admin/36874-vm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

1.3

Browse Source
This commit is contained in:
Flatlogic Bot 2025-12-11 19:31:10 +00:00
parent dd86cddf44
commit 79aa26cf52
4 changed files with 299 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
dashboard.php
View File

@ -43,7 +43,8 @@ if ($user_role === 'user') {
<p>Welcome to your RentEase dashboard.</p>
<p>Your role is: <strong><?php echo htmlspecialchars($user_role); ?></strong></p>
<?php if ($user_role === 'vendor'): ?>
<a href="add_item.php" class="btn btn-primary mb-3">Add New Item</a>
<a href="add_item.php" class="btn btn-primary mb-3 me-2">Add New Item</a>
<a href="my_listings.php" class="btn btn-info mb-3">My Listings</a>
<?php endif; ?>
<hr>

41
delete_item.php Normal file
View File

@ -0,0 +1,41 @@
<?php
session_start();
require_once 'db/config.php';
// Ensure user is logged in and is a vendor
if (!isset($_SESSION['user_id']) || $_SESSION['user_role'] !== 'vendor') {
header("Location: login.php");
exit();
}
$vendor_id = $_SESSION['user_id'];
$item_id = $_GET['id'] ?? null;
$pdo = db();
if ($item_id) {
try {
// Verify ownership before deleting
$stmt = $pdo->prepare("SELECT id FROM items WHERE id = ? AND owner_id = ?");
$stmt->execute([$item_id, $vendor_id]);
$item = $stmt->fetch();
if ($item) {
// Item belongs to the vendor, proceed with deletion
$stmt = $pdo->prepare("DELETE FROM items WHERE id = ? AND owner_id = ?");
$stmt->execute([$item_id, $vendor_id]);
$_SESSION['success_message'] = "Item deleted successfully!";
} else {
$_SESSION['error_message'] = "Item not found or you don't have permission to delete it.";
}
} catch (PDOException $e) {
$_SESSION['error_message'] = "Database error: " . $e->getMessage();
}
} else {
$_SESSION['error_message'] = "No item ID provided.";
}
header("Location: my_listings.php");
exit();
?>

150
edit_item.php Normal file
View File

@ -0,0 +1,150 @@
<?php
session_start();
require_once 'db/config.php';
// Ensure user is logged in and is a vendor
if (!isset($_SESSION['user_id']) || $_SESSION['user_role'] !== 'vendor') {
header("Location: login.php");
exit();
}
$vendor_id = $_SESSION['user_id'];
$item_id = $_GET['id'] ?? null;
$item = null;
$errors = [];
$success_message = "";
$pdo = db();
// Fetch item details if ID is provided
if ($item_id) {
$stmt = $pdo->prepare("SELECT * FROM items WHERE id = ? AND owner_id = ?");
$stmt->execute([$item_id, $vendor_id]);
$item = $stmt->fetch();
if (!$item) {
$errors[] = "Item not found or you don't have permission to edit it.";
$item_id = null; // Invalidate item_id if not found or unauthorized
}
} else {
$errors[] = "No item ID provided.";
}
// Handle form submission for updating the item
if ($_SERVER["REQUEST_METHOD"] == "POST" && $item_id) {
$name = trim($_POST['name']);
$description = trim($_POST['description']);
$price_per_day = trim($_POST['price_per_day']);
$location = trim($_POST['location']);
$image_url = trim($_POST['image_url']);
if (empty($name)) {
$errors[] = "Item name is required.";
}
if (empty($price_per_day) || !is_numeric($price_per_day)) {
$errors[] = "A valid price is required.";
}
if (empty($location)) {
$errors[] = "Location is required.";
}
if (empty($errors)) {
try {
$sql = "UPDATE items SET name = :name, description = :description, price_per_day = :price_per_day, location = :location, image_url = :image_url WHERE id = :id AND owner_id = :owner_id";
$stmt = $pdo->prepare($sql);
$stmt->execute([
':name' => $name,
':description' => $description,
':price_per_day' => $price_per_day,
':location' => $location,
':image_url' => $image_url,
':id' => $item_id,
':owner_id' => $vendor_id
]);
$success_message = "Item updated successfully!";
// Refresh item data after update
$stmt = $pdo->prepare("SELECT * FROM items WHERE id = ? AND owner_id = ?");
$stmt->execute([$item_id, $vendor_id]);
$item = $stmt->fetch();
} catch (PDOException $e) {
$errors[] = "Database error: " . $e->getMessage();
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Edit Item - RentEase</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
<link rel="stylesheet" href="assets/css/custom.css">
</head>
<body>
<?php include 'header.php'; ?>
<div class="container mt-5">
<div class="row justify-content-center">
<div class="col-md-8">
<div class="card">
<div class="card-header">
<h2>Edit Rental Item</h2>
</div>
<div class="card-body">
<?php if (!empty($errors)): ?>
<div class="alert alert-danger">
<?php foreach ($errors as $error): ?>
<p><?php echo htmlspecialchars($error); ?></p>
<?php endforeach; ?>
</div>
<?php endif; ?>
<?php if (!empty($success_message)): ?>
<div class="alert alert-success">
<?php echo htmlspecialchars($success_message); ?>
</div>
<?php endif; ?>
<?php if ($item): ?>
<form action="edit_item.php?id=<?php echo htmlspecialchars($item['id']); ?>" method="post">
<div class="mb-3">
<label for="name" class="form-label">Item Name</label>
<input type="text" class="form-control" id="name" name="name" value="<?php echo htmlspecialchars($item['name']); ?>" required>
</div>
<div class="mb-3">
<label for="description" class="form-label">Description</label>
<textarea class="form-control" id="description" name="description" rows="3"><?php echo htmlspecialchars($item['description']); ?></textarea>
</div>
<div class="mb-3">
<label for="price_per_day" class="form-label">Price per Day ($)</label>
<input type="number" class="form-control" id="price_per_day" name="price_per_day" step="0.01" value="<?php echo htmlspecialchars($item['price_per_day']); ?>" required>
</div>
<div class="mb-3">
<label for="location" class="form-label">Location (e.g., City, State)</label>
<input type="text" class="form-control" id="location" name="location" value="<?php echo htmlspecialchars($item['location']); ?>" required>
</div>
<div class="mb-3">
<label for="image_url" class="form-label">Image URL</label>
<input type="text" class="form-control" id="image_url" name="image_url" value="<?php echo htmlspecialchars($item['image_url'] ?? ''); ?>">
</div>
<button type="submit" class="btn btn-primary">Update Item</button>
<a href="my_listings.php" class="btn btn-secondary">Cancel</a>
</form>
<?php else: ?>
<p>Unable to load item for editing.</p>
<a href="my_listings.php" class="btn btn-primary">Back to My Listings</a>
<?php endif; ?>
</div>
</div>
</div>
</div>
</div>
<?php include 'footer.php'; ?>
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>

106
my_listings.php Normal file
View File

@ -0,0 +1,106 @@
<?php
session_start();
require_once 'db/config.php'; // Include the database configuration
// If user is not logged in or not a vendor, redirect
if (!isset($_SESSION['user_id']) || $_SESSION['user_role'] !== 'vendor') {
header("Location: login.php"); // Redirect to login or a suitable page
exit;
}
$user_id = $_SESSION['user_id'];
$user_name = $_SESSION['user_name'];
$pdo = db(); // Get the PDO connection
$items = []; // Initialize an empty array to hold items
// Fetch items listed by the current vendor
$query = "SELECT * FROM items WHERE owner_id = ?";
$params = [$user_id];
if (isset($_GET['search']) && !empty($_GET['search'])) {
$searchTerm = '%' . $_GET['search'] . '%';
$query .= " AND (name LIKE ? OR description LIKE ?)";
$params[] = $searchTerm;
$params[] = $searchTerm;
}
if (isset($_GET['status']) && !empty($_GET['status'])) {
$statusFilter = $_GET['status'];
$query .= " AND status = ?";
$params[] = $statusFilter;
}
$stmt = $pdo->prepare($query);
$stmt->execute($params);
$items = $stmt->fetchAll();
?>
<?php include 'header.php'; ?>
<div class="container mt-5">
<div class="row">
<div class="col-md-12">
<div class="card">
<div class="card-header">
<h4><?php echo htmlspecialchars($user_name); ?>'s Listings</h4>
</div>
<div class="card-body">
<?php if (isset($_SESSION['success_message'])): ?>
<div class="alert alert-success">
<?php echo htmlspecialchars($_SESSION['success_message']); unset($_SESSION['success_message']); ?>
</div>
<?php endif; ?>
<?php if (isset($_SESSION['error_message'])): ?>
<div class="alert alert-danger">
<?php echo htmlspecialchars($_SESSION['error_message']); unset($_SESSION['error_message']); ?>
</div>
<?php endif; ?>
<p>Manage your listed items here.</p>
<form action="my_listings.php" method="get" class="mb-4">
<div class="input-group">
<input type="text" class="form-control" placeholder="Search your listings..." name="search" value="<?php echo htmlspecialchars($_GET['search'] ?? ''); ?>">
<select class="form-select" name="status">
<option value="">All Statuses</option>
<option value="available" <?php echo (isset($_GET['status']) && $_GET['status'] === 'available') ? 'selected' : ''; ?>>Available</option>
<option value="rented" <?php echo (isset($_GET['status']) && $_GET['status'] === 'rented') ? 'selected' : ''; ?>>Rented</option>
<option value="unavailable" <?php echo (isset($_GET['status']) && $_GET['status'] === 'unavailable') ? 'selected' : ''; ?>>Unavailable</option>
</select>
<button class="btn btn-outline-secondary" type="submit">Filter</button>
</div>
</form>
<?php if (empty($items)): ?>
<p>You have not listed any items yet. <a href="add_item.php">Add a new item</a>.</p>
<?php else: ?>
<div class="row">
<?php foreach ($items as $item): ?>
<div class="col-md-4 mb-4">
<div class="card h-100">
<img src="<?php echo htmlspecialchars($item['image_url'] ?? 'https://via.placeholder.com/150'); ?>" class="card-img-top" alt="<?php echo htmlspecialchars($item['name']); ?>">
<div class="card-body d-flex flex-column">
<h5 class="card-title"><?php echo htmlspecialchars($item['name']); ?></h5>
<p class="card-text flex-grow-1"><?php echo htmlspecialchars($item['description']); ?></p>
<p class="card-text"><strong>Price:</strong> $<?php echo htmlspecialchars(number_format($item['price'], 2)); ?> per day</p>
<p class="card-text"><strong>Location:</strong> <?php echo htmlspecialchars($item['location']); ?></p>
<div class="mt-auto">
<a href="item_details.php?id=<?php echo htmlspecialchars($item['id']); ?>" class="btn btn-info btn-sm">View</a>
<a href="edit_item.php?id=<?php echo htmlspecialchars($item['id']); ?>" class="btn btn-warning btn-sm">Edit</a>
<a href="delete_item.php?id=<?php echo htmlspecialchars($item['id']); ?>" class="btn btn-danger btn-sm">Delete</a>
<p class="text-info mt-2">Status: <?php echo htmlspecialchars(ucfirst($item['status'])); ?></p>
</div>
</div>
</div>
</div>
<?php endforeach; ?>
</div>
<?php endif; ?>
</div>
</div>
</div>
</div>
</div>
<?php include 'footer.php'; ?>