Bestellnummer: ".$order_num."";
echo "Gemietet von: ".$start_date." bis ".$end_date."";
echo "Material: ".$material_num." - ".$material_name;
if($material_desc != null){
echo " Beschreibung: ".$material_desc."";
} else{
echo "";
}
}
/* builds html content of the grid-element "confirmation details" a failed (unsuccessful) response */
function buildFailedConfirmationDetailsSection($text) {
echo "".$text."";
}
/* main PHP */
// initialize variables
$failure_text = "Unbekannter Fehler";
$material_name = "";
$material_desc = "";
$order_nr = 0;
// get cookie with order nr, otherwise set it to 0
if(isset($_COOKIE['OrderNr'])){
$order_nr = $_COOKIE['OrderNr'];
}
$rentalSuccess = false;
// start validation of parameters
if(validateParameters()){
// open SQL connection
$conn = mysqli_connect("localhost", "root", "", "rental_system");
if (!$conn) {
$failure_text = "Datenbankverbindung fehlgeschlagen.";
} else {
do{ // do once loop to be able to make breaks everywhere
$rental_art_nr = trim($_POST['rental_article_nr']);
$start_date = trim($_POST['start_date']);
$end_date = trim($_POST['end_date']);
$customer_nr = trim(intval($_POST['customer_nr']));
// check if rental article number exists in article database
$query = "SELECT * FROM articles WHERE article_number = ?";
$stmt = mysqli_prepare($conn, $query);
mysqli_stmt_bind_param($stmt, 's', $rental_art_nr);
mysqli_stmt_execute($stmt);
$res = mysqli_stmt_get_result($stmt);
if($res){
$row = mysqli_fetch_assoc($res); //expecting only one row since article_number is unique in SQL
if($row == null){ // row == null means there is no material with this number in the database
$failure_text = "Materialnummer existiert nicht in Datenbank.";
break;
}
$material_name = $row['article_name'];
$material_desc = $row['html_description'];
} else{
$failure_text = "Abfrage der Materialnummer fehlgeschlagen.";
break;
}
// check if the material is not yet rented out in the selected time range
$query = "SELECT * FROM rental_entries WHERE article_number = ? AND start_day <= ? AND end_day >= ?";
$stmt = mysqli_prepare($conn, $query);
mysqli_stmt_bind_param($stmt, 'sss', $rental_art_nr, $end_date, $start_date);
mysqli_stmt_execute($stmt);
$res = mysqli_stmt_get_result($stmt);
if($res){
$row = mysqli_fetch_assoc($res);
if($row != null){ // row == null means the material is not rented out in this time range
$failure_text = "Material ist bereits vermietet von ".$row['start_day']." bis ".$row['end_day'].".";
break;
}
} else{
$failure_text = "Abfrage der vermieteten Artikel fehlgeschlagen.";
break;
}
// if no order number exists yet => create one
if($order_nr == 0){
$order_nr = $customer_nr.".".date("YmdHis"); // Create unique order number with customer number and current time (full date + time up to seconds)
setcookie("OrderNr", $order_nr, time() + 3600); // valid for 1hr.
}
// enter the rental
$query = "INSERT INTO rental_entries (rental_id, article_number, start_day, end_day, order_number, customer_number) VALUES (NULL, ?, ?, ?, ?, ?);";
$stmt = mysqli_prepare($conn, $query);
mysqli_stmt_bind_param($stmt, 'ssssi', $rental_art_nr, $start_date, $end_date, $order_nr, $customer_nr);
$res = mysqli_stmt_execute($stmt);
if($res){
$rentalSuccess = true;
} else{
$failure_text = "Eintragen der Mietanfrage fehlgeschlagen. SQL query was:\n".$query;
break;
}
}while(0);
mysqli_close($conn); // close database connection if it was connected
}
}
/* final check for success, generate according defauls section */
if($rentalSuccess){
echo "";
echo "