API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 20th, 2019
136
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.39 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. // Initialize the session
  3. session_start();
  4.  
  5. include '../../inc/loggedin.php';
  6. include '../../config.php';
  7.  
  8. // Only Operator or Admin allowed
  9. $username = $_SESSION['email'];
  10. $getrank = "SELECT Funktion FROM tblmitarbeiter WHERE Email = '$username'";
  11.  
  12. $result = mysqli_query($link, $getrank);
  13. $row = mysqli_fetch_assoc($result);
  14.  
  15. if ($row['Funktion'] == "Wachmann") {
  16. header('Location: http://10.103.205.243/dashboard.php');
  17. exit;
  18. }
  19.  
  20. // Define variables and initialize with empty values
  21. $name = $anschrift = $anschriftfiliale = $ipadresse = $telefonnummer = $email = "";
  22. $name_err = $anschrift_err = $anschriftfiliale_err = $ipadresse_err =$telefonnummer_err =$email_err = "";
  23.  
  24. // Processing form data when form is submitted
  25. if(isset($_POST["id"]) && !empty($_POST["id"])){
  26. // Get hidden input value
  27. $id = $_POST["id"];
  28.  
  29.  
  30.  
  31. // Validate Name
  32. $input_name = trim($_POST["name"]);
  33. if(empty($input_name)){
  34. $name_err = "Gib einen namen ein.";
  35. } else{
  36. $name = $input_name;
  37. }
  38.  
  39. // Validate Anschrift
  40. $input_anschrift = trim($_POST["anschrift"]);
  41. if(empty($input_anschrift)){
  42. $anschrift_err = "Gib eine anschrift ein.";
  43. } else{
  44. $anschrift = $input_anschrift;
  45. }
  46.  
  47. // Validate Anschriftfiliale
  48. $input_anschriftfiliale = trim($_POST["anschriftfiliale"]);
  49. if(empty($input_anschriftfiliale)){
  50. $anschriftfiliale_err = "Please enter the anschriftfiliale.";
  51. } else{
  52. $anschriftfiliale = $input_anschriftfiliale;
  53. }
  54.  
  55. // Validate ipadresse
  56. $input_ipadresse = trim($_POST["ipadresse"]);
  57. if(empty($input_ipadresse)){
  58. $ipadresse_err = "Please enter the ipadresse.";
  59. } else{
  60. $ipadresse = $input_ipadresse;
  61. }
  62.  
  63. if (filter_var($ipadresse, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
  64. //Do nothing
  65. } else {
  66. $ipadresse_err = "Bitte eine gueltige IPv4 Adresse eingeben!";
  67. }
  68.  
  69. // Validate telefonnummer
  70. $input_telefonnummer = trim($_POST["telefonnummer"]);
  71. if(empty($input_telefonnummer)){
  72. $telefonnummer_err = "Gib eine Telefonnummer an.";
  73. } else{
  74. $telefonnummer = $input_telefonnummer;
  75. }
  76.  
  77. // Validate email
  78. $input_email = trim($_POST["email"]);
  79. if(empty($input_email)){
  80. $email_err = "Please enter an email.";
  81. } else{
  82. $email = $input_email;
  83. }
  84.  
  85. //Check if email is valid
  86.  
  87. if (filter_var($email, FILTER_VALIDATE_EMAIL)) {
  88. //Do nothin
  89. } else {
  90. $email_err = "Email ist ungueltig!";
  91. }
  92.  
  93.  
  94.  
  95. // Check input errors before inserting in database
  96. if(empty($name_err) && empty($anschrift_err) && empty($anschriftfiliale_err)){
  97. // Prepare an update statement
  98. $sql = "UPDATE tblkunde SET `Name`=?, Anschrift=?, AnschriftFiliale=?, IPAdresse=?, Telefonnummer=?, Email=? WHERE KundenNr=?";
  99.  
  100. if($stmt = mysqli_prepare($link, $sql)){
  101. // Bind variables to the prepared statement as parameters
  102. mysqli_stmt_bind_param($stmt, "ssssssi", $param_name, $param_anschrift, $param_anschriftfiliale, $param_ipadresse, $param_telefonnummer, $param_email, $param_id);
  103.  
  104. // Set parameters
  105. $param_name = $name;
  106. $param_anschrift = $anschrift;
  107. $param_anschriftfiliale = $anschriftfiliale;
  108. $param_ipadresse = $ipadresse;
  109. $param_telefonnummer = $telefonnummer;
  110. $param_email = $email;
  111. $param_id = $id;
  112.  
  113. // Attempt to execute the prepared statement
  114. if(mysqli_stmt_execute($stmt)){
  115. // Records updated successfully. Redirect to landing page
  116. header("location: kunden.php");
  117. exit();
  118. } else{
  119. echo "Something went wrong. Please try again later.";
  120. }
  121. }
  122.  
  123. // Close statement
  124. mysqli_stmt_close($stmt);
  125. }
  126.  
  127. // Close connection
  128. mysqli_close($link);
  129. } else{
  130. // Check existence of id parameter before processing further
  131. if(isset($_GET["KundenNr"]) && !empty(trim($_GET["KundenNr"]))){
  132. // Get URL parameter
  133. $id = trim($_GET["KundenNr"]);
  134.  
  135. // Prepare a select statement
  136. $sql = "SELECT `Name`, Anschrift, AnschriftFiliale, IPAdresse, Telefonnummer, Email FROM tblkunde WHERE KundenNr = ?";
  137. if($stmt = mysqli_prepare($link, $sql)){
  138. // Bind variables to the prepared statement as parameters
  139. mysqli_stmt_bind_param($stmt, "i", $param_id);
  140.  
  141. // Set parameters
  142. $param_id = $id;
  143.  
  144. // Attempt to execute the prepared statement
  145. if(mysqli_stmt_execute($stmt)){
  146. $result = mysqli_stmt_get_result($stmt);
  147.  
  148. if(mysqli_num_rows($result) == 1){
  149. /* Fetch result row as an associative array. Since the result set contains only one row, we don't need to use while loop */
  150. $row = mysqli_fetch_array($result, MYSQLI_ASSOC);
  151.  
  152. // Retrieve individual field value
  153. $name = $row["Name"];
  154. $anschrift = $row["Anschrift"];
  155. $anschriftfiliale = $row["AnschriftFiliale"];
  156. $ipadresse = $row["IPAdresse"];
  157. $telefonnummer = $row["Telefonnummer"];
  158. $email = $row["Email"];
  159. } else{
  160. // URL doesn't contain valid id. Redirect to error page
  161. header("location: error.php");
  162. exit();
  163. }
  164.  
  165. } else{
  166. echo "Oops! Etwas ist schiefgegangen. Bitte versuchen sie es gleich erneut.";
  167. }
  168. }
  169.  
  170. // Close statement
  171. mysqli_stmt_close($stmt);
  172.  
  173. // Close connection
  174. mysqli_close($link);
  175. } else{
  176. // URL doesn't contain id parameter. Redirect to error page
  177. header("location: error.php");
  178. exit();
  179. }
  180. }
  181.  
  182. ?>
  183.  
  184. <html>
  185. <head>
  186. <!-- Loading Libraries & Scripts -->
  187. <link rel="stylesheet" href="../../css/bootstrap.css"> <!-- Bootstrap V4.0.0 -->
  188. <link rel="stylesheet" href="../../css/ap-dashboard.css">
  189. <script defer src="https://use.fontawesome.com/releases/v5.0.13/js/solid.js"></script> <!-- Font Awesome JS -->
  190. <script defer src="https://use.fontawesome.com/releases/v5.0.13/js/fontawesome.js"></script> <!-- Font Awesome JS -->
  191. <script src="js/vue.js"></script> <!-- Vue.JS V2.6.10 -->
  192. <script src="../../js/jquery.js"></script>
  193. <script src="../../js/popper.js"></script>
  194. <script src="../../js/bootstrap.js"></script>
  195.  
  196. </head>
  197. <body>
  198.  
  199. <?php include '../../inc/ap-navbar.php' ?>
  200.  
  201. <div class="page-header">
  202. <h2>Kunde bearbeiten</h2>
  203. </div>
  204.  
  205. <hr>
  206. <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="POST">
  207. <div class="form-group <?php echo (!empty($name_err)) ? 'has-error' : ''; ?>">
  208. <label>Name</label>
  209. <input type="text" name="name" class="form-control" value="<?php echo $name; ?>">
  210. <span class="help-block"><?php echo $name_err;?></span>
  211. </div>
  212.  
  213. <div class="form-group <?php echo (!empty($anschrift_err)) ? 'has-error' : ''; ?>">
  214. <label>Anschrift</label>
  215. <input type="text" name="anschrift" class="form-control" value="<?php echo $anschrift; ?>">
  216. <span class="help-block"><?php echo $anschrift_err;?></span>
  217. </div>
  218.  
  219. <div class="form-group <?php echo (!empty($anschriftfiliale_err)) ? 'has-error' : ''; ?>">
  220. <label>Anschrift Filiale</label>
  221. <input type="text" name="anschriftfiliale" class="form-control" value="<?php echo $anschriftfiliale; ?>">
  222. <span class="help-block"><?php echo $anschriftfiliale_err;?></span>
  223. </div>
  224.  
  225. <div class="form-group <?php echo (!empty($ipadresse_err)) ? 'has-error' : ''; ?>">
  226. <label>IP Adresse</label>
  227. <input type="text" name="ipadresse" class="form-control" value="<?php echo $ipadresse; ?>" maxlength="15">
  228. <span class="help-block"><?php echo $ipadresse_err;?></span>
  229. </div>
  230.  
  231. <div class="form-group <?php echo (!empty($telefonnummer_err)) ? 'has-error' : ''; ?>">
  232. <label>Telefonnummer</label>
  233. <input type="text" name="telefonnummer" class="form-control" value="<?php echo $telefonnummer; ?>">
  234. <span class="help-block"><?php echo $telefonnummer_err;?></span>
  235. </div>
  236.  
  237. <div class="form-group <?php echo (!empty($email_err)) ? 'has-error' : ''; ?>">
  238. <label>Email</label>
  239. <input type="email" name="email" class="form-control" value="<?php echo $email; ?>">
  240. <span class="help-block"><?php echo $email_err;?></span>
  241. </div>
  242. <input type="hidden" name="id" value="<?php echo $id; ?>"/>
  243. <input type="submit" class="btn btn-secondary" value="Absenden">
  244. <a href="kunden.php" class="btn btn-default">Abbrechen</a>
  245. </form>
  246. </div>
  247. </div>
  248. </div>
  249. </div>
  250.  
  251. <script type="text/javascript">
  252. $(document).ready(function () {
  253. $('#sidebarCollapse').on('click', function () {
  254. $('#sidebar').toggleClass('active');
  255. });
  256. });
  257. </script>
  258. </div>
  259. </body>
  260. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!