C:/Users/ivans/OneDrive/Документы/ZWA/sem/insertion.php File Reference

This script handles retrieving of detailed data of the particular insertion from the database and displaying it as a separate page with some insertion management interface provided for the authorized users. More...

Functions
	terminateInsertion ($errorParam)

Variables
if(isset($error) && $error==="db_access_failed")	$user_id = isset($_SESSION['user_id']) ? $_SESSION['user_id'] : null
	$mode = (isset($_SESSION['admin']) && $_SESSION['admin'] == 1) ? "admin" : "user"
if(!isset($_GET['id'])) if( $mode=="user")	elseif ( $mode=="admin")
	foreach ( $images as $image)
if	( $mode==="admin" &&$insertion[ 'insertion_status']=="waiting") ( $mode==="admin"||$mode==="personal")
	provides user interface according to the current user authorization.

Detailed Description

This script handles retrieving of detailed data of the particular insertion from the database and displaying it as a separate page with some insertion management interface provided for the authorized users.

Displaying of all the retrieved data is secured by htmlspecialchars() function to prevent XSS attempts. Terminates and redirects to the main page in case of error occuring during communication with the database, absense of required user authorization (insertion can still have 'waiting' value of its insertion_status, and such insertions are available to their owners and admins only) or absense of record with the provided id in the 'insertions' table of the database. Id of the insertion to display is set as a parameter of the current GET request.

Function Documentation

terminateInsertion()

terminateInsertion

(

$errorParam

)

Redirects the user to the index page with an error parameter and exits the script.

Parameters

string

$errorParam

The error parameter to be appended to the URL.

Fetches the insertion details for the specified ID.

Validates that the insertion exists and belongs to the user or is published.

Fetches the images associated with the specified insertion, ordered by their order number.

Validates that the images for the insertion exist.

Updates the mode to "personal" if the user is the seller of the insertion.

Handles errors during the data retrieval process.

Validates the admin rights of the current user.

Fetches the insertion details for the specified ID.

Validates that the insertion exists.

Fetches the images associated with the specified insertion, ordered by their order number.

Validates that the images for the insertion exist.

Handles errors during the data retrieval process.

Variable Documentation

$mode

$mode = (isset($_SESSION['admin']) && $_SESSION['admin'] == 1) ? "admin" : "user"

Determines the mode based on the user's admin status. If the user is an admin, the mode is "admin", otherwise, it's "user".

$user_id

if (isset( $error) &&$error==="db_access_failed") $user_id = isset($_SESSION['user_id']) ? $_SESSION['user_id'] : null

Checks for a database access error and terminates the script if it occurs. Retrieves the current user's ID from the session or sets it to null if not available.

( $mode==="admin" &&$insertion[ 'insertion_status']=="waiting")

if ($mode==="admin" && $insertion['insertion_status']=="waiting")($mode==="admin"|| $mode==="personal")

(

$mode = == "admin" && $insertion['insertion_status'] == "waiting"

)

provides user interface according to the current user authorization.

elseif

if(!isset( $_GET[ 'id'])) if($mode=="user") elseif($mode=="admin")

(

$mode = = "admin"

)

Validates the presence of the 'id' parameter in the GET request.

foreach

foreach($images as $image)

(

$images as

)