API tools faq
paste
Advertisement
Alkhammash

Untitled

Alkhammash
Dec 19th, 2014
151
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 4.22 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /*
  3.  EDIT.PHP
  4.  Allows user to edit specific entry in database
  5. */
  6.  
  7.  // creates the edit record form
  8.  // since this form is used multiple times in this file, I have made it a function that is easily reusable
  9.  function renderForm($id, $username, $foldername, $location, $caption, $name, $error)
  10.  {
  11.  ?>
  12.  <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
  13.  <html>
  14.  <head>
  15.   <meta charset="utf-8">
  16.     <meta http-equiv="X-UA-Compatible" content="IE=edge" />
  17.     <meta name="viewport" content="width=device-width, initial-scale=1">
  18.  <title>Admin User Folder Edit Record</title>
  19.  </head>
  20.  <body>
  21.  <?php
  22.  // if there are any errors, display them
  23.  if ($error != '')
  24.  {
  25.  echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>';
  26.  }
  27.  ?>
  28.  
  29.  <form action="" method="post">
  30.  <input type="hidden" name="userfolderid" value="<?php echo $id; ?>"/>
  31.  <div>
  32.  <p><strong>ID:</strong> <?php echo $id; ?></p>
  33.  <strong>Username: *</strong> <input type="text" name="username" value="<?php echo $username; ?>"/><br/>
  34.  <strong>FolderName: *</strong> <input type="text" name="foldername" value="<?php echo $foldername; ?>"/><br/>
  35.  <strong>Location: *</strong> <input type="text" name="location" value="<?php echo $location; ?>"/><br/>
  36.  <strong>Caption: *</strong> <input type="text" name="caption" value="<?php echo $caption; ?>"/><br/>
  37.  <strong>FIle Name: *</strong> <input type="text" name="name" value="<?php echo $name; ?>"/><br/>
  38.  <p>* Required</p>
  39.  
  40.  <input type="submit" name="submit" value="Submit">
  41.  <span><a href="admin-user-folder-details.php">Cancel</a></span>
  42.  </div>
  43.  </form>
  44.  </body>
  45.  </html>
  46.  <?php
  47.  }
  48.  
  49.  
  50.  
  51.  // connect to the database
  52.  include('includes/connection.php');
  53.  
  54.  // check if the form has been submitted. If it has, process the form and save it to the database
  55.  if (isset($_POST['submit']))
  56.  {
  57.  // confirm that the 'id' value is a valid integer before getting the form data
  58.  if (is_numeric($_POST['userfolderid']))
  59.  {
  60.  // get form data, making sure it is valid
  61.  $id = $_POST['userfolderid'];
  62.  $username = mysql_real_escape_string(htmlspecialchars($_POST['username']));
  63.  $foldername = mysql_real_escape_string(htmlspecialchars($_POST['foldername']));
  64.  $location = mysql_real_escape_string(htmlspecialchars($_POST['location']));
  65.  $caption = mysql_real_escape_string(htmlspecialchars($_POST['caption']));
  66.  $name = mysql_real_escape_string(htmlspecialchars($_POST['name']));
  67.  
  68.  
  69.  // check that firstname/lastname fields are both filled in
  70.  if ($foldername == '' || $username == '')
  71.  {
  72.  // generate error message
  73.  $error = 'ERROR: Please fill in all required fields!';
  74.  
  75.  //error, display form
  76.  renderForm($id, $username, $foldername, $location, $caption, $name, $error);
  77.  }
  78.  else
  79.  {
  80.  // save the data to the database
  81.  mysql_query("UPDATE userfolders SET username='$username', foldername='$foldername', location='$location', caption='$caption', name='$name' WHERE userfolderid='$id'")
  82.  or die(mysql_error());
  83.  
  84.  // once saved, redirect back to the view page
  85.  header("Location: admin-user-folder-details.php");
  86.  }
  87.  }
  88.  else
  89.  {
  90.  // if the 'id' isn't valid, display an error
  91.  echo 'Error!';
  92.  }
  93.  }
  94.  else
  95.  // if the form hasn't been submitted, get the data from the db and display the form
  96.  {
  97.  
  98.  // get the 'id' value from the URL (if it exists), making sure that it is valid (checing that it is numeric/larger than 0)
  99.  if (isset($_GET['userfolderid']) && is_numeric($_GET['userfolderid']) && $_GET['userfolderid'] > 0)
  100.  {
  101.  // query db
  102.  $id = $_GET['userfolderid'];
  103.  $result = mysql_query("SELECT * FROM userfolders WHERE userfolderid=$id")
  104.  or die(mysql_error());
  105.  $row = mysql_fetch_array($result);
  106.  
  107.  // check that the 'id' matches up with a row in the databse
  108.  if($row)
  109.  {
  110.  
  111.  // get data from db
  112.  $username = $row['username'];
  113.  $foldername = $row['foldername'];
  114.  $location = $row['location'];
  115.  $caption = $row['caption'];
  116.  $name = $row['name'];
  117.  // show form
  118.  renderForm($id, $username, $foldername, $location, $caption, $name, '');
  119.  }
  120.  else
  121.  // if no match, display result
  122.  {
  123.  echo "No results!";
  124.  }
  125.  }
  126.  else
  127.  // if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error
  128.  {
  129.  echo 'Error!';
  130.  }
  131.  }
  132. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!