute()) {
+			
+			echo "salvestamine onnestus";
+			
+		} else {
+			
+			echo "ERROR".$stmt->error;
+		}
+		
+		$stmt->close();
+		$mysqli->close();
+		
+	}
+
+	function login($email, $password) {
+		
+		$error="";
+		
+		$database = "if16_georg";
+		$mysqli = new mysqli($GLOBALS["serverHost"], $GLOBALS["serverUsername"], $GLOBALS["serverPassword"], $database);
+		
+		$stmt = $mysqli->prepare("SELECT id, email, password FROM eksam WHERE email=?");
+	
+		echo $mysqli->error;
+		
+		$stmt->bind_param("s", $email);
+		
+		$stmt->bind_result($id, $emailFromDb,$passwordFromDb);
+		
+		$stmt->execute();
+		
+		if($stmt->fetch()){
+			
+			$hash=hash("sha512", $password);
+			if($hash==$passwordFromDb){
+				
+				echo"Kasutaja logis sisse ".$id;
+				
+				$_SESSION["userId"]=$id;
+				$_SESSION["userEmail"]=$emailFromDb;
+				
+				header("Location: movies.php");
+				
+			}else {
+				$error="vale parool";
+			}
+			
+		}else{
+			
+			$error="ei ole sellist emaili";
+			
+		}
+		
+		return $error;
+	
+	}
+
+	function savecontact ($nimi, $staatus, $kuup, $user) {
+		
+		$database = "if16_georg";
+		$mysqli = new mysqli($GLOBALS["serverHost"], $GLOBALS["serverUsername"], $GLOBALS["serverPassword"], $database);
+		
+		$stmt = $mysqli->prepare("INSERT INTO filmid(nimi, staatus, kuup, kasutaja) VALUES(?, ?, ?, ?)");
+	
+		echo $mysqli->error;
+		
+		$stmt->bind_param("ssss", $nimi, $staatus, $kuup, $user);
+		
+		if($stmt->execute()) {
+			
+			echo "salvestamine onnestus";
+			
+		} else {
+			
+			echo "ERROR".$stmt->error;
+		}
+		
+		$stmt->close();
+		$mysqli->close();
+		
+	}
+
+	function getallcontacts($user, $q, $sort, $direction) {
+		
+		$allowedSortOptions=["nimi","staatus","kuup","reiting"];
+		if(!in_array($sort, $allowedSortOptions)){
+			$sort = "nimi";
+		}
+	
+		
+		$orderBy="ASC";
+		if($direction == "descending"){
+			$orderBy="DESC";
+		}
+		
+		
+		
+		$database = "if16_georg";
+		$mysqli = new mysqli($GLOBALS["serverHost"], $GLOBALS["serverUsername"], $GLOBALS["serverPassword"], $database);
+		
+		if($q==""){
+			
+			$stmt=$mysqli->prepare("
+			SELECT nimi, staatus, kuup, reiting
+			FROM filmid
+			WHERE kasutaja = ?
+			ORDER BY $sort $orderBy
+		");
+		
+		$stmt->bind_param("s", $user);
+		
+		} else {
+			
+			$searchword="%".$q."%";
+			$stmt=$mysqli->prepare("
+			SELECT nimi, staatus, kuup, reiting
+			FROM filmid
+			WHERE kasutaja = ? AND (nimi LIKE ? OR staatus LIKE ? OR kuup LIKE ? OR reiting LIKE ?)
+			ORDER BY $sort $orderBy
+		");
+		
+		$stmt->bind_param("sssss", $user, $searchword, $searchword, $searchword, $searchword);
+		
+		}
+		
+	
+		$stmt->bind_result($nimi, $staatus, $kuup, $reiting);
+		$stmt->execute();
+		
+		$result=array();
+		
+		while($stmt->fetch()) {
+			
+			$contact= new stdclass();
+			
+			$contact->nimi=$nimi;
+			$contact->staatus=$staatus;
+			$contact->kuup=$kuup;
+			$contact->reiting=$reiting;
+		
+			
+			array_push($result, $contact);
+		}
+		
+		$stmt->close();
+		$mysqli->close();
+		
+		return $result;
+	}
+
+	function getSingleContactData($nimi){
+    
+        $database = "if16_georg";
+		
+		
+		$mysqli = new mysqli($GLOBALS["serverHost"], $GLOBALS["serverUsername"], $GLOBALS["serverPassword"], $database);
+		
+		$stmt = $mysqli->prepare("SELECT staatus, kuup, reiting FROM filmid WHERE nimi=?");
+		$stmt->bind_param("s", $nimi);
+		$stmt->bind_result($staatus, $kuup, $reiting);
+		$stmt->execute();
+		
+		
+		$contact = new Stdclass();
+		
+		
+		if($stmt->fetch()){
+			
+			$contact->nimi = $nimi;
+			$contact->staatus = $staatus;
+			$contact->kuup = $kuup;
+			$contact->reiting = $reiting;
+			
+			
+		}else{
+		
+			header("Location: functions.php");
+			exit();
+		}
+		
+		$stmt->close();
+		$mysqli->close();
+		
+		return $contact;
+		
+	}
+	function updatecontact($nimi, $staatus, $kuup, $uusnimi, $reiting){
+    	
+        $database = "if16_georg";
+		
+		$mysqli = new mysqli($GLOBALS["serverHost"], $GLOBALS["serverUsername"], $GLOBALS["serverPassword"], $database);
+		
+		$stmt = $mysqli->prepare("UPDATE filmid SET nimi=?, staatus=?, kuup=?, reiting=? WHERE nimi=?");
+		$stmt->bind_param("sssss",$uusnimi, $staatus, $kuup, $reiting, $nimi);
+		
+		// kas õnnestus salvestada
+		if($stmt->execute()){
+			
+			echo "salvestus õnnestus!";
+		}
+		
+		$stmt->close();
+		$mysqli->close();
+		
+	}
+	
+	function deletecontact($nimi){
+    	
+        $database = "if16_georg";
+		
+		$mysqli = new mysqli($GLOBALS["serverHost"], $GLOBALS["serverUsername"], $GLOBALS["serverPassword"], $database);
+		
+		$stmt = $mysqli->prepare("DELETE FROM filmid WHERE nimi=?");
+		$stmt->bind_param("s", $nimi);
+		
+		
+		if($stmt->execute()){
+			
+		}
+		
+		$stmt->close();
+		$mysqli->close();
+		
+	}
+
+
+
+	function getStaatus($user) {
+		
+		$database = "if16_georg";
+		$mysqli = new mysqli($GLOBALS["serverHost"], $GLOBALS["serverUsername"], $GLOBALS["serverPassword"], $database);
+		
+			
+		$stmt=$mysqli->prepare(" SELECT COUNT(staatus) FROM filmid WHERE kasutaja = ? AND (staatus LIKE 'vaadatud'); ");
+		
+		$stmt->bind_param("s", $user);
+		
+	
+		$stmt->bind_result($vaadatud);
+		$stmt->execute();
+		
+		if($stmt->execute()){
+			echo "korras";
+			echo $vaadatud;
+		}
+		
+
+		$stmt->close();
+		$mysqli->close();
+		
+		
+		
+	}
+
+
+
+
+
+
+
+
+
+
+?>
\ No newline at end of file
diff --git a/loginpb.php b/loginpb.php
new file mode 100644
index 0000000..2f48209
--- /dev/null
+++ b/loginpb.php
@@ -0,0 +1,160 @@
+<?php
+
+	require("../../config.php");
+	require("functions.php");
+	
+	
+	
+	if(isset($_SESSION["userId"])){
+		
+		header("Location: movies.php");
+		exit();
+		
+	}
+	
+	$signinemail= "";
+	$signinEmailError= "";
+	$signinPasswordError= "";
+	
+	$signupemail = "";
+	$signupEmailError= "";
+	$signupPasswordError= "";
+	$reenterpasswordError= "";
+	
+	
+	
+	if(isset($_POST["signupemail"])){
+		
+		if(empty($_POST["signupemail"])){
+			
+			$signupEmailError= "See vali on kohustuslik";
+			
+		}else{
+			
+			$signupemail = $_POST["signupemail"];
+			
+		}
+		
+		
+	}
+	
+	if(isset($_POST["signuppassword"])){
+		
+		if(empty($_POST["signuppassword"])){
+			
+			$signupPasswordError= "See vali on kohustuslik";
+			
+		} else {
+			
+			if( strlen($_POST["signuppassword"]) <8 ){
+			
+				$signupPasswordError = "Parool peab olema vahemalt 8 tahemarki pikk";
+				
+			}
+		}
+	}
+	
+	if(isset($_POST["reenterpassword"])){
+		
+		if($_POST["reenterpassword"] == $_POST["signuppassword"]){
+			
+			$reenterpasswordError= "";
+			
+		} else {
+			
+			$reenterpasswordError= "Parool ei olnud sama";
+			
+		}
+	}
+	
+
+	
+	
+	if(isset($_POST["signupemail"]) &&
+		isset($_POST["signuppassword"]) &&
+		$signupEmailError=="" &&
+		$signupPasswordError==""
+		) {
+		
+		
+		
+		$password = hash("sha512", $_POST["signuppassword"]);
+		
+		
+		signUp($signupemail, $password);
+		
+	}
+	
+	$error="";
+	if(isset($_POST["loginemail"]) && isset($_POST["loginpassword"]) &&
+		!empty($_POST["loginemail"]) && !empty($_POST["loginpassword"])
+		) {
+		
+		login($_POST["loginemail"], $_POST["loginpassword"]);
+		
+		
+	}
+	
+	if(isset($_POST["loginemail"])){
+		
+		if(empty($_POST["loginemail"])){
+			
+			$signinEmailError= "E-mail on sisestamata!";
+			
+		}else{
+			
+			$signinemail = $_POST["loginemail"];
+			
+		}
+	}
+	
+	if(isset($_POST["loginpassword"])){
+		
+		if(empty($_POST["loginpassword"])){
+			
+			$signinPasswordError= "Parool on sisestamata!";
+			
+		}
+	}
+	
+	
+	
+?>
+
+
+<h1>Logi sisse</h1>
+<form method="POST">
+	<?php if($error!=""){ echo $error; } ?><br>
+	
+	<input name="loginemail" placeholder="Kasutaja" type="text" value="<?=$signinemail;?>"> <text style="color:red;"><?php echo $signinEmailError; ?></text>
+	<br><br>
+
+	<input name="loginpassword" placeholder="Parool" type="password"> <text style="color:red;"><?php echo $signinPasswordError; ?></text>
+	<br><br>
+		
+	<input type="submit" value="Logi Sisse">
+</form>
+
+<h1>Loo Kasutaja</h1>
+Tärniga väljad on kohustuslikud
+<form method="POST">
+
+	<br>
+	<b><label>*E-mail:</label></b><br>
+	<input name="signupemail" placeholder="example@mail.com" type="text" value="<?=$signupemail;?>"> <text style="color:red;"><?php echo $signupEmailError; ?></text>
+	<br><br>
+
+	<b><label>*Parool:</label></b><br>
+	<input name="signuppassword" placeholder="********" type="password"> <text style="color:red;"><?php echo $signupPasswordError; ?></text>
+	<br><br>
+	
+	<b><label>*Sisesta parool uuesti:</label></b><br>
+	<input name="reenterpassword" placeholder="********" type="password"> <text style="color:red;"><?php echo $reenterpasswordError; ?></text>
+	<br><br>
+	
+	<input type="submit" value="Loo Kasutaja">
+	
+	
+	<br><br><br><br>
+	
+</form>
\ No newline at end of file
diff --git a/movies.php b/movies.php
new file mode 100644
index 0000000..813cc4d
--- /dev/null
+++ b/movies.php
@@ -0,0 +1,132 @@
+<?php
+
+	require("../../config.php");
+	require("functions.php");
+
+	if(!isset($_SESSION["userId"])){
+		
+
+		header("Location: loginpb.php");
+		
+	}
+
+
+
+	if(isset($_GET["logout"])){
+		
+		session_destroy();
+		header("Location:loginpb.php");
+		
+	}
+	
+	$user=$_SESSION["userEmail"];
+	if(isset($_POST["nimi"]) && 
+		isset($_POST["staatus"]) &&
+		isset($_POST["kuup"]) &&
+		!empty($_POST["nimi"]) && 
+		!empty($_POST["staatus"]) &&
+		!empty($_POST["kuup"])
+		) {
+		
+		savecontact($_POST["nimi"], $_POST["staatus"], $_POST["kuup"], $user);
+		
+		
+	}
+
+	if(isset($_GET["sort"]) && isset($_GET["direction"])){
+		$sort=$_GET["sort"];
+		$direction=$_GET["direction"];
+		
+	}else{
+		$sort="nimi";
+		$direction="ascending";
+	}
+	
+	
+	if(isset($_GET["q"])){
+		
+		$q = $_GET["q"];
+		
+		$contactdata=getallcontacts($user, $q, $sort, $direction);
+		
+	}else{
+		
+		$q="";
+		$contactdata=getallcontacts($user, $q, $sort, $direction);
+		
+	}
+	
+?>
+<h1>Filmide märkmik</h1>
+
+<p>
+	Tere tulemast <?=$_SESSION["userEmail"];?>
+	<a href="?logout=1">Logi valja</a>
+
+</p>
+	<h3>Salvesta uus film</h3>
+	<form method="POST">
+		<label>Filmi nimi</label><br>
+		<input name="nimi" type="text" placeholder=""><br><br>
+	
+		<label>Staatus</label><br>
+		<input name="staatus" type="text" placeholder=""><br><br>
+		
+		<label>Kuupaev</label><br>
+		<input name="kuup" type="text" placeholder="">
+
+		<br><br>
+		<input type="submit" value="Salvesta">
+	</form>
+	
+	Vaadatud: <?php getStaatus($user); ?><br>
+	
+<h2>Filmid</h2>
+	<form>
+		<input type="search" name="q" value="<?=$q;?>">
+		<input type="submit" value="Otsi"><br><br>
+	</form>
+<?php
+
+	$direction="ascending";
+	if(isset($_GET["direction"])){
+		if($_GET["direction"] == "ascending"){
+			$direction = "descending";
+		}
+	}
+
+	$html = "<table border='1'>";
+	
+	$html .= "<tr>";
+		$html .= "<th><a href='?q=".$q."&sort=nimi&direction=".$direction."'>Nimi</a></th>";
+		$html .= "<th><a href='?q=".$q."&sort=staatus&direction=".$direction."'>Staatus</a></th>";
+		$html .= "<th><a href='?q=".$q."&sort=kuup&direction=".$direction."'>Kuupaev</a></th>";
+		$html .= "<th><a href='?q=".$q."&sort=reiting&direction=".$direction."'>Reiting</a></th>";
+	$html .= "</tr>";
+	
+	foreach($contactdata as $c) {
+		
+		
+		$html .= "<tr>";
+			$html .= "<td>".$c->nimi."</td>";
+			$html .= "<td>".$c->staatus."</td>";
+			$html .= "<td>".$c->kuup."</td>";
+			$html .= "<td>".$c->reiting."</td>";
+			$html .= "<td><a href='edit.php?nimi=".$c->nimi."'>Muuda</a></td>";
+		$html .= "</tr>";
+		
+	}
+
+	$html .= "</table>";
+
+	echo $html;
+
+
+?>
+		
+		
+		
+		
+		
+		
+		
\ No newline at end of file