Untitled

<?php

// server info
$server = 'localhost';
$user = 'root';
$pass = '';
$db = 'mysql';

// connect to the database
$mysqli = new mysqli($server, $user, $pass, $db);

// show errors (remove this line if on a live site)
mysqli_report(MYSQLI_REPORT_ERROR);

function renderForm($customer_name = '', $MGMT_IP = '', $Vendor = '', $Version = '', $GUI_User = '', $GUI_Pass = '', $Notes = '', $error = '', $customer_number = '')
{ ?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<html dir="rtl" lang="ar">
<head>
<title>
<?php if ($customer_number != '') { echo "edit customer record"; } else { echo "New Record"; } ?>
</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
</head>
<body>
<h1><?php if ($customer_number != '') { echo "type in the all required fields"; } else { echo "New Record"; } ?></h1>
<?php if ($error != '') {
echo "<div style='padding:4px; border:1px solid red; color:red'>" . $error
. "</div>";
} ?>

<form action="" method="post">
<div>
<?php if ($customer_number != '') { ?>
<input type="hidden" name="customer_number" value="<?php echo $customer_number; ?>" />
<p>customer_number: <?php echo $customer_number; ?></p>
<?php } ?>

<strong>customer name: *</strong> <input type="text" name="customer_name"
value="<?php echo $customer_name; ?>"/><br/><br/>
<label for="Vendor">vendor</label>
<select name="Vendor">
<option value="Juniper">Juniper</option>
<option value="Fortinet">Fortinet</option>
<option value="Websense">Websense</option>
<option value="F5">F5</option>
<option value="Cisco">Cisco</option>
<option value="Backbox">Backbox</option>
<option value="Radware">Radware</option>
<option value="Orion">Orion</option>
<option value="VM">VM</option>
<option value="EMC">EMC</option>
<option value="Backup">Backup</option>
<option value="HP">HP</option>
<option value="Storage">Storage</option>
<option value="PinApp">PineApp</option>
<option value="RDP">RDP</option>
</select><br/><br/>

<strong>MGMT IP: *</strong> <input type="text" name="MGMT_IP"
value="<?php echo $MGMT_IP; ?>"/><br/><br/>
<strong>version: *</strong> <input type="text" name="Version"
value="<?php echo $Version; ?>"/><br/><br/>
<strong>GUI User: *</strong> <input type="text" name="GUI_User"
value="<?php echo $GUI_User; ?>"/><br/><br/>
<strong>GUI Pass: *</strong> <input type="text" name="GUI_Pass"
value="<?php echo $GUI_Pass; ?>"/><br/><br/>
<strong>notes: </strong> <input type="text" name="Notes"
value="<?php echo $Notes; ?>"/>
<p>* FILLUP REUIRED FIELDS</p>
<input type="submit" name="submit" value="Submit" />
</div>
</form>
</body>
</html>

<?php }

/*

EDIT RECORD

*/


{
// if the 'customer_number' variable is set in the URL, we know that we need to edit a record
if (isset($_GET['customer_number']))
{
// if the form's submit button is clicked, we need to process the form
if (isset($_POST['submit']))
{
// make sure the 'customer_number' in the URL is valid
if (is_numeric($_POST['customer_number']))
{
// get variables from the URL/form
$customer_number = $_POST['customer_number'];
$customer_name = htmlentities($_POST['customer_name'], ENT_QUOTES);
$Vendor = htmlentities($_POST['Vendor'], ENT_QUOTES);
$MGMT_IP = htmlentities($_POST['MGMT_IP'], ENT_QUOTES);
$Version = htmlentities($_POST['Version'], ENT_QUOTES);
$GUI_User = htmlentities($_POST['GUI_User'], ENT_QUOTES);
$GUI_Pass = htmlentities($_POST['GUI_Pass'], ENT_QUOTES);
$Notes = htmlentities($_POST['Notes'], ENT_QUOTES);


// check that customer_name and Vendor are both not empty
if ($customer_name == '' || $Vendor == '' || $MGMT_IP == '' || $Version == '' || $GUI_User == '' || $GUI_Pass == '')
{
// if they are empty, show an error message and display the form
$error = 'error: fill up required fields!';
renderForm($customer_name, $Vendor, $MGMT_IP, $Version, $GUI_User, $GUI_Pass, $Notes, $error, $customer_number);
}
else
{
// if everything is fine, update the record in the database
if ($stmt = $mysqli->prepare("UPDATE cloud_team SET customer_name = ?, Vendor = ?, MGMT_IP = ?, Version = ?, GUI_User = ?, GUI_Pass = ?, Notes = ?
WHERE customer_number=?"))
{
$stmt->bind_param("sssssssi", $customer_name, $Vendor, $MGMT_IP, $Version, $GUI_User, $GUI_Pass, $Notes, $customer_number);
$stmt->execute();
$stmt->close();
}
// show an error message if the query has an error
else
{
echo "ERROR: could not prepare SQL statement.";
}

// redirect the user once the form is updated
header("Location: view.php");
}
}
// if the 'customer_number' variable is not valid_number, show an error message
else
{
echo "Error!";
}
}
// if the form hasn't been submitted yet, get the info from the database and show the form
else
{
// make sure the 'customer_number' value is valcustomer_number
if (is_numeric($_GET['customer_number']) && $_GET['customer_number'] > 0)
{
// get 'customer_number' from URL
$customer_number = $_GET['customer_number'];

// get the recod from the database
if($stmt = $mysqli->prepare("SELECT * FROM cloud_team WHERE customer_number=?"))
{
$stmt->bind_param("i", $customer_number);
$stmt->execute();

$stmt->bind_result($customer_number, $customer_name, $Vendor, $MGMT_IP, $Version, $GUI_User, $GUI_Pass, $Notes);
$stmt->fetch();

// show the form
renderForm($customer_name, $Vendor, $MGMT_IP, $Version, $GUI_User, $GUI_Pass, $Notes, NULL, $customer_number);

$stmt->close();
}
// show an error if the query has an error
else
{
echo "Error: could not prepare SQL statement";
}
}
// if the 'customer_number' value is not valid, redirect the user back to the joomla_31/index.php/juniper page
else
{
header("Location: view.php");
}
}
}
// if the form hasn't been submitted yet, show the form
else
{
renderForm();
}
}
// close the mysqli connection

$mysqli->close();
?>