Fix routing and validations

[edsaur]

Hello!

I have come to contribute to your project and expand my experience in using PHP along with jQuery AJAX. I have added along changes in this project that I will explain below:

Adding Routes and Subfolders for view files, processes, etc

The current version of the routing is very messy (Ex: localhost/customer/customerSide/home.php). To fix this, there's an addition to the .htaccess file in the root which configures the Apache server to look on index.php for requests.

Index.php and its routes.

If you check index.php now it contains the shorthand route to the pages along where folder does these pages are. The changes are when we are now adding new files to the project the routing is now coming from index.php.

Example:
localhost is at Home.php trying to access the Registration page

From
<a href="../registration/registration.php">Register</a>

To
Saying the path of registration is set in index.php
<a href ="/register>Register</a>"

New folders?!

To reduce confusions whether where is what, I have put it in a simple and organized folder system...

• View folder- contains all the UI (frontend) files
• Processes folder - contains all the backend processes
• JS folder - contains all JavaScript file
• CSS folder - contains all files of the styling files

Fixing the Sign Up and Login Validation

Right now, the current version of validating the login page is very long process. It takes up time and also it is very messy to see especially if there will be soon bug fixes or adding new features to the process of the login.

Instead... I have shorten the codes.

I have used my own database connection (database-connection.php, also used this in registration (included in this pull request too) You could check it out too). The database connection itself contains the function of querying.

To reduce time complexity and loading per process of validation, I have used jQuery and Ajax so that it will just eat a little time to validate and so that users can see right away the errors without having the page reloading. The processes of both Customer's registration and login decodes a json response which the js files process on.

Be Secure!

For an extra layer of security and reduce the chances of MySQL Injection, when we're checking, inserting, updating, deleting values I've come with an extra params per functions that will accept an array of the values that we are inserting, getting, deleting or updating.

Example:

From

$query = SELECT * from Membership WHERE account_id = $row_account_id;
$result_member = mysqli_query($link, $sql_member);

// ...The MySQL Fetch Assoc

To

$account_id = $user[0]['account_id'] // saying there is a prior query to get the user

$query = SELECT * from Membership WHERE account_id = ?;
$param = [$account_id];

$member = fetch_record($query, $param); // this will fetch the record to database-connection.php

New additions...

I might add new fixes to site.

Thank you!

[BryanTheLai]

Reservations, staff-login and most likely others not working, issue related to index.php routing.

[edsaur]

Hi, @BryanTheLai!

I've already done the migration of the staff page to the routing. I'll do fix the processes of each of the staffs.

Thanks <3