Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- ini_set('display_startup_errors',1);
- ini_set('display_errors',1);
- error_reporting(-1);
- ?>
- <?php
- /*
- Allows the user to both create new records and edit existing records
- */
- // connect to the database
- include("connect-db.php");
- // creates the new/edit record form
- // since this form is used multiple times in this file, I have made it a function that is easily reusable
- function renderForm($name = '', $username = '', $amount_earned = '', $error = '', $id = '')
- { ?>
- <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
- <html>
- <head>
- <title>
- <?php if ($id != '') { echo "Edit Affiliate"; } else { echo "New Affiliate"; } ?>
- </title>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
- <link rel="stylesheet"href="http://ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/blitzer/jquery-ui.css"/>
- <script src="//code.jquery.com/jquery-1.10.2.js"></script>
- <script src="//code.jquery.com/ui/1.11.2/jquery-ui.js"></script>
- <link rel="stylesheet" type="text/css" media="screen" href="css/styles.css" />
- <script src="js/jquery.ui.timepicker.js"></script>
- <link rel="stylesheet" type="text/css" media="screen" href="css/jquery.ui.timepicker.css" />
- <!--<script src="//cdn.ckeditor.com/4.5.5/full/ckeditor.js"></script>-->
- </head>
- <body>
- <div id="logo">
- <img src="images/logo/it-done-right.jpg" alt="" title="">
- </div>
- <?
- session_start();
- if($_SESSION['user']==''){
- header("Location:../index.php");
- }else{
- include("../config.php");
- $sql=$dbh->prepare("SELECT * FROM users WHERE id=?");
- $sql->execute(array($_SESSION['user']));
- while($r=$sql->fetch()){
- echo "<div class='home-content'>";
- echo "<center><h2>Hello, ".$r['username']."</h2>";
- echo "<a href='../logout.php'>Log Out</a>
- <br><br>
- <a href='../index.php'>Home</a></center>";
- echo "</div>";
- echo "<br>";
- }
- }
- ?>
- <?php include("nav-menu.php"); ?>
- <h1><?php if ($id != '') { echo "Edit Affiliate"; } else { echo "New Affiliate"; } ?></h1>
- <?php if ($error != '') {
- echo "<div style='padding:4px; border:1px solid red; color:red'>" . $error
- . "</div>";
- } ?>
- <form action="" method="post" class="basic-grey">
- <div>
- <?php if ($id != '') { ?>
- <input type="hidden" name="id" value="<?php echo $id; ?>" />
- <p>Affiliate ID: <?php echo $id; ?></p>
- <?php } ?>
- <br>
- <strong>Customer Name:</strong> <input type="text" name="name"
- value="<?php echo $name; ?>"/>
- <br/>
- <strong>Customer Email:</strong> <input type="text" name="username"
- value="<?php echo $username; ?>"/>
- <br>
- <strong>Amount Earned:</strong> <input type="text" name="amount_earned"
- value="<?php echo $amount_earned; ?>"/>
- <br>
- <input type="submit" name="submit" value="Add/Update Affiliate" />
- </div>
- </form>
- </body>
- </html>
- <?php }
- /*
- EDIT RECORD
- */
- // if the 'id' variable is set in the URL, we know that we need to edit a record
- if (isset($_GET['id']))
- {
- // if the form's submit button is clicked, we need to process the form
- if (isset($_POST['submit']))
- {
- // make sure the 'id' in the URL is valid
- if (is_numeric($_POST['id']))
- {
- // get variables from the URL/form
- $id = $_POST['id'];
- $name = htmlentities($_POST['name'], ENT_QUOTES);
- $username = htmlentities($_POST['username'], ENT_QUOTES);
- $amount_earned = htmlentities($_POST['amount_earned'], ENT_QUOTES);
- // check that firstname and lastname are both not empty
- if ($name == '' || $username == '' || $amount_earned == '')
- {
- // if they are empty, show an error message and display the form
- $error = 'ERROR: Please fill in all required fields!';
- renderForm($name, $username, $amount_earned, $error, $id);
- }
- else
- {
- // if everything is fine, update the record in the database
- if ($stmt = $mysqli->prepare("UPDATE affiliates SET name = ?, username = ?, amount_earned = ?,
- WHERE id=?"))
- {
- $stmt->bind_param("sssi", $name, $username, $amount_earned, $id);
- $stmt->execute();
- $stmt->close();
- }
- // show an error message if the query has an error
- else
- {
- echo "ERROR: could not prepare SQL statement.";
- }
- // redirect the user once the form is updated
- header("Location: view-affiliates.php");
- }
- }
- // if the 'id' variable is not valid, show an error message
- else
- {
- echo "Error!";
- }
- }
- // if the form hasn't been submitted yet, get the info from the database and show the form
- else
- {
- // make sure the 'id' value is valid
- if (is_numeric($_GET['id']) && $_GET['id'] > 0)
- {
- // get 'id' from URL
- $id = $_GET['id'];
- // get the recod from the database
- if($stmt = $mysqli->prepare("SELECT id, name, username, amount_earned FROM affiliates WHERE id=?"))
- {
- $stmt->bind_param("i", $id);
- $stmt->execute();
- $stmt->bind_result($id, $name, $username, $amount_earned);
- $stmt->fetch();
- // show the form
- renderForm($name, $username, $amount_earned, NULL, $id);
- $stmt->close();
- }
- // show an error if the query has an error
- else
- {
- echo "Error: could not prepare SQL statement";
- }
- }
- // if the 'id' value is not valid, redirect the user back to the view.php page
- else
- {
- header("Location: view-affiliates.php");
- }
- }
- }
- /*
- NEW RECORD
- */
- // if the 'id' variable is not set in the URL, we must be creating a new record
- else
- {
- // if the form's submit button is clicked, we need to process the form
- if (isset($_POST['submit']))
- {
- // get the form data
- $name = htmlentities($_POST['name'], ENT_QUOTES);
- $username = htmlentities($_POST['username'], ENT_QUOTES);
- $amount_earned = htmlentities($_POST['amount_earned'], ENT_QUOTES);
- // check that firstname and lastname are both not empty
- if ($name == '' || $username == '' || $amount_earned == '')
- {
- // if they are empty, show an error message and display the form
- $error = 'ERROR: Please fill in all required fields!';
- renderForm($name, $username, $amount_earned, $error);
- }
- else
- {
- // insert the new record into the database
- if ($stmt = $mysqli->prepare("INSERT affiliates (name, username, amount_earned) VALUES (?, ?, ?)"))
- {
- $stmt->bind_param("sss", $name, $username, $amount_earned);
- $stmt->execute();
- $stmt->close();
- }
- // show an error if the query has an error
- else
- {
- echo "ERROR: Could not prepare SQL statement.";
- }
- // redirec the user
- header("Location: view-affiliates.php");
- }
- }
- // if the form hasn't been submitted yet, show the form
- else
- {
- renderForm();
- }
- }
- // close the mysqli connection
- $mysqli->close();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement