-
Notifications
You must be signed in to change notification settings - Fork 1
/
load_section.php
100 lines (85 loc) · 2.87 KB
/
load_section.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
<?php
// initialize session
ob_start();
session_start();
session_regenerate_id();
// include required file
require_once 'init.php';
// validate session
if (!isset($_SESSION['UserEmail'])) {
exit();
}
if (
!(filter_input(INPUT_POST, 'start', FILTER_VALIDATE_INT) === 0 || filter_input(INPUT_POST, 'start', FILTER_VALIDATE_INT)) ||
!filter_input(INPUT_POST, 'limit', FILTER_VALIDATE_INT) ||
!filter_input(INPUT_POST, 'type', FILTER_SANITIZE_SPECIAL_CHARS) ||
!filter_input(INPUT_POST, 'section', FILTER_VALIDATE_INT)
) {
exit();
}
// get all variable needed
$start = filter_input(INPUT_POST, 'start', FILTER_VALIDATE_INT);
$limit = filter_input(INPUT_POST, 'limit', FILTER_VALIDATE_INT);
$type = filter_input(INPUT_POST, 'type', FILTER_SANITIZE_SPECIAL_CHARS);
$section_id = filter_input(INPUT_POST, 'section', FILTER_VALIDATE_INT);
//store the result of select statement in $results var
$results = get_all_data(get_sql($type), [$section_id, $start, $limit]);
// check if there is an item match the searched text
if ($results != 0) {
// to print all items
foreach ($results as $output) {
get_fun($type, $output, $section_id);
}
}
// to get the proper sql statement depend on table name
function get_sql($type)
{
$sql = '';
switch ($type) {
case 'cat':
$sql = SELECT_CATEGORY_BOOK;
break;
case 'pub':
$sql = SELECT_PUBLISHER_BOOK;
break;
case 'author':
$sql = SELECT_AUTHOR_BOOK;
break;
}
return $sql;
}
// to get the proper show template function depend on table name
function get_fun($type, $output)
{
// get all variable
$book_id = $output["book_id"];
$book_img = $output["photo"];
// make delete icon function
$delete_fun = " onclick=\"deletePop('delete_book.php', {'id':'$book_id', 'img':'$book_img'} )\" ";
switch ($type) {
case 'cat':
// initialize var
$author = array(
"name" => $output["author_name"],
"url" => "author_section.php?auth=" . $output["author_id"],
);
book($book_img, $book_id, $output["title"], $output["rating"], $delete_fun, $author);
break;
case 'pub':
// initialize var
$author = array(
"name" => $output["author_name"],
"url" => "author_section.php?auth=" . $output["author_id"],
);
book($book_img, $book_id, $output["title"], $output["rating"], $delete_fun, $author);
break;
case 'author':
// initialize var
$category = array(
"name" => $output["cat_name"],
"url" => "category_section.php?cat=" . $output["cat_id"],
);
book($book_img, $book_id, $output["title"], $output["rating"], $delete_fun, $category);
break;
}
}