connect_error) { die('Connection failed: ' . $conn->connect_error); } $sql = 'SELECT edit_pw FROM lists WHERE ID = ' . $ListID; $result = $conn->query($sql); if ($result !== false && $result->num_rows > 0) { if ($row = $result->fetch_assoc()) { if (password_verify($ListPassword, $row['edit_pw'])) { $_SESSION['listid'] = $ListID; $loggedin = true; $message = array('msg' => 'Login erfolgreich', 'type' => 'success'); } else { $message = array('msg' => 'Falsches Passwort', 'type' => 'warning'); } } } $conn->close(); } if (isset($_POST['logout'])) { session_destroy(); $loggedin = false; $message = array('msg' => 'Logout erfolgreich', 'type' => 'success'); } if (isset($_POST['reservation'])) { $conn = new mysqli($servername, $username, $password, $db); // Check connection if ($conn->connect_error) { die('Connection failed: ' . $conn->connect_error); } if ($_POST['reservedstat'] == 1) { $sql = 'SELECT reserved_pw FROM whishes WHERE ID = ' . $_POST['wishid']; $result = $conn->query($sql); if ($result !== false && $result->num_rows > 0) { if ($row = $result->fetch_assoc()) { if (password_verify($_POST['WishPassword'], $row['reserved_pw'])) { $sql = 'UPDATE whishes SET reserved=0, reserved_pw="" WHERE ID = ' . $_POST['wishid']; if ($conn->query($sql) === TRUE) $message = array('msg' => 'Reservierung aufgehoben', 'type' => 'success'); else $message = array('msg' => 'Uups, irgendwas ist schief gegangen!', 'type' => 'danger'); } else { $message = array('msg' => 'Falsches Reservierungs-Passwort', 'type' => 'warning'); } } } } if ($_POST['reservedstat'] == 0) { $reservedHash = password_hash($_POST['WishPassword'], PASSWORD_BCRYPT); $sql = 'UPDATE whishes SET reserved=1, reserved_pw="' . $reservedHash . '" WHERE ID = ' . $_POST['wishid']; if ($conn->query($sql) === TRUE) $message = array('msg' => 'Reservierung eingetragen', 'type' => 'success'); else $message = array('msg' => 'Uups, irgendwas ist schief gegangen!', 'type' => 'danger'); } $conn->close(); } if (isset($_POST['delete']) && $loggedin == true) { if (isset($_POST['WhishID'])) { $WhishID = $_POST['WhishID']; $WhishTitle = ''; $conn = new mysqli($servername, $username, $password, $db); // Check connection if ($conn->connect_error) { die('Connection failed: ' . $conn->connect_error); } $sql = 'SELECT image, title FROM whishes WHERE ID = ' . $WhishID; $result = $conn->query($sql); if ($result !== false && $result->num_rows > 0) { while ($row = $result->fetch_assoc()) { unlink($row['image']); $WhishTitle = $row['title']; } } $sql = 'DELETE FROM whishes WHERE ID = ' . $WhishID; if ($conn->query($sql) === TRUE) $message = array('msg' => 'Wunsch "' . $WhishTitle . '" gelöscht', 'type' => 'success'); else $message = array('msg' => 'Uups, irgendwas ist schief gegangen!', 'type' => 'danger'); } else { $message = array('msg' => 'Uups, irgendwas ist schief gegangen!', 'type' => 'danger'); } } ?> Simple Wishlist
Simple Wishlist
'); } else { echo ('
'); } ?>
' . $message['msg'] . ' '); } wishlistMainBuilder($ListID, $sortby); ?>
'); } if ($loggedin != true) { echo (' '); } if ($loggedin == true) { echo (' '); } ?>