Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- if(isset($_SESSION["username"]))
- {
- // Welcome Alert
- $welcomeuser = '<div id="alert1" class="alert alert-success alert-dismissible" role="alert">
- <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button><h3>Login Success, Welcome - '.$_SESSION["username"].'</h3><div>';
- }
- else
- {
- header("location:loginnew.php");
- }
- // function to insert data in the database
- function insertappointment($db) {
- if(!isset($_POST['submit'])) {
- return;
- }
- $errMsg = '';
- // get the data from the front end
- $fullname = $_POST['fullname'];
- $day = $_POST['day'];
- $time = $_POST['time'];
- // check the values
- if( !$fullname || !$day || !$time) {
- echo 'One or more fields are empty.';
- return;
- }
- else {
- // escape special characters in a string for use in the SQL statement
- }
- // create a query
- $userid = $_SESSION['userid'];
- $sqlQuery = "INSERT INTO `appointments` (`userid`, `FullName`, `Day`, `Time`) VALUES (?,?,?,?)";
- //prepare the query
- $query = $db->prepare($sqlQuery);
- //execute the query
- $query->execute(array($userid,$fullname,$day,$time));
- // check if the student was successfully inserted in the database
- if ($query) {
- echo '<div id="alert1" class="alert alert-success alert-dismissible" role="alert">
- <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button><h3>The appointment was inserted in the database</h3></div>';
- }
- else {
- // print the error generated
- echo '<div id="alert1" class="alert alert-danger alert-dismissible" role="alert">
- <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button><h3>The appointment was not inserted in the database</h3></div>';
- }
- }
- function deleteappointment($db) {
- if(!isset($_POST['delete'])) {
- return;
- }
- $errMsg = '';
- // create a query
- $userid = $_SESSION['userid'];
- $sqlQuery = "DELETE FROM `appointments` WHERE `userid`";
- //prepare the query
- $query = $db->prepare($sqlQuery);
- //execute the query
- $query->execute(array($userid));
- // check if the student was successfully inserted in the database
- if ($query) {
- echo '<div id="alert1" class="alert alert-success alert-dismissible" role="alert">
- <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button><h3>The appointment was deleted from the database</h3></div>';
- }
- else {
- // print the error generated
- echo '<div id="alert1" class="alert alert-success alert-dismissible" role="alert">
- <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button><h3>The appointment was not deleted from the database</h3></div>';
- }
- }
- function updateappointment($db) {
- if(!isset($_POST['update'])) {
- return;
- }
- $errMsg = '';
- // get the data from the front end
- $fullname = $_POST['fullname'];
- $day = $_POST['day'];
- $time = $_POST['time'];
- // create a query
- $userid = $_SESSION['userid'];
- $sqlQuery = "UPDATE `appointments` SET `FullName`=`fullname` ,`Day`=`day`, `Time`=`time` WHERE `userid`";
- //prepare the query
- $query = $db->prepare($sqlQuery);
- //execute the query
- $query->execute(array($fullname,$day,$time));
- // check if the student was successfully inserted in the database
- if ($query) {
- echo '<div id="alert1" class="alert alert-success alert-dismissible" role="alert">
- <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button><h3>The appointment was updated in the database</h3></div>';
- }
- else {
- // print the error generated
- echo '<div id="alert1" class="alert alert-success alert-dismissible" role="alert">
- <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">×</span></button><h3>The appointment was not updated in the database</h3></div>';
- }
- }
- /* Main body */
- //connect to the DB
- $dsn = 'mysql:host=localhost;dbname=oversurgery';
- $user = 'toxic';
- $password = 'sysop2018';
- try {
- $db = new PDO($dsn, $user, $password);
- $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- } catch (PDOException $e) {
- // echo 'Connection failed: ' . $e->getMessage();
- die('Sorry, database problem');
- }
- insertappointment($db);
- deleteappointment($db);
- updateappointment($db);
- ?>
- <?php
- //connect to the DB
- $dsn = 'mysql:host=localhost;dbname=oversurgery';
- $user = 'toxic';
- $password = 'sysop2018';
- try {
- $db = new PDO($dsn, $user, $password);
- } catch (PDOException $e) {
- die('Sorry, database problem');
- }
- // create a query
- $userid = $_SESSION['userid'];
- $sql= "SELECT * FROM appointments WHERE userid=:userid";
- $stmt = $db->prepare($sql);
- $stmt->execute([':userid' => $userid]);
- $row =$stmt->fetchObject();
- $row->Day;
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement