<?php

/* READ THE instructions.txt file before doing ANYTHING to this file.
    There are several notes in this file to help you, but they need to be done 
    in order.
*/
// !!!!****remember to change the database names to m_username, and put in 
//YOUR username, and make sure blurg.inc (or whatever you call it) contains YOUR password (or whatever you call the file)
/*  the file should only have the following lines in it:
    <?php
        $password ='  ';   (with your password between the single quotes)
*/
//and the names to match what you did when you made the tables! 
if($_POST['LAST'] == ""){
	
print '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">';
print '<html xmlns="http://www.w3.org/1999/xhtml" lang="en"xml:lang="en">';
print "<head><title>Form to Control a Database</title></head>";
print "<body bgcolor=\"skyblue\"><form action=\"mysqlcp_param02.php\" method=\"post\">";
print "Please choose an action from the following:<br />";
print '<select name="command"><option value="VIEWBIDS">View Bids</option>';
print '<option value="VIEWAUCTIONS">View Auctions</option>';
print '<option value="PLACEBID">Place a Bid</option>';
print '<option value="ADDITEM">Add Auction</option>';
print '<option value="ADDUSER">Add User</option>';
print '</select>';
print '<input type="hidden" name="LAST" value="MAIN" />';
print '<p><input type="submit" value="Run Command"/></p>';
print '</form>  <div id = "validator">
<a href = "http://validator.w3.org/check?uri=referer">
<img src="../pictures/valid-xhtml10.png" alt="W3C Button to test XHTML validation" /></a>
</div>');


print ('</body></html>');

} 
elseif ($_POST['LAST'] == "MAIN"){
//	if ( $_POST[command] == "VIEWBIDS"){
//	viewbids();	
//	}
	if ( $_POST['command'] == "VIEWAUCTIONS"){
	viewauctions();	
	}
//if ( $_POST[command] == "PLACEBID"){
//	placebid();	
//	}
	if ( $_POST['command'] == "ADDITEM"){
	additem();	
	}
    if ( $_POST['command'] == "INSERTITEM"){
        print "Change this to call the insertitem() function from addauction_insert.php";       
    }
/*	if ( $_POST['command'] == "ADDUSER"){
	adduser();	
	}	
*/

}

/*CUT THE FOLLOWING lines and use the mydb3.php class instead 
NOTE DO NOT DO THIS UNTIL YOU HAVE FOLLOWED THE APPROPRIATE INSTRUCTIONS inside
instructions.txt*/
function showerror()
{
	if (mysqli_connect_error()){
	    die ("Error". mysqli_connect_errno() . " : " . mysqli_connect_error());	
	}else{
	    die ("Could not connect to the MySQL Database");	
	}
}


function connectdb($dbname)
{
	include '../blurg.inc';
	if (!($dbh = mysqli_connect("localhost", "coperni","$password" ))){
	showerror();	
	}

	if(!mysqli_select_db($dbh, $dbname)){
		showerror();	
	}
	return $dbh;
}

/*STOP CUTTING HERE!!! */


/*this function should be put into a file called viewauctions.php*/
function viewauctions()
{
$databasename = "m_coperni";
$db1 = connectdb($databasename);

$QUERY1 = mysqli_prepare($db1, "SELECT i.item_id, i.item, i.category, i.starttime,i.endtime,
c.firstname,c.lastname
FROM auction_items i, customers c
WHERE i.customer_id=c.customer_id
ORDER BY i.item_id");
//Note, if you had things to bind, THIS is the line to do it!

if(!mysqli_stmt_execute($QUERY1)){
	showerror();	
} else{
mysqli_stmt_store_result($QUERY1);
mysqli_stmt_bind_result($QUERY1, $item_id, $item, $category, $starttime, $endtime,$firstname, $lastname);
   print<<<STARTHTML
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en"xml:lang="en">
<head>
<title>Test of Auction_Items Database</title>
</head>
<body>
<table border="1">
<tr>
<th>Item ID</th>
<th>Customer Name</th>
<th>Item Name</th>
<th>Category</th>
<th>Auction Start</th>
<th>Auction End</th>
</tr>
STARTHTML;
$bgcolor="#00FF00";
	while(mysqli_stmt_fetch($QUERY1)){

	print "<tr bgcolor=\"$bgcolor\">";
	print "<td>" .$item_id ."</td>";
	print "<td>" .$firstname ." ". $lastname ."</td>";
	print "<td>" .$item ."</td>";
	print "<td>" .$category ."</td>";
	print "<td>" .$starttime ."</td>";
	print "<td>" .$endtime ."</td>";
	print "</tr>";

	if ( $bgcolor == "#00FF00"){
		$bgcolor = "#00FFFF";	
	} else {
		$bgcolor = "#00FF00";
	}
	
	}
print "</table>";
}		
mysqli_close($db1);
print '<div id = "validator">
<a href = "http://validator.w3.org/check?uri=referer">
<img src="../pictures/valid-xhtml10.png" alt="W3C Button to test XHTML validation" /></a>
</div>';
print ('<a href="mysqlcp_param02.php">Go Back to Main DB Control Page</a>');
print '</body></html>';
}

/*This function should be put into a file called additem.php */
function additem()
{
print<<<STARTHTML
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml" lang="en"xml:lang="en">
STARTHTML;
    print ('<form method="post" action="addauction_insert02.php">');
    print ('Please enter the name of your item');
    print ('<input type="text" name="item"><br />');
    print 'Please Select your name from the following:';
    //Note: need a seperate form to add yourself as a customer
    $databasename = "m_coperni";
    $db2 = connectdb($databasename);
    
    $QUERY2 = mysqli_prepare($db2,'select customer_id, firstname, lastname from customers');
    //NOTE: Binding parameters would occur here if you had them
    if(!mysqli_stmt_execute($QUERY2)){
	showerror();	
    } else{
	mysqli_stmt_store_result($QUERY2);
	mysqli_stmt_bind_result($QUERY2, $customer_id, $firstname, $lastname);
	print '<select name="customer_id">';
	
	while(mysqli_stmt_fetch($QUERY2)){
    print "<option value=\"" .$customer_id ."\">" . $firstname
    . ' ' . $lastname . "</option>\n";
	}
	print "</select><br />\n";
    
    
    
    }
    
    $QUERY3 = 'show columns from auction_items like \'category\'';
    if(!($query3result = mysqli_query($db2, $QUERY3))){
	showerror();	
	mysqli_close($db2);
    } else{
    print '<select name="category">';
    
    $row = mysqli_fetch_assoc($query3result); 
	$enumvalues = $row['Type'];
	$enumvalues =    substr($enumvalues, 6, strlen($enumvalues)-8);
	//$enumvalues = str_replace("','",",",$enumvalues);
	//For future note, the str_replace to a , was unnecessary as you can just
	//explode based on ','  instead of ,
	$enumarray = explode("','",$enumvalues);
	
	foreach ( $enumarray as $cat ){
	print "<option value=\"$cat\">$cat</option>:";	
    
	}
    mysqli_close($db2);
	print "</select>";
    }
    print "<br />\n";
    print "<textarea  name=\"description\" rows=\"4\" cols=\"30\">Item Description</textarea>";
    print "<br />\n";
    print "Enter Minimum Starting Bid:";
    print '<input type="text" name="minbid" size="10" /><br />';
    
    print ('<input type="hidden" name="LAST" value="MAIN">');
    print ('<input type="hidden" name="command" value="INSERTITEM">');
    print ('<input type="submit" value="Submit auction item">');
    print ('</form>');	
	
    print '<div id = "validator">
    <a href = "http://validator.w3.org/check?uri=referer">
    <img src="../pictures/valid-xhtml10.png" alt="W3C Button to test XHTML validation" /></a>
    </div>';
    print '</body></html>';	
	
	
}



?>