connect_error) { die('Connection failed: ' . $conn->connect_error); } $sql = 'SELECT edit_pw FROM lists WHERE ID = ' . $ListID; $result = $conn->query($sql); if ($result !== false && $result->num_rows > 0) { if ($row = $result->fetch_assoc()) { if (password_verify($ListPassword, $row['edit_pw'])) { $_SESSION['listid'] = $ListID; $loggedin = true; $message = array('msg' => 'Login erfolgreich', 'type' => 'success'); } else { $message = array('msg' => 'Falsches Passwort', 'type' => 'warning'); } } } $conn->close(); } if (isset($_POST['listadd'])) { $listName = $_POST['listName']; $listPassword = password_hash($_POST['listPassword'], PASSWORD_DEFAULT); $listDescription = $_POST['listDescription']; $conn = new mysqli($servername, $username, $password, $db); // Check connection if ($conn->connect_error) { die('Connection failed: ' . $conn->connect_error); } $sql = 'INSERT INTO lists (title, description, edit_pw) VALUES ("' . $listName . '", "' . $listDescription . '","' . $listPassword . '")'; $result = $conn->query($sql); if ($conn->query($sql) === TRUE) { $last_id = $conn->insert_id; $_SESSION['listid'] = $last_id; $loggedin = true; $actual_link = 'http://' . $_SERVER['HTTP_HOST'] . '/?list=' . $last_id; header('Location: ' . $actual_link); } else { $message = array('msg' => 'Error: ' . $sql . '
' . $conn->error, 'type' => 'error'); } $conn->close(); } if (isset($_POST['logout'])) { session_destroy(); $loggedin = false; $message = array('msg' => 'Logout erfolgreich', 'type' => 'success'); } if (isset($_POST['reservation'])) { $conn = new mysqli($servername, $username, $password, $db); // Check connection if ($conn->connect_error) { die('Connection failed: ' . $conn->connect_error); } if ($_POST['reservedstat'] == 1) { $sql = 'SELECT reserved_pw FROM whishes WHERE ID = ' . $_POST['wishid']; $result = $conn->query($sql); if ($result !== false && $result->num_rows > 0) { if ($row = $result->fetch_assoc()) { if (password_verify($_POST['WishPassword'], $row['reserved_pw'])) { $sql = 'UPDATE whishes SET reserved=0, reserved_pw="" WHERE ID = ' . $_POST['wishid']; if ($conn->query($sql) === TRUE) $message = array('msg' => 'Reservierung aufgehoben', 'type' => 'success'); else $message = array('msg' => 'Uups, irgendwas ist schief gegangen!', 'type' => 'danger'); } else { $message = array('msg' => 'Falsches Reservierungs-Passwort', 'type' => 'warning'); } } } } if ($_POST['reservedstat'] == 0) { $reservedHash = password_hash($_POST['WishPassword'], PASSWORD_BCRYPT); $sql = 'UPDATE whishes SET reserved=1, reserved_pw="' . $reservedHash . '" WHERE ID = ' . $_POST['wishid']; if ($conn->query($sql) === TRUE) $message = array('msg' => 'Reservierung eingetragen', 'type' => 'success'); else $message = array('msg' => 'Uups, irgendwas ist schief gegangen!', 'type' => 'danger'); } $conn->close(); } if (isset($_POST['pushprio'])) { $nextPriority = 0; $conn = new mysqli($servername, $username, $password, $db); // Check connection if ($conn->connect_error) { die('Connection failed: ' . $conn->connect_error); } $stmt = 'SELECT MAX( priority ) AS maxprio FROM whishes WHERE whislist = ' . $ListID . ';'; $result = $conn->query($stmt); while ($row = mysqli_fetch_array($result)) { $nextPriority = $row['maxprio'] + 1; } $sql = 'UPDATE whishes SET priority=' . $nextPriority . ' WHERE ID = ' . $_POST['WhishID']; if ($conn->query($sql) === TRUE) $message = array('msg' => 'Wunschpriorität aktualisiert', 'type' => 'success'); else $message = array('msg' => 'Uups, irgendwas ist schief gegangen!', 'type' => 'danger'); } if (isset($_POST['delete']) && $loggedin == true) { if (isset($_POST['WhishID'])) { $WhishID = $_POST['WhishID']; $WhishTitle = ''; $conn = new mysqli($servername, $username, $password, $db); // Check connection if ($conn->connect_error) { die('Connection failed: ' . $conn->connect_error); } $sql = 'SELECT image, title FROM whishes WHERE ID = ' . $WhishID; $result = $conn->query($sql); if ($result !== false && $result->num_rows > 0) { while ($row = $result->fetch_assoc()) { unlink($imagedir . '/' . $row['image']); $WhishTitle = $row['title']; } } $sql = 'DELETE FROM whishes WHERE ID = ' . $WhishID; if ($conn->query($sql) === TRUE) $message = array('msg' => 'Wunsch "' . $WhishTitle . '" gelöscht', 'type' => 'success'); else $message = array('msg' => 'Uups, irgendwas ist schief gegangen!', 'type' => 'danger'); } else { $message = array('msg' => 'Uups, irgendwas ist schief gegangen!', 'type' => 'danger'); } } ?> Simple Wishlist
Simple Wishlist
'); } else { echo ('
'); } ?>
' . $message['msg'] . ' '); } wishlistMainBuilder($ListID, $sortby); ?>
'); } if ($loggedin != true) { echo (' '); } if ($loggedin == true) { echo (' '); } ?>