From 1893b034e604c021d2e6353814797aadc586d20f Mon Sep 17 00:00:00 2001 From: Juthatip McDevitt Date: Tue, 25 Jun 2024 18:52:37 -0500 Subject: [PATCH] updated gitignore, add booking room functionality --- hotel_booking/.gitignore | 1 - hotel_booking/ajax/confirmBooking.php | 45 ++++++ hotel_booking/ajax/login_register.php | 100 +++++++++++++ hotel_booking/confirm_booking.php | 194 ++++++++++++++++++++++---- 4 files changed, 312 insertions(+), 28 deletions(-) create mode 100644 hotel_booking/ajax/confirmBooking.php create mode 100644 hotel_booking/ajax/login_register.php diff --git a/hotel_booking/.gitignore b/hotel_booking/.gitignore index a183f70..973a9f6 100644 --- a/hotel_booking/.gitignore +++ b/hotel_booking/.gitignore @@ -1,5 +1,4 @@ images/* admin/components/db_config.php admin/components/api.php -ajax/login_register.php components/sendgrid/* \ No newline at end of file diff --git a/hotel_booking/ajax/confirmBooking.php b/hotel_booking/ajax/confirmBooking.php new file mode 100644 index 0000000..39560f6 --- /dev/null +++ b/hotel_booking/ajax/confirmBooking.php @@ -0,0 +1,45 @@ + $status]); + } else if($checkout_date < $checkin_date){ + $status = 'check_out_earlier'; + $result = json_encode(["status" => $status]); + } else if($checkin_date < $today_date){ + $status = 'check_in_earlier'; + $result = json_encode(["status" => $status]); + } + //booking availability + if($status!=''){ + echo $result; + } else{ + session_start(); + $_SESSION['room']; + + //check room availability + $count_days = date_diff($checkin_date, $checkout_date)->days; + $payment = $_SESSION['room']['price'] * $count_days; + $_SESSION['room']['payment'] = $payment; + $_SESSION['room']['available'] = true; + + $result = json_encode(["status" => 'available', "days" => $count_days, "payment" => $payment]); + echo $result; + } + } +?> \ No newline at end of file diff --git a/hotel_booking/ajax/login_register.php b/hotel_booking/ajax/login_register.php new file mode 100644 index 0000000..3587742 --- /dev/null +++ b/hotel_booking/ajax/login_register.php @@ -0,0 +1,100 @@ +setFrom(SENDGRID_EMAIL, SENDGRID_SENDER); + $email->setSubject("Account Verification Link"); + + $email->addTo($mail, $name); + $email->addContent( + "text/html", + "Please verify your email by clicking the link below:
+ Click here + " + ); + + $sendgrid = new \SendGrid(SENDGRID_API_KEY); + + if($sendgrid->send($email)){ + return 1; + } else{ + return 0; + } + + } + //register + if(isset($_POST['register'])){ + $data = filteration($_POST); + + //password confirmation + if($data['password'] != $data['cpassword']){ + echo 'pass_mismatch'; + exit; + } + //check user existing + $user_exist = select("SELECT * FROM `user_creds` WHERE `email`=? AND `phone`=? LIMIT 1", [$data['email'], $data['phone']], "ss"); + + if(mysqli_num_rows($user_exist) != 0){ + $user_exist_fetch = mysqli_fetch_assoc($user_exist); + echo ($user_exist_fetch['email'] == $data['email']) ? 'email_already' : 'phone_already'; + exit; + } + //send confirmation to user email (sendGrid provider) + + $token = bin2hex(random_bytes(16)); + + if(!send_mail($data['email'], $data['firstname'], $token)){ + echo 'mail_failed'; + exit; + } + + $enc_pass = password_hash($data['password'], PASSWORD_BCRYPT); + $query = "INSERT INTO `user_creds`(`firstname`, `email`, `lastname`, `phone`, `birth`, `address`, `password`, `token`) VALUES (?, ?, ?, ?, ?, ?, ?, ?)"; + $values = [$data['firstname'], $data['email'], $data['lastname'], $data['phone'], $data['birth'], $data['address'], $enc_pass, $token]; + + if(insert($query, $values, 'ssssssss')){ + echo 1; + } else{ + echo 'ins_failed'; + } + + } + //login + if(isset($_POST['login'])){ + $data = filteration($_POST); + $user_exist = select("SELECT * FROM `user_creds` WHERE `email`=? OR `phone`=? LIMIT 1", [$data['email'], $data['email']], "ss"); + + if(mysqli_num_rows($user_exist) == 0){ + echo 'inv_email'; + } else{ + $user_fetch = mysqli_fetch_assoc($user_exist); + if($user_fetch['is_verified'] == 0){ + echo 'not_verified'; + } else if($user_fetch['status'] == 0){ + echo 'inactive'; + } else{ + if(!password_verify($data['password'], $user_fetch['password'])){ + echo 'invalid_pass'; + } else{ + session_start(); + $_SESSION['login'] = true; + $_SESSION['uerID'] = $user_fetch['id']; + $_SESSION['userName'] = $user_fetch['firstname']; + $_SESSION['userPhone'] = $user_fetch['phone']; + echo 1; + } + } + }; + + + + } +?> \ No newline at end of file diff --git a/hotel_booking/confirm_booking.php b/hotel_booking/confirm_booking.php index a843f5a..337802e 100644 --- a/hotel_booking/confirm_booking.php +++ b/hotel_booking/confirm_booking.php @@ -6,6 +6,13 @@ Booking confirmation | Midtown Hotel @@ -55,28 +90,85 @@ $room_data = mysqli_fetch_assoc($room_res); + $_SESSION['room'] = [ + "id" => $room_data['id'], + "name" => $room_data['name'], + "price" => $room_data['price'], + "payment" => null, + "available" => false, + ]; + + $user_res = select("SELECT * FROM `user_creds` WHERE `id`=? LIMIT 1", [$_SESSION['uerID']], "i"); + $user_data = mysqli_fetch_assoc($user_res); + //get accommodation & additional accommodation $accom_q = mysqli_query($con, "SELECT a.name FROM `accommodation` a INNER JOIN `room_accommodation` raccom ON a.id = raccom.accommodation_id WHERE raccom.room_id = '$room_data[id]'"); - $accommodation_data = ""; + $accommodation_data = ""; - while($accom_row = mysqli_fetch_assoc($accom_q)){ - $accommodation_data .="

▪ $accom_row[name]

"; - } - //get additional accommodation data from database - $addi_q = mysqli_query($con, "SELECT a.name FROM `additional_accomm` a INNER JOIN `room_additionalAccom` raddi ON a.id = raddi.additionalAccom_id WHERE raddi.room_id = '$room_data[id]'"); - $additionalAccom_data = ""; + while($accom_row = mysqli_fetch_assoc($accom_q)){ + $accommodation_data .="

▪ $accom_row[name]

"; + } + //get additional accommodation data from database + $addi_q = mysqli_query($con, "SELECT a.name FROM `additional_accomm` a INNER JOIN `room_additionalAccom` raddi ON a.id = raddi.additionalAccom_id WHERE raddi.room_id = '$room_data[id]'"); + $additionalAccom_data = ""; - while($addi_row = mysqli_fetch_assoc($addi_q)){ - $additionalAccom_data .="

▪ $addi_row[name]

"; - } + while($addi_row = mysqli_fetch_assoc($addi_q)){ + $additionalAccom_data .="

▪ $addi_row[name]

"; + } ?>
-

+

Booking confirmation

+
+
+
+
Booking Detail
+
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+ + +
+
+
+ Loading... +
+

Please provide check-in and check-out date

+ +
+
+
+
+
+
+
-
-
-
+
+
+
+
-

$room_data[name] ($room_data[area] sq.ft.)

+

$room_data[name] ($room_data[area] sq.ft.)

$$room_data[price]/night

-

Room Detail

+

Room Detail

$room_data[detail]
-

Accommodation

+

Accommodation

$accommodation_data
-

Additional Accommodation

+

Additional Accommodation

$additionalAccom_data
-
- Book Now -
data; ?>
@@ -147,14 +237,64 @@
- - - - - + + \ No newline at end of file