<?phperror_reporting(-1);ini_set('display_errors', 'On');?><?php$serve

1. <?php
2. error_reporting(-1);
3. ini_set('display_errors', 'On');
4. ?>
5. <?php
6. $servername = "xxxx";
7. $username = "xxxx";
8. $password = "xxxxx";
9. $dbname = "xxxx";
10.  
11. try {
12. $dbh = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
13. // set the PDO error mode to exception
14. $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
15. }
16. catch(PDOException $e)
17. {
18. echo "Connection failed: " . $e->getMessage();
19. }
20. $sth = $dbh->prepare("use accessibilita");
21. ?>
22. <?php
23. switch ($_GET['action']) {
24. case 'add':
25. switch ($_GET['type']) {
26. case 'tages':
27. $error = array();
28. $nome = isset($_POST['nome']) ?
29. trim($_POST['nome']) : '';
30. if (empty($user)) {
31. $error[] = urlencode('Please enter a name.');
32. }
33. $cognome = isset($_POST['cognome']) ?
34. trim($_POST['cognome']) : '';
35. if (empty($user)) {
36. $error[] = urlencode('Please select a lastname.');
37. }
38. $indirizzo = isset($_POST['indirizzo']) ?
39. trim($_POST['indirizzo']) : '';
40. if (empty($user)) {
41. $error[] = urlencode('Please select a address.');
42. }
43. $civico = isset($_POST['civico']) ?
44. trim($_POST['civico']) : '';
45. if (empty($user)) {
46. $error[] = urlencode('Please select a number.');
47. }
48. $citta = isset($_POST['citta']) ?
49. trim($_POST['citta']) : '';
50. if (empty($user)) {
51. $error[] = urlencode('Please select a city.');
52. }
53. $prov = isset($_POST['prov']) ?
54. trim($_POST['prov']) : '';
55. if (empty($user)) {
56. $error[] = urlencode('Please select a county.');
57. }
58. if (empty($error)) {
59. $stmt = $dbh->prepare("INSERT INTO tagesroma(nome, cognome, indirizzo, civico, citta, prov)
60. VALUES (:nome, :cognome, :indirizzo, :civico, :citta, :prov)");
61. $stmt->bindParam(':nome', $nome);
62. $stmt->bindParam(':cognome', $cognome);
63. $stmt->bindParam(':indirizzo', $indirizzo);
64. $stmt->bindParam(':civico', $civico);
65. $stmt->bindParam(':citta', $citta);
66. $stmt->bindParam(':prov', $prov);
67. $stmt -> execute();
68. } else {
69. header('Location:tages.php?action=add' .
70. '&error=' . join($error, urlencode('<br/>')));
71. }
72. break;
73. }
74. break;
75. case 'edit':
76. switch ($_GET['type']) {
77. case 'tages':
78. $error = array();
79. $nome = isset($_POST['nome']) ?
80. trim($_POST['nome']) : '';
81. if (empty($nome)) {
82. $error[] = urlencode('Please enter a name.');
83. }
84. $cognome = isset($_POST['cognome']) ?
85. trim($_POST['cognome']) : '';
86. if (empty($cognome)) {
87. $error[] = urlencode('Please select a lastname.');
88. }
89. $indirizzo = isset($_POST['indirizzo']) ?
90. trim($_POST['indirizzo']) : '';
91. if (empty($indirizzo)) {
92. $error[] = urlencode('Please select a address.');
93. }
94. $civico = isset($_POST['civico']) ?
95. trim($_POST['civico']) : '';
96. if (empty($civico)) {
97. $error[] = urlencode('Please select a number.');
98. }
99. $citta = isset($_POST['citta']) ?
100. trim($_POST['citta']) : '';
101. if (empty($citta)) {
102. $error[] = urlencode('Please select a city.');
103. }
104. $prov = isset($_POST['prov']) ?
105. trim($_POST['prov']) : '';
106. if (empty($prov)) {
107. $error[] = urlencode('Please select a county.');
108. }
109. if (empty($error)) {
110. $stmt = $dbh->prepare("UPDATE tagesroma SET nome=?, cognome=?, indirizzo=?, civico=?, citta=?, prov=? WHERE id=?"); // changed to WHERE id=?
111. $stmt->execute(array($nome, $cognome, $indirizzo, $civico, $citta, $prov,$_GET["id"])); // added $_GET["id"] to the end
112. } else {
113. header('Location:tages.php?action=edit&id=' . $_GET['id'] .
114. '&error=' . join($error, urlencode('<br/>')));
115. }
116. break;
117. }
118. break;
119. }
120. ?>
121.  
122. <html>
123. <head>
124. <title>Commit</title>
125. <meta charset="UTF-8">
126. </head>
127. <body>
128. <p>Done!</p>
129. <a title="Torna Indietro" href="admin.php">Torna Indietro</a>
130. </body>
131. </html>