Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // Initialize the session
- session_start();
- include '../../inc/loggedin.php';
- include '../../config.php';
- // Only Operator or Admin allowed
- $username = $_SESSION['email'];
- $getrank = "SELECT Funktion FROM tblmitarbeiter WHERE Email = '$username'";
- $result = mysqli_query($link, $getrank);
- $row = mysqli_fetch_assoc($result);
- if ($row['Funktion'] == "Wachmann") {
- header('Location: http://10.103.205.243/dashboard.php');
- exit;
- }
- // Define variables and initialize with empty values
- $name = $anschrift = $anschriftfiliale = $ipadresse = $telefonnummer = $email = "";
- $name_err = $anschrift_err = $anschriftfiliale_err = $ipadresse_err =$telefonnummer_err =$email_err = "";
- // Processing form data when form is submitted
- if(isset($_POST["id"]) && !empty($_POST["id"])){
- // Get hidden input value
- $id = $_POST["id"];
- // Validate Name
- $input_name = trim($_POST["name"]);
- if(empty($input_name)){
- $name_err = "Gib einen namen ein.";
- } else{
- $name = $input_name;
- }
- // Validate Anschrift
- $input_anschrift = trim($_POST["anschrift"]);
- if(empty($input_anschrift)){
- $anschrift_err = "Gib eine anschrift ein.";
- } else{
- $anschrift = $input_anschrift;
- }
- // Validate Anschriftfiliale
- $input_anschriftfiliale = trim($_POST["anschriftfiliale"]);
- if(empty($input_anschriftfiliale)){
- $anschriftfiliale_err = "Please enter the anschriftfiliale.";
- } else{
- $anschriftfiliale = $input_anschriftfiliale;
- }
- // Validate ipadresse
- $input_ipadresse = trim($_POST["ipadresse"]);
- if(empty($input_ipadresse)){
- $ipadresse_err = "Please enter the ipadresse.";
- } else{
- $ipadresse = $input_ipadresse;
- }
- if (filter_var($ipadresse, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
- //Do nothing
- } else {
- $ipadresse_err = "Bitte eine gueltige IPv4 Adresse eingeben!";
- }
- // Validate telefonnummer
- $input_telefonnummer = trim($_POST["telefonnummer"]);
- if(empty($input_telefonnummer)){
- $telefonnummer_err = "Gib eine Telefonnummer an.";
- } else{
- $telefonnummer = $input_telefonnummer;
- }
- // Validate email
- $input_email = trim($_POST["email"]);
- if(empty($input_email)){
- $email_err = "Please enter an email.";
- } else{
- $email = $input_email;
- }
- //Check if email is valid
- if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
- //Do nothin
- } else {
- $email_err = "Email ist ungueltig!";
- }
- // Check input errors before inserting in database
- if(empty($name_err) && empty($anschrift_err) && empty($anschriftfiliale_err)){
- // Prepare an update statement
- $sql = "UPDATE tblkunde SET `Name`=?, Anschrift=?, AnschriftFiliale=?, IPAdresse=?, Telefonnummer=?, Email=? WHERE KundenNr=?";
- if($stmt = mysqli_prepare($link, $sql)){
- // Bind variables to the prepared statement as parameters
- mysqli_stmt_bind_param($stmt, "ssssssi", $param_name, $param_anschrift, $param_anschriftfiliale, $param_ipadresse, $param_telefonnummer, $param_email, $param_id);
- // Set parameters
- $param_name = $name;
- $param_anschrift = $anschrift;
- $param_anschriftfiliale = $anschriftfiliale;
- $param_ipadresse = $ipadresse;
- $param_telefonnummer = $telefonnummer;
- $param_email = $email;
- $param_id = $id;
- // Attempt to execute the prepared statement
- if(mysqli_stmt_execute($stmt)){
- // Records updated successfully. Redirect to landing page
- header("location: kunden.php");
- exit();
- } else{
- echo "Something went wrong. Please try again later.";
- }
- }
- // Close statement
- mysqli_stmt_close($stmt);
- }
- // Close connection
- mysqli_close($link);
- } else{
- // Check existence of id parameter before processing further
- if(isset($_GET["KundenNr"]) && !empty(trim($_GET["KundenNr"]))){
- // Get URL parameter
- $id = trim($_GET["KundenNr"]);
- // Prepare a select statement
- $sql = "SELECT `Name`, Anschrift, AnschriftFiliale, IPAdresse, Telefonnummer, Email FROM tblkunde WHERE KundenNr = ?";
- if($stmt = mysqli_prepare($link, $sql)){
- // Bind variables to the prepared statement as parameters
- mysqli_stmt_bind_param($stmt, "i", $param_id);
- // Set parameters
- $param_id = $id;
- // Attempt to execute the prepared statement
- if(mysqli_stmt_execute($stmt)){
- $result = mysqli_stmt_get_result($stmt);
- if(mysqli_num_rows($result) == 1){
- /* Fetch result row as an associative array. Since the result set contains only one row, we don't need to use while loop */
- $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
- // Retrieve individual field value
- $name = $row["Name"];
- $anschrift = $row["Anschrift"];
- $anschriftfiliale = $row["AnschriftFiliale"];
- $ipadresse = $row["IPAdresse"];
- $telefonnummer = $row["Telefonnummer"];
- $email = $row["Email"];
- } else{
- // URL doesn't contain valid id. Redirect to error page
- header("location: error.php");
- exit();
- }
- } else{
- echo "Oops! Etwas ist schiefgegangen. Bitte versuchen sie es gleich erneut.";
- }
- }
- // Close statement
- mysqli_stmt_close($stmt);
- // Close connection
- mysqli_close($link);
- } else{
- // URL doesn't contain id parameter. Redirect to error page
- header("location: error.php");
- exit();
- }
- }
- ?>
- <html>
- <head>
- <!-- Loading Libraries & Scripts -->
- <link rel="stylesheet" href="../../css/bootstrap.css"> <!-- Bootstrap V4.0.0 -->
- <link rel="stylesheet" href="../../css/ap-dashboard.css">
- <script defer src="https://use.fontawesome.com/releases/v5.0.13/js/solid.js"></script> <!-- Font Awesome JS -->
- <script defer src="https://use.fontawesome.com/releases/v5.0.13/js/fontawesome.js"></script> <!-- Font Awesome JS -->
- <script src="js/vue.js"></script> <!-- Vue.JS V2.6.10 -->
- <script src="../../js/jquery.js"></script>
- <script src="../../js/popper.js"></script>
- <script src="../../js/bootstrap.js"></script>
- </head>
- <body>
- <?php include '../../inc/ap-navbar.php' ?>
- <div class="page-header">
- <h2>Kunde bearbeiten</h2>
- </div>
- <hr>
- <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="POST">
- <div class="form-group <?php echo (!empty($name_err)) ? 'has-error' : ''; ?>">
- <label>Name</label>
- <input type="text" name="name" class="form-control" value="<?php echo $name; ?>">
- <span class="help-block"><?php echo $name_err;?></span>
- </div>
- <div class="form-group <?php echo (!empty($anschrift_err)) ? 'has-error' : ''; ?>">
- <label>Anschrift</label>
- <input type="text" name="anschrift" class="form-control" value="<?php echo $anschrift; ?>">
- <span class="help-block"><?php echo $anschrift_err;?></span>
- </div>
- <div class="form-group <?php echo (!empty($anschriftfiliale_err)) ? 'has-error' : ''; ?>">
- <label>Anschrift Filiale</label>
- <input type="text" name="anschriftfiliale" class="form-control" value="<?php echo $anschriftfiliale; ?>">
- <span class="help-block"><?php echo $anschriftfiliale_err;?></span>
- </div>
- <div class="form-group <?php echo (!empty($ipadresse_err)) ? 'has-error' : ''; ?>">
- <label>IP Adresse</label>
- <input type="text" name="ipadresse" class="form-control" value="<?php echo $ipadresse; ?>" maxlength="15">
- <span class="help-block"><?php echo $ipadresse_err;?></span>
- </div>
- <div class="form-group <?php echo (!empty($telefonnummer_err)) ? 'has-error' : ''; ?>">
- <label>Telefonnummer</label>
- <input type="text" name="telefonnummer" class="form-control" value="<?php echo $telefonnummer; ?>">
- <span class="help-block"><?php echo $telefonnummer_err;?></span>
- </div>
- <div class="form-group <?php echo (!empty($email_err)) ? 'has-error' : ''; ?>">
- <label>Email</label>
- <input type="email" name="email" class="form-control" value="<?php echo $email; ?>">
- <span class="help-block"><?php echo $email_err;?></span>
- </div>
- <input type="hidden" name="id" value="<?php echo $id; ?>"/>
- <input type="submit" class="btn btn-secondary" value="Absenden">
- <a href="kunden.php" class="btn btn-default">Abbrechen</a>
- </form>
- </div>
- </div>
- </div>
- </div>
- <script type="text/javascript">
- $(document).ready(function () {
- $('#sidebarCollapse').on('click', function () {
- $('#sidebar').toggleClass('active');
- });
- });
- </script>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement