Untitled

<?php
//Start or resume a session
session_start();
    //!!Debug (I dont use login.php, I use this to bypass login.php. so remove this sen)!!
    // $_SESSION['organisermail'] = "john@hotmail.com";
        if ( !isset( $_SESSION['organisermail'] ))
        {
            header('Location: organiser.php');
            exit;
        }
//connect to database
@ $db= new mysqli('localhost','root','','assignment1');
    if (mysqli_connect_error())
    {//display the details of any connection errors
    echo 'Error connecting to database:<br/>'.mysqli_connect_error();
    exit;
    }
    ?>
<!DOCTYPE html>
<html>
<head>
  <title>Message Volunteer</title>
    <table style="width: 200px; border: 0px;" cellspacing="1" cellpadding="1">
        <tr>
            <td>Message</td>
            <td>
                <input name="message" required type="text" style="width:200px;" maxlength="250"/>
            </td>
        </tr>
        <tr>
            <td>Volunteer</td>
            <td>
            <select name="username">
        <?php
            $pos_query ='SELECT * FROM volunteers ORDER BY first_name ASC';
            $pos_results = $db->query($pos_query);

            for ($i=0; $i < $pos_results->num_rows; $i++)
            {
                $pos_row = $pos_results->fetch_assoc();

                echo '<option value="'.$pos_row['email'].'">'.$pos_row['first_name']." ".($pos_row['surname']).'</option>';
            }
        ?>
        </select>
            </td>
        </tr>
        <tr>
        <td  colspan="2">
            <input type="submit" name="submit" value="Submit!" />
        </td>
        </tr>
    </table>
</head>
<?php
        if (isset($_POST['message']) )
    {
        //validate that user can't add already added time slot
        $query="SELECT organisers.first_name AS or_fn, organisers.surname AS or_sn, volunteers.first_name AS vl_fn,
		volunteers.surname AS vl_sn, message.* FROM message
		JOIN organisers ON organisers.username= message.org_username
		JOIN volunteers ON volunteers.email=message.email";
        echo $query."<br>";
        $results=$db->query($query);


        //if    ($results-> num_rows > 0)
        //{
        //  $error_message='Your data already exist, choose another.';

        //}
		$org_email = $_SESSION['organisermail'];
		$vol_username= $POST['username'];
		$message =$POST['message'];

         $query= "INSERT INTO message VALUES ('', '$org_email', '$vol_username', '$message,'')";
         //echo'insert query';
         $result= $db->query($query);

         if ($result)
         {
            echo'<p>User details inserted into database!</p>.';
         }else{
            echo mysqli_error($db);
         }
    }

    //echo'testing2';


    $query="SELECT organisers.first_name AS or_fn, organisers.surname AS or_sn, volunteers.first_name AS vl_fn,
    volunteers.surname AS vl_sn, message.* FROM message
    JOIN organisers ON organisers.username= message.org_username
    JOIN volunteers ON volunteers.email=message.email";
    //execute the query
    $results = $db-> query($query);

    //show how many rows the query returned
    //echo '<p>'.$results->num_rows.' users found.</p>';

    //start the table in which our user list will be shown
    echo '<table><tr>';
    echo'<th>Date</th><th>Organiser Name</th><th>Message</th><th>Volunteer Name</th><th>Response</th>';
    echo'</tr>';
    //loop through the results and display them
    while ($row=$results-> fetch_assoc())
    {
        echo '<td>'.$row['timestamp'].'</td>';
        echo '<td>'.$row['or_fn']." ".($row['or_sn']).'</td>';
        echo '<td>'.$row['message'].'</td>';

        echo '<td>'.$row['vl_fn']." ".($row['vl_sn']).'</td>';


        echo '<td>'.$row['response'].'</td>';

    echo'</table>';
    }
?>


  <!--<button onclick="goBack()">Go Back</button>-->
  <!--<a href="http://localhost:2431/csg2431/Assignment/login.php">Back</a>-->
</form>
</body>
</html>