Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- $userno = $_SESSION['userno'];
- $rate = $_POST['rate'];
- $comment = $_POST['comment'];
- $reviewno = $_POST['reviewno'];
- $host = "localhost";
- $user = "root";
- $pass = "";
- $DBConnect = @mysqli_connect($host, $user, $pass, 'hotel') or die('Incorrect values.');
- $numberquery = "SELECT * FROM member WHERE userNo = '$userno'";
- $res = mysqli_query($DBConnect, $numberquery);
- $rows = mysqli_num_rows($res);
- if(mysqli_fetch_assoc($res) != NULL){
- $numquery = "SELECT * FROM member WHERE userNo = '$userno'";
- $r = mysqli_query($DBConnect, $numquery);
- $row = mysqli_fetch_assoc($r);
- $memno = $row['memNo'];
- $query = "SELECT * FROM review WHERE reviewNo = '$reviewno'";
- $result = mysqli_query($DBConnect, $query);
- $numrows = mysqli_num_rows($result);
- if ($numrows > 0){
- echo '<p align="center"><font size="+2" color="red">Sorry, cannot add review. The Member ID already exists.</font></p>';
- echo '<p align="center"><font size="+2"><a href="accomodations.php">Please enter another one.</a></font></p>';
- echo '<br><br>';
- }
- if ($numrows == 0){
- $SQLqueryAdd = "INSERT INTO review VALUES('$reviewno','$memno','$rate','$comment')";
- mysqli_query($DBConnect, $SQLqueryAdd);
- echo '<p><font size="+2">Thank you for rating us!</font></p>';
- }
- }
- else{
- echo "Error: User ID not found. Only members can give a rating/review.";
- }
- mysqli_close($DBConnect);
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
