Guest User

add-edit-affiliate

a guest
Dec 2nd, 2015
123
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. ini_set('display_startup_errors',1);
  3. ini_set('display_errors',1);
  4. error_reporting(-1);
  5. ?>
  6.  
  7. <?php
  8. /*
  9. Allows the user to both create new records and edit existing records
  10. */
  11.  
  12. // connect to the database
  13. include("connect-db.php");
  14.  
  15. // creates the new/edit record form
  16. // since this form is used multiple times in this file, I have made it a function that is easily reusable
  17. function renderForm($name = '', $username = '', $amount_earned = '', $error = '', $id = '')
  18. { ?>
  19. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
  20. <html>
  21. <head>
  22. <title>
  23. <?php if ($id != '') { echo "Edit Affiliate"; } else { echo "New Affiliate"; } ?>
  24. </title>
  25. <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
  26.  
  27. <link rel="stylesheet"href="http://ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/blitzer/jquery-ui.css"/>
  28. <script src="//code.jquery.com/jquery-1.10.2.js"></script>
  29. <script src="//code.jquery.com/ui/1.11.2/jquery-ui.js"></script>
  30.  
  31. <link rel="stylesheet" type="text/css" media="screen" href="css/styles.css" />
  32.  
  33. <script src="js/jquery.ui.timepicker.js"></script>
  34. <link rel="stylesheet" type="text/css" media="screen" href="css/jquery.ui.timepicker.css" />
  35.  
  36. <!--<script src="//cdn.ckeditor.com/4.5.5/full/ckeditor.js"></script>-->
  37.  
  38. </head>
  39. <body>
  40.  
  41. <div id="logo">
  42. <img src="images/logo/it-done-right.jpg" alt="" title="">
  43. </div>
  44.  
  45. <?
  46. session_start();
  47. if($_SESSION['user']==''){
  48. header("Location:../index.php");
  49. }else{
  50. include("../config.php");
  51. $sql=$dbh->prepare("SELECT * FROM users WHERE id=?");
  52. $sql->execute(array($_SESSION['user']));
  53. while($r=$sql->fetch()){
  54. echo "<div class='home-content'>";
  55. echo "<center><h2>Hello, ".$r['username']."</h2>";
  56. echo "<a href='../logout.php'>Log Out</a>
  57. <br><br>
  58. <a href='../index.php'>Home</a></center>";
  59. echo "</div>";
  60. echo "<br>";
  61. }
  62. }
  63. ?>
  64.  
  65. <?php include("nav-menu.php"); ?>
  66.  
  67. <h1><?php if ($id != '') { echo "Edit Affiliate"; } else { echo "New Affiliate"; } ?></h1>
  68. <?php if ($error != '') {
  69. echo "<div style='padding:4px; border:1px solid red; color:red'>" . $error
  70. . "</div>";
  71. } ?>
  72.  
  73. <form action="" method="post" class="basic-grey">
  74. <div>
  75. <?php if ($id != '') { ?>
  76. <input type="hidden" name="id" value="<?php echo $id; ?>" />
  77. <p>Affiliate ID: <?php echo $id; ?></p>
  78. <?php } ?>
  79.  
  80. <br>
  81. <strong>Customer Name:</strong> <input type="text" name="name"
  82. value="<?php echo $name; ?>"/>
  83. <br/>
  84. <strong>Customer Email:</strong> <input type="text" name="username"
  85. value="<?php echo $username; ?>"/>
  86. <br>
  87. <strong>Amount Earned:</strong> <input type="text" name="amount_earned"
  88. value="<?php echo $amount_earned; ?>"/>
  89. <br>
  90. <input type="submit" name="submit" value="Add/Update Affiliate" />
  91. </div>
  92. </form>
  93. </body>
  94. </html>
  95.  
  96. <?php }
  97.  
  98. /*
  99.  
  100. EDIT RECORD
  101.  
  102. */
  103. // if the 'id' variable is set in the URL, we know that we need to edit a record
  104. if (isset($_GET['id']))
  105. {
  106. // if the form's submit button is clicked, we need to process the form
  107. if (isset($_POST['submit']))
  108. {
  109. // make sure the 'id' in the URL is valid
  110. if (is_numeric($_POST['id']))
  111. {
  112. // get variables from the URL/form
  113. $id = $_POST['id'];
  114. $name = htmlentities($_POST['name'], ENT_QUOTES);
  115. $username = htmlentities($_POST['username'], ENT_QUOTES);
  116. $amount_earned = htmlentities($_POST['amount_earned'], ENT_QUOTES);
  117.  
  118. // check that firstname and lastname are both not empty
  119. if ($name == '' || $username == '' || $amount_earned == '')
  120. {
  121. // if they are empty, show an error message and display the form
  122. $error = 'ERROR: Please fill in all required fields!';
  123. renderForm($name, $username, $amount_earned, $error, $id);
  124. }
  125. else
  126. {
  127. // if everything is fine, update the record in the database
  128. if ($stmt = $mysqli->prepare("UPDATE affiliates SET name = ?, username = ?, amount_earned = ?,
  129. WHERE id=?"))
  130. {
  131. $stmt->bind_param("sssi", $name, $username, $amount_earned, $id);
  132. $stmt->execute();
  133. $stmt->close();
  134. }
  135. // show an error message if the query has an error
  136. else
  137. {
  138. echo "ERROR: could not prepare SQL statement.";
  139. }
  140.  
  141. // redirect the user once the form is updated
  142. header("Location: view-affiliates.php");
  143. }
  144. }
  145. // if the 'id' variable is not valid, show an error message
  146. else
  147. {
  148. echo "Error!";
  149. }
  150. }
  151. // if the form hasn't been submitted yet, get the info from the database and show the form
  152. else
  153. {
  154. // make sure the 'id' value is valid
  155. if (is_numeric($_GET['id']) && $_GET['id'] > 0)
  156. {
  157. // get 'id' from URL
  158. $id = $_GET['id'];
  159.  
  160. // get the recod from the database
  161. if($stmt = $mysqli->prepare("SELECT id, name, username, amount_earned FROM affiliates WHERE id=?"))
  162. {
  163. $stmt->bind_param("i", $id);
  164. $stmt->execute();
  165.  
  166. $stmt->bind_result($id, $name, $username, $amount_earned);
  167. $stmt->fetch();
  168.  
  169. // show the form
  170. renderForm($name, $username, $amount_earned, NULL, $id);
  171.  
  172. $stmt->close();
  173. }
  174. // show an error if the query has an error
  175. else
  176. {
  177. echo "Error: could not prepare SQL statement";
  178. }
  179. }
  180. // if the 'id' value is not valid, redirect the user back to the view.php page
  181. else
  182. {
  183. header("Location: view-affiliates.php");
  184. }
  185. }
  186. }
  187.  
  188. /*
  189.  
  190. NEW RECORD
  191.  
  192. */
  193.  
  194. // if the 'id' variable is not set in the URL, we must be creating a new record
  195. else
  196. {
  197. // if the form's submit button is clicked, we need to process the form
  198. if (isset($_POST['submit']))
  199. {
  200. // get the form data
  201. $name = htmlentities($_POST['name'], ENT_QUOTES);
  202. $username = htmlentities($_POST['username'], ENT_QUOTES);
  203. $amount_earned = htmlentities($_POST['amount_earned'], ENT_QUOTES);
  204.  
  205. // check that firstname and lastname are both not empty
  206. if ($name == '' || $username == '' || $amount_earned == '')
  207. {
  208. // if they are empty, show an error message and display the form
  209. $error = 'ERROR: Please fill in all required fields!';
  210. renderForm($name, $username, $amount_earned, $error);
  211. }
  212. else
  213. {
  214. // insert the new record into the database
  215.  
  216. if ($stmt = $mysqli->prepare("INSERT affiliates (name, username, amount_earned) VALUES (?, ?, ?)"))
  217. {
  218. $stmt->bind_param("sss", $name, $username, $amount_earned);
  219. $stmt->execute();
  220. $stmt->close();
  221. }
  222. // show an error if the query has an error
  223. else
  224. {
  225. echo "ERROR: Could not prepare SQL statement.";
  226. }
  227.  
  228. // redirec the user
  229. header("Location: view-affiliates.php");
  230. }
  231.  
  232. }
  233.  
  234. // if the form hasn't been submitted yet, show the form
  235. else
  236. {
  237. renderForm();
  238. }
  239. }
  240.  
  241. // close the mysqli connection
  242. $mysqli->close();
  243. ?>
RAW Paste Data