SHOW:
|
|
- or go back to the newest paste.
1 | <?php | |
2 | include('connection.php'); | |
3 | include('restrict-login.php'); | |
4 | ||
5 | if(isset($_POST['comments'])) { | |
6 | ||
7 | $query = $dbh->prepare('INSERT into comments (user, report, body) VALUES (?, ?, ?)'); | |
8 | $query->execute(array($_SESSION['id'], $_POST['report'], $_POST['body'])); | |
9 | ||
10 | } elseif(isset($_GET['id'])) { | |
11 | ||
12 | $query = $dbh->prepare('SELECT * FROM reports WHERE id = ?'); | |
13 | $qyuery->execute(array($_GET['id'])); | |
14 | $report = $query->fetchAll(); | |
15 | ||
16 | if(!$report) die('Report not found!'); | |
17 | ||
18 | $report = $report[0]; | |
19 | ||
20 | - | $commetns = $query->fetchAll(); |
20 | + | |
21 | $query->execute(array($_GET['id'])); | |
22 | $comments = $query->fetchAll(); | |
23 | ||
24 | ?><!DOCTYPE html> | |
25 | <html> | |
26 | <head> | |
27 | <title>reports</title> | |
28 | </head> | |
29 | <body> | |
30 | <div> | |
31 | <?php echo $report['user'], $report['doctor'], $report['timestamp'], $report['speciality'], $report['appointment'], $report['treatment']; ?> | |
32 | </div> | |
33 | <h2>Comments</h2> | |
34 | <?php foreach($comments as $row) { ?> | |
35 | <div> | |
36 | <?php echo $row['user'], $row['report'], $row['body'], $row['timestamp'] ?> | |
37 | </div> | |
38 | <?php } ?> | |
39 | <form action="" method="POST"> | |
40 | <textarea name="body"></textarea> | |
41 | <input type="hidden" name="report" value="<?php echo $report['id']; ?>"> | |
42 | <input type="submit"></input> | |
43 | </form> | |
44 | </body> | |
45 | </html> | |
46 | <?php } ?> |