<?php
error_reporting(-1);
ini_set('display_errors', 'On');
?>
<?php
session_start();
if(empty($_SESSION['loggedin']))
{
header('Location: http://' . $_SERVER['HTTP_HOST'] . '/sites/sgr/admin/login.php');
exit;
}
echo 'You will only see this if you are logged in.';
?>
<?php
/*
NEW.PHP
Allows user to create a new entry in the database
*/
// creates the new record form
// since this form is used multiple times in this file, I have made it a function that is easily reusable
function renderForm($id, $ref, $role, $division, $location, $salary, $description, $addedby,
$active, $error)
{
?>
<?php
include ( 'includes/header.php' );
?>
<title>Admin Add Job Page</title>
</head>
<body>
<div id="container">
<?php
// if there are any errors, display them
if ($error != '')
{
echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>';
}
?>
<form action="" method="post">
<div>
<strong>Ref: *</strong> <input type="text" name="ref" value="<?php echo $ref; ?>" />
<br/><br>
<strong>Role: *</strong> <input type="text" name="role" value="<?php echo $role; ?>" />
<br/><br>
<strong>Division: *</strong> <input type="text" name="division" value="<?php echo $division; ?>" />
<br /><br>
<strong>Location: *</strong> <input type="text" name="location" value="<?php echo $location; ?>" />
<br /><br>
<strong>Salary: *</strong> <input type="text" name="salary" value="<?php echo $salary; ?>" />
<br /><br>
<strong>Description: *</strong> <textarea name="description" value="<?php echo $description; ?>" cols="30" rows="6" /></textarea>
<br /><br>
<strong>Added By: *</strong> <input type="text" name="addedby" value="<?php echo $addedby; ?>" />
<br>
<label style="color: #FFFFFF;"><input type="radio" name="active" value="1" <?php if($active == 1) echo 'checked="checked"'; ?> > Active</label>
<br>
<label style="color: #FFFFFF;"><input type="radio" name="active" value="0" <?php if($active == 0) echo 'checked="checked"'; ?> > Inactive</label>
<br>
<input type="submit" name="submit" value="Submit">
</div>
</form>
</div>
</body>
</html>
<?php
}
// connect to the database
//include('connect-db.php');
$con = mysqli_connect("","","","");
// check if the form has been submitted. If it has, start to process the form and save it to the database
if (isset($_POST['submit']))
{
// get form data, making sure it is valid
$id = $_POST['id'];
$ref = mysql_real_escape_string(htmlspecialchars($_POST['ref']));
$role = mysql_real_escape_string(htmlspecialchars($_POST['role']));
$division = mysql_real_escape_string(htmlspecialchars($_POST['division']));
$location = mysql_real_escape_string(htmlspecialchars($_POST['location']));
$salary = mysql_real_escape_string(htmlspecialchars($_POST['salary']));
$description = mysql_real_escape_string(htmlspecialchars($_POST['description']));
$addedby = mysql_real_escape_string(htmlspecialchars($_POST['addedby']));
$active = (int)$_POST['active'];
// check to make sure all fields are entered
if ($ref == '' || $role == '' || $division = '' || $location = '' || $salary = '' ||
$description = '' || $addedby = '' || $active = '' )
{
// generate error message
$error = 'ERROR: Please fill in all required fields!';
// if either field is blank, display the form again
renderForm($id, $ref, $role, $division, $location, $salary, $description, $addedby, $active, $error);
}
else
{
// save the data to the database
mysqli_query($con, "INSERT INTO jobs (ref,role,division,location,salary,description,addedby,active) VALUES('$ref','$role','$division','$location','$salary','$description','$addedby','$active')")
or die(mysql_error());
// once saved, redirect back to the view page
header("Location: view.php");
}
}
else
// if the form hasn't been submitted, display the form
{
renderForm('','','','','','','','','','');
}
?>