API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 9th, 2017
137
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 9.01 KB | None | 0 0
raw download clone embed print report
  1. -------------------------------Edithardware.php----------------------------------------------------------
  2. <!doctype html>
  3. <html>
  4. <head>
  5. <meta charset="utf-8">
  6. <title>Edit Hardware</title>
  7. <link href="editemployee.css" rel="stylesheet" type="text/css">
  8.  
  9. <?php
  10. echo "<SCRIPT LANGUAGE=\"JavaScript\">
  11.  
  12. function popUp(SerialNumber) {
  13. window.open('http://site.site.com/path/editform.php?SerialNumberId=' + SerialNumber);
  14. }
  15.  
  16.  
  17. </script>";
  18. ?>
  19.  
  20.  
  21.  
  22. </head>
  23. <body>
  24.  
  25. <div class="container">
  26.   <header>
  27.     <div class="primary_header">
  28.       <h1 class="title">Shadow Inventory Information</h1>
  29.     </div>
  30.  
  31. <div class="dropdown">
  32.   <button class="dropbtn">HOME</button>
  33.             </div>
  34.            
  35. <div class="dropdown">
  36.   <button class="dropbtn">DIRECTORY</button>
  37.         </div>
  38.        
  39.  
  40.          <div class="dropdown">
  41.   <button class="dropbtn">IT HELP</button>
  42.          </div>
  43.  
  44.         <div class="dropdown">
  45.   <button class="dropbtn">FORMS</button>
  46.             <div class="dropdown-content">
  47.             <a href="#">IT</a>
  48.             <a href="#">HR</a>
  49.             </div>
  50.          </div>
  51.  
  52.         <div class="dropdown">
  53.   <button class="dropbtn">HR</button>
  54.             <div class="dropdown-content">
  55.             <a href="#">New Employee</a>
  56.             <a href="#">Edit Employee</a>
  57.             </div>
  58.         </div>
  59.  
  60.         <div class="dropdown">
  61.   <button class="dropbtn">CONTACT</button>
  62.         </div>
  63.  
  64. </header>
  65.  
  66. <form id="SerialNumber" action="edithardware.php" method="POST" enctype="multipart/form-data">
  67.  
  68.         <div class="row">
  69.         <label for="SerialNumber">Serial Number:</label><br />
  70.         <input id="SerialNumber" class="input" name="SerialNumber" type="text" value="" size="30" /><br />
  71.     </div>
  72.    
  73.     <div class="row">
  74.         <label for="Name">Name:</label><br />
  75.         <input id="Name" class="input" name="Name" type="text" value="" size="30" /><br />
  76.     </div>
  77.    
  78.     <div class="row">
  79.         <label for="Location">Location:</label><br />
  80.         <input id="Location" class="input" name="Location" type="text" value="" size="30" /><br />
  81.     </div>
  82.    
  83.         <div class="row">
  84.         <label for="Type">Type:</label><br />
  85.           <input  class="input" name="Type" value="" Type="Text">
  86. <br />
  87.     </div>
  88.    
  89.         <div class="row">
  90.         <label for="IPAddress">IP Address:</label><br />
  91.         <input id="IPAddress" class="input" name="IPAddress" type="text" value="" size="30" /><br />
  92.     </div>
  93.    
  94.             <div class="row">
  95.         <label for="Manufacturer">Manufacturer:</label><br />
  96.         <input id="Manufacturer" class="input" name="Manufacturer" type="text" value="" size="30" /><br />
  97.     </div>
  98.    
  99.                 <div class="row">
  100.         <label for="Owner">Owner:</label><br />
  101.         <input id="Owner" class="input" name="Owner" type="text" value="" size="30" /><br />
  102.     </div>
  103.  
  104.    <div class="search-submit">
  105.       <input type="submit" name="submit" class="search-button" id="submit" /><br />
  106.    </div>
  107.  
  108. <?php
  109.  
  110. $host = 'site.site.org';
  111. $user = 'user';
  112. $pass = 'pass';
  113. $db = 'database';
  114. $con = mysqli_connect($host, $user, $pass,$db) or die(mysqli_error());
  115.  
  116.  
  117.  
  118. // Check connection
  119. if (!$con) {
  120.     echo "Error: Unable to connect to MySQL." . PHP_EOL;
  121. /*    echo "Debugging errno: " . mysqli_connect_errno() . PHP_EOL;*/
  122.   /*  echo "Debugging error: " . mysqli_connect_error() . PHP_EOL;*/
  123.     exit;
  124. }
  125.  
  126. /*echo "Success: A proper connection to MySQL was made! The database is great." . PHP_EOL;*/
  127. /*echo "Host information: " . mysqli_get_host_info($con) . PHP_EOL;*/
  128.  
  129.  
  130. if (!isset($_POST['submit'])) { die("Form submission failed."); };
  131.  
  132. $SerialNumber = mysqli_real_escape_string($con, $_POST['SerialNumber']);
  133.  
  134. $Name = mysqli_real_escape_string($con, $_POST['Name']);
  135.  
  136. $Location = mysqli_real_escape_string($con, $_POST['Location']);
  137.  
  138. $Type = mysqli_real_escape_string($con, $_POST['Type']);
  139.  
  140. $IPAddress = mysqli_real_escape_string($con, $_POST['IPAddress']);
  141.  
  142. $Manufacturer = mysqli_real_escape_string($con, $_POST['Manufacturer']);
  143.  
  144. $Owner = mysqli_real_escape_string($con, $_POST['Owner']);
  145.  
  146. //$EndofLife = mysqli_real_escape_string($con, $_POST['EndofLife']);
  147.  
  148. //$PurchaseDate = mysqli_real_escape_string($con, $_POST['PurchaseDate']);
  149.  
  150.  
  151.  
  152. $sql = "SELECT * FROM inventory WHERE SerialNumber LIKE '%$SerialNumber%' AND Name LIKE '%$Name%' AND Location LIKE '%$Location%' AND Type LIKE '%$Type%' AND (IPAddress IS NULL OR IPAddress LIKE '$IPAddress%') AND Manufacturer LIKE '%$Manufacturer%' AND Owner LIKE '%$Owner%'"; //AND (PurchaseDate IS NULL OR PurchaseDate LIKE '$PurchaseDate%')
  153.  
  154. $result = mysqli_query($con, $sql);
  155.  
  156. if (mysqli_num_rows($result) > 0) {
  157.  
  158. echo "<form target='_blank' action='edithardware.php' method='POST' name='getSerialNumber'>";
  159.  
  160.  
  161.  
  162. echo "<table border= 1 cellspacing = 3 cellpadding = 1>";
  163. echo "<tr>";
  164. echo "
  165. <th>Edit</th>
  166. <th>Serial</th>
  167. <th>Name</th>
  168. <th>Location</th>
  169. <th>Type</th>
  170.  
  171. <th>IPAddress</th>
  172. <th>Manufacturer</th>
  173. <th>Owner</th>
  174. <th>PurchaseDate</th>
  175. <th>EndofLife</th>";
  176. echo "</tr>";
  177.  
  178.  
  179.     while ($row = mysqli_fetch_assoc($result)) {
  180.    
  181.     echo "<tr>";
  182.  
  183.     echo "
  184.  
  185. <td><input type=button value=\"Edit\" onclick=\"popUp('" .$row['SerialNumber']. "')\"/></td>
  186.  
  187. <td width=150 align=center>{$row['SerialNumber']}</td>
  188. <td width=150 align=center>{$row['Name']}</td>
  189. <td width=200 align=center>{$row['Location']}</td>
  190. <td width=300 align=center>{$row['Type']}</td>
  191. <td width=300 align=center>{$row['IPAddress']}</td>
  192. <td width=150 align=center>{$row['Manufacturer']}</td>
  193. <td width=50 align=center>{$row['Owner']}</td>
  194. <td width=150 align=center>{$row['PurchaseDate']}</td>
  195. <td width=150 align=center>{$row['EndofLife']}</td>";
  196.     echo "</tr>";
  197. }
  198. echo "</table>";
  199. echo "</form>";
  200. }
  201.  else
  202. {
  203. echo "Query didn't yield results";
  204. echo "$sql";
  205. }
  206. ?>
  207.  
  208. </body>
  209. </html>
  210.  
  211.  
  212.  
  213. <html>
  214. <head>
  215.  
  216. ----------------------------------------------------------------------------------------Editform.php
  217. <SCRIPT LANGUAGE="JavaScript">
  218.  
  219. function testfunc(){
  220.     var SerialNumber = sessionStorage.getItem("SerialNumberId");
  221.    
  222. }
  223.  
  224. </script>
  225.  
  226. </head>
  227.  
  228. <body>
  229.  
  230. <?php
  231.  
  232.  
  233. $host = 'site.site.org';
  234. $user = 'user';
  235. $pass = 'pass';
  236. $db = 'database';
  237. $con = mysqli_connect($host, $user, $pass, $db) or die(mysqli_error());
  238.  
  239. //Check connections
  240. if (!$con) {
  241. echo "Error: Unable to connect to MYSQL." . PHP_EOL;
  242. exit;
  243. }
  244.  
  245.  
  246. $edit = mysqli_real_escape_string($con, $_GET['SerialNumberId']);
  247. $sql = "SELECT * FROM inventory WHERE SerialNumber LIKE '$edit'";
  248. //echo $sql;
  249. $result = mysqli_query($con, $sql);
  250.  
  251. if (mysqli_num_rows($result) > 0) {
  252. while($row = mysqli_fetch_assoc($result)){
  253.  
  254.  
  255.  
  256. echo "
  257. <link href=\"editform.css\" rel=\"stylesheet\" type=\"text/css\">
  258. <form method=\"POST\" action=\"edithardware.php?SerialNumberId= + $_GET[SerialNumberId]\">
  259. <P>
  260. SerialNumber:
  261. <input TYPE=\"text\" name=\"SerialNumber\" value=\"{$row['SerialNumber']}\" SIZE=\"20\">
  262. </P>
  263. <P>
  264. Name:
  265. <input TYPE=\"text\" name=\"Name\" value=\"{$row['Name']}\" SIZE=\"20\">
  266. </P>
  267. <P>
  268. Location:
  269. <input TYPE=\"text\" name=\"Location\" value=\"{$row['Location']}\" SIZE=\"25\">
  270. </P>
  271. <P>
  272. Type:
  273. <input TYPE=\"text\" name=\"Type\" value=\"{$row['Type']}\" SIZE=\"25\">
  274. </P>
  275. <P>
  276. IPAddress:
  277. <input TYPE=\"text\" name=\"IPAddress\" value=\"{$row['IPAddress']}\" SIZE=\"25\">
  278. </P>
  279. <P>
  280. Manufacturer:
  281. <input TYPE=\"text\" name=\"Manufacturer\"value=\"{$row['Manufacturer']}\" SIZE=\"25\">
  282. </P>
  283. <P>
  284. Owner #:
  285. <input TYPE=\"text\" name=\"Owner\" value=\"{$row['Owner']}\" SIZE=\"25\">
  286. </P>
  287. <P>
  288. PurchaseDate:
  289. <input TYPE=\"Date\" name=\"PurchaseDate\" value=\"{$row['PurchaseDate']}\" SIZE=\"25\">
  290. </P>
  291. <P>
  292. <P>
  293. End of Life:
  294. <input TYPE=\"Date\" name=\"EndofLife\" value=\"{$row['EndofLife']}\" SIZE=\"25\">
  295. </P>
  296. <P>
  297. Notes:
  298. <input TYPE=\"Text\" name=\"Notes\" value=\"{$row['Notes']}\" SIZE=\"25\">
  299. </P>
  300.  
  301.  
  302.  
  303. <P><input TYPE=\"submit\" VALUE=\"Submit\" name=\"submit\" id=\"submit\"></P>
  304.  
  305. </FORM>
  306. ";
  307. }
  308. }
  309. //mysqli_close($con)
  310. ?>
  311.  
  312. <?php
  313. if (!isset($_POST['submit'])) { die("Form submission failed.");}
  314. $SerialNumber = mysqli_real_escape_string($con, $_POST['SerialNumber']);
  315. $Name = mysqli_real_escape_string($con, $_POST['Name']);
  316. $Location = mysqli_real_escape_string($con, $_POST['Location']);
  317. $Type = mysqli_real_escape_string($con, $_POST['Type']);
  318. $IPAddress = mysqli_real_escape_string($con, $_Post['IPAddress']);
  319. $Manufacturer = mysqli_real_escape_string($con, $_POST['Manufacturer']);
  320. $Owner = mysqli_real_escape_string($con, $_POST['Owner']);
  321. //Trying both date formats
  322. $PurchaseDate = date('YY-mm-dd', strtotime(str_replace('-', '/', ($_POST['PurchaseDate']))));;
  323. $EndofLife = date('Y-m-d', strtotime(str_replace('-', '/', ($_POST['EndofLife']))));;
  324. $Notes = mysqli_real_escape_string($con, $_POST['Notes']);
  325.  
  326.  
  327. $sqlupdate = "UPDATE inventory
  328. SET SerialNumber='$SerialNumber',
  329. Name='$Name',
  330. Location='$Location',
  331. Type='$Type',
  332. IPAddress='$IPAddress',
  333. Manufacturer='$Manufacturer',
  334. Owner='$Owner',
  335. PurchaseDate='$PurchaseDate',
  336. EndofLife='$EndofLife',
  337. Notes='$Notes',
  338. WHERE SerialNumber='$SerialNumber'";
  339.  
  340. echo $sqlupdate;
  341.  
  342. //Check connections
  343. if (!$con) {
  344. echo "Error: Unable to connect to MYSQL." . PHP_EOL;
  345. exit;
  346. }
  347. echo $sqlupdate;
  348. mysqli_query($con, $sqlupdate) or die(mysqli_error($con));
  349. ?>
  350.  
  351.  
  352. </body>
  353.  
  354. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!