show crate delete

c59c8dae · 65160132 · 44f90e85 · c59c8dae · c59c8dae · c59c8dae
Commit c59c8dae authored 2 months ago by 65160132
--- a/controllers/indexController.js
+++ b/controllers/indexController.js
-module.exports = (req, res) => {
+const pool = require('../db');
-    res.render('index', { message: req.flash('message') });
+exports.getProducts = async (req, res) => {
+    try {
+      const [rows] = await pool.query('SELECT * FROM products');
+      res.render('index', { products: rows });
+    } catch (err) {
+      res.status(500).send('Database error: ' + err.message);
    }
+  };
+  exports.getProductDetail = async (req, res) => {
+    const productId = req.params.id;
+    try {
+      const [rows] = await pool.query(`
+        SELECT p.*, u.email AS owner
+        FROM products p
+        LEFT JOIN users u ON p.owner = u.email
+        WHERE p.product_id = ?`, [productId]);
+      if (rows.length === 0) {
+        return res.status(404).send('ไม่พบสินค้านี้');
+      }
+      res.render('product', { product: rows[0], currentUserEmail: req.session.userIdEmail || '' });
+    } catch (err) {
+      res.status(500).send('Database error: ' + err.message);
+    }
+  };
\ No newline at end of file
--- a/controllers/loginController.js
+++ b/controllers/loginController.js
@@ -19,6 +19,7 @@ module.exports = {
            const match = await bcrypt.compare(rpassword, user.password);
            if (match) {
                req.session.userId = user.id
+                req.session.userIdEmail = user.email;
                res.redirect('/');
            } else {
                req.flash('message', 'Password incorrect');

--- a/controllers/productController.js
+++ b/controllers/productController.js
+const pool = require('../db');
+exports.showAddProductForm = (req, res) => {
+   res.render('addProduct');
+};
+exports.createProduct = async (req, res) => {
+    const { product_name, price, image, description } = req.body;
+    const owner = req.session.userIdEmail; // เราต้องเก็บ email ตอน login ด้วยนะครับ
+    try {
+       const sql = 'INSERT INTO products (product_name, price, image, description, owner) VALUES (?, ?, ?, ?, ?)';
+       await pool.query(sql, [product_name, price, image, description, owner]);
+       res.redirect('/');
+    } catch (err) {
+       res.status(500).send('เกิดข้อผิดพลาดในการเพิ่มสินค้า: ' + err.message);
+    }
+ };
+ exports.deleteProduct = async (req, res) => {
+    const productId = req.params.id;
+    const currentUserEmail = req.session.userIdEmail;
+    try {
+      // ตรวจสอบว่าผู้ใช้นี้เป็นเจ้าของหรือไม่
+      const [rows] = await pool.query('SELECT * FROM products WHERE product_id = ?', [productId]);
+      if (rows.length === 0) {
+        return res.status(404).send('ไม่พบสินค้านี้');
+      }
+      const product = rows[0];
+      if (product.owner !== currentUserEmail) {
+        return res.status(403).send('คุณไม่มีสิทธิ์ลบสินค้านี้');
+      }
+      // ลบสินค้าได้
+      await pool.query('DELETE FROM products WHERE product_id = ?', [productId]);
+      res.redirect('/');
+    } catch (err) {
+      res.status(500).send('Database error: ' + err.message);
+    }
+  };
\ No newline at end of file
--- a/index.js
+++ b/index.js
@@ -25,14 +25,19 @@ const indexController = require('./controllers/indexController');
 const loginController = require('./controllers/loginController');
 const registerController = require('./controllers/registerController');
 const logoutController = require('./controllers/logoutController');
+const productController = require('./controllers/productController');
-app.get('/', indexController);
+app.get('/', indexController.getProducts);
 app.get('/login', loginController.showLoginPage);
 app.post('/user/login', loginController.loginUser);
 app.get('/register', registerController.showRegisterPage);
 app.post('/user/register', registerController.registerUser);
 app.post('/user/register', registerController.registerUser);
 app.get('/logout', logoutController);
+app.get('/product/:id', indexController.getProductDetail);
+app.get('/addProduct', productController.showAddProductForm);
+app.post('/addProduct', productController.createProduct);
+app.post('/delete_product/:id', productController.deleteProduct);
 const port = process.env.PORT || 3000;
 app.listen(port, () => {

--- a/public/css/index.css
+++ b/public/css/index.css
+img {
+    width: 150px;
+    height: auto;
+    border-radius: 8px;
+    margin-bottom: 10px;
+  }
\ No newline at end of file
--- a/views/addProduct.ejs
+++ b/views/addProduct.ejs
+<!DOCTYPE html>
+<html lang="en">
+<head>
+   <meta charset="UTF-8">
+   <meta name="viewport" content="width=device-width, initial-scale=1.0">
+   <title>เพิ่มสินค้าใหม่</title>
+</head>
+<body>
+   <h1>เพิ่มสินค้าใหม่</h1>
+   <form action="/addProduct" method="POST">
+      <div>
+         <label>ชื่อสินค้า:</label>
+         <input type="text" name="product_name" required>
+      </div>
+      <div>
+         <label>ราคาสินค้า:</label>
+         <input type="number" name="price" required>
+      </div>
+      <div>
+         <label>URL รูปภาพ:</label>
+         <input type="text" name="image" required>
+      </div>
+      <div>
+         <label>รายละเอียดสินค้า:</label>
+         <textarea name="description"></textarea>
+      </div>
+      <button type="submit">เพิ่มสินค้า</button>
+   </form>
+   <a href="/">กลับหน้าหลัก</a>
+</body>
+</html>
--- a/views/index.ejs
+++ b/views/index.ejs
--- a/views/product.ejs
+++ b/views/product.ejs
+<!DOCTYPE html>
+<html lang="en">
+<head>
+   <meta charset="UTF-8">
+   <meta name="viewport" content="width=device-width, initial-scale=1.0">
+   <title>รายละเอียดสินค้า</title>
+   <style>
+      img {
+         width: 300px;
+         border-radius: 10px;
+         margin-bottom: 20px;
+      }
+   </style>
+</head>
+<body>
+    <h1><%= product.product_name %></h1>
+<img src="<%= product.image %>" alt="<%= product.product_name %>" width="300px">
+<p>ราคา: <strong><%= product.price %> บาท</strong></p>
+<p>รายละเอียด: <%= product.description || "ไม่มีรายละเอียด" %></p>
+<p>สร้างโดย: <%= product.owner %></p>
+<% if (currentUserEmail === product.owner) { %>
+   <form action="/delete_product/<%= product.product_id %>" method="POST" onsubmit="return confirm('ยืนยันการลบสินค้านี้?');">
+      <button type="submit" style="color: red;">ลบสินค้า</button>
+   </form>
+<% } %>
+<a href="/">กลับหน้าหลัก</a>
+</body>
+</html>