Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- EDIT.PHP
- Allows user to edit specific entry in database
- */
- // creates the edit record form
- // since this form is used multiple times in this file, I have made it a function that is easily reusable
- function renderForm($id, $username, $foldername, $location, $caption, $name, $error)
- {
- ?>
- <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
- <html>
- <head>
- <meta charset="utf-8">
- <meta http-equiv="X-UA-Compatible" content="IE=edge" />
- <meta name="viewport" content="width=device-width, initial-scale=1">
- <title>Admin User Fodler Delete Record</title>
- </head>
- <body>
- <?php
- // if there are any errors, display them
- if ($error != '')
- {
- echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>';
- }
- ?>
- <form action="" method="post">
- <input type="hidden" name="userfolderid" value="<?php echo $id; ?>"/>
- <div>
- <p><strong>ID:</strong> <?php echo $id; ?></p>
- <strong>UserName: *</strong> <input type="text" name="username" value="<?php echo $username; ?>"/><br/>
- <strong>FolderName: *</strong> <input type="text" name="foldername" value="<?php echo $foldername; ?>"/><br/>
- <strong>Location: *</strong> <input type="text" name="location" value="<?php echo $location; ?>"/><br/>
- <strong>Caption: *</strong> <input type="text" name="caption" value="<?php echo $caption; ?>"/><br/>
- <strong>File Name: *</strong> <input type="text" name="name" value="<?php echo $name; ?>"/><br/>
- <p>* Required</p>
- <input type="submit" name="submit" value="Delete">
- </div>
- </form>
- </body>
- </html>
- <?php
- }
- // connect to the database
- include('includes/connection.php');
- // check if the form has been submitted. If it has, process the form and save it to the database
- if (isset($_POST['submit']))
- {
- // confirm that the 'id' value is a valid integer before getting the form data
- if (is_numeric($_POST['userfolderid']))
- {
- // get form data, making sure it is valid
- $id = $_POST['userfolderid'];
- $username = mysql_real_escape_string(htmlspecialchars($_POST['username']));
- $foldername = mysql_real_escape_string(htmlspecialchars($_POST['foldername']));
- $location = mysql_real_escape_string(htmlspecialchars($_POST['location']));
- $caption = mysql_real_escape_string(htmlspecialchars($_POST['caption']));
- $name = mysql_real_escape_string(htmlspecialchars($_POST['name']));
- // check that firstname/lastname fields are both filled in
- if ($foldername == '' || $username == '')
- {
- // generate error message
- $error = 'ERROR: Please fill in all required fields!';
- //error, display form
- renderForm($id, $username, $foldername, $location, $caption, $name, $error);
- }
- else
- {
- // save the data to the database
- mysql_query("DELETE FROM userfolders WHERE userfolderid='$id'")
- or die(mysql_error());
- // once saved, redirect back to the view page
- header("Location: admin-user-folder-details.php");
- }
- }
- else
- {
- // if the 'id' isn't valid, display an error
- echo 'Error!';
- }
- }
- else
- // if the form hasn't been submitted, get the data from the db and display the form
- {
- // get the 'id' value from the URL (if it exists), making sure that it is valid (checing that it is numeric/larger than 0)
- if (isset($_GET['userfolderid']) && is_numeric($_GET['userfolderid']) && $_GET['userfolderid'] > 0)
- {
- // query db
- $id = $_GET['userfolderid'];
- $result = mysql_query("SELECT * FROM userfolders WHERE userfolderid=$id")
- or die(mysql_error());
- $row = mysql_fetch_array($result);
- // check that the 'id' matches up with a row in the databse
- if($row)
- {
- // get data from db
- $username = $row['username'];
- $foldername = $row['foldername'];
- $location = $row['location'];
- $caption = $row['caption'];
- $name = $row['name'];
- // show form
- renderForm($id, $username, $foldername, $location, $caption, $name, '');
- }
- else
- // if no match, display result
- {
- echo "No results!";
- }
- }
- else
- // if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error
- {
- echo 'Error!';
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement