<!DOCTYPE html><html lang="en"><?phpsession_start();$temp = isset($_SE

1. <!DOCTYPE html>
2. <html lang="en">
3.  
4. <?php
5. session_start();
6. $temp = isset($_SESSION["password"]);
7. $_SESSION["password"] = md5($temp);
8. ?>
9.  
10. <head>
11.     <meta charset="UTF-8">
12.     <title>Match Counter!</title>
13.  
14. </head>
15. <body>
16. <div id="wins">
17.     <?php
18.     $servername = "devweb2017.cis.strath.ac.uk";
19.     $username = "ywb16155";
20.     $passwordDB = "xAtYbFaLTKjTGPtj";
21.     $database = "ywb16155";
22.     $conn = new mysqli($servername, $username, $passwordDB, $database);
23.  
24.     if (isset($_POST["password"])) {
25.         $_SESSION["password"] = $_POST["password"];
26.     }
27.  
28.     if ($conn -> connect_error){
29.         die ("connection failed ". mysqli_connect_error()); //remove once debugged
30.     }
31.  
32.  
33.     $sql = "SELECT * FROM `tennisCoaches`";
34.     $result = $conn->query($sql);
35.  
36.     $serverPass ="";
37.     if ($result->num_rows > 0) {
38.         while ($row = $result->fetch_assoc()) {
39.             $serverPass = $row["password"];
40.         }
41.     }
42.  
43.     if (md5($_SESSION["password"]) != $serverPass) {
44.         ?>
45.         <div>
46.             <h4>Please login if you are a coach.</h4>
47.             <form action="coach.php" method="POST">
48.                 <p>
49.                     Password: <input type="text" name="password" value=""/>
50.                 </p>
51.                 <p>
52.                     <input type="submit" value="login"/>
53.                 </p>
54.             </form>
55.         </div>
56.         <?php
57.     }else{
58.  
59.     $sql = "SELECT * FROM `tennisPlayers`;";
60.     $result = $conn->query($sql);
61.  
62.     if (!$result) {
63.         die("Query broke!" . $conn->error);
64.     }
65.  
66.     if ($result->num_rows > 0){
67.     echo "<h3>Number of wins </h3>";
68.     ?>
69.     <table>
70.         <tr>
71.             <th>Player</th>
72.             <th>Wins</th>
73.             <br>
74.         </tr>
75.         <?php
76.         while ($row = $result->fetch_assoc()) {
77.             ?>
78.  
79.             <tr>
80.                 <td><?php echo $row["name"] ?></td>
81.                 <td><?php echo $row["wins"] ?><br></td>
82.             </tr>
83.  
84.             <?php
85.         }
86.         ?>
87.     </table>
88. </div>
89. <div id="played">
90.     <?php
91.     }
92.  
93.     $sql = "SELECT * FROM `tennisGames`;";
94.     $result = $conn->query($sql);
95.  
96.     if ($result->num_rows > 0){
97.     echo "<h3>Games Played</h3>";
98.     ?>
99.     <table>
100.         <?php
101.         while ($row = $result->fetch_assoc()) {
102.             if (($row["player1score"] > 0) || ($row["player2score"] > 0)) {
103.                 ?>
104.                 <tr>
105.                     <td><?php echo $row["player1"] ?></td>
106.                     <td><?php echo $row["player1score"] ?></td>
107.                     V
108.                     <td><?php echo $row["player2"] ?></td>
109.                     <td><?php echo $row["player2score"] ?><br></td>
110.                     <button> </button>
111.                 </tr>
112.  
113.                 <?php
114.             }
115.         }
116.         ?>
117.     </table>
118. </div>
119. <div id="waiting">
120.     <?php
121.     }
122.     $sql = "SELECT * FROM `tennisGames`;";
123.     $result = $conn->query($sql);
124.     if ($result->num_rows > 0){
125.     echo "<h3>Games to be Played</h3>";
126.     ?>
127.     <table>
128.         <?php
129.         while ($row = $result->fetch_assoc()) {
130.             if (($row["player1score"] == 0) && ($row["player2score"] == 0)) {
131.                 ?>
132.                 <tr>
133.                     <td><?php echo $row["player1"] ?></td>
134.                     <td> V</td>
135.                     <td><?php echo $row["player2"] ?><br></td>
136.                 </tr>
137.                 <?php
138.             }
139.         }
140.         }
141.         ?>
142.     </table>
143. </div>
144. <div id="update">
145.     <form action="coach.php" method="post">
146.         <?php
147.         echo "<br>";
148.         echo "<h3> Update the tables!</h3>";
149.         $sql = "SELECT * FROM `tennisPlayers`;";
150.         $result = $conn->query($sql);
151.  
152.         if ($result->num_rows > 0) {
153.             echo "<select name=\"first\">\n";
154.             while ($row = $result->fetch_assoc()) {
155.                 echo "<option value=\"" . $row["id"] . "\">" . $row["name"] . "</option>";
156.             }
157.             echo "<select>\n";
158.         }
159.  
160.         echo "<input type=\"number\" min = 0 max = 6 name=\"score1\" value = \"0\"/>";
161.         echo " V ";
162.         echo "<input type=\"number\" min = 0 max = 6 name=\"score2\" value = \"0\"/>";
163.  
164.         $result = $conn->query($sql);
165.         if ($result->num_rows > 0) {
166.             echo "<select name=\"second\">\n";
167.             while ($row = $result->fetch_assoc()) {
168.                 echo "<option value=\"" . $row["id"] . "\">" . $row["name"] . "</option>";
169.             }
170.             echo "<select>\n";
171.         }
172.         echo "<br>";
173.         ?>
174.         <p>
175.             <input type="submit" name="setScores" value="amend"/>
176.         </p>
177.     </form>
178. </div>
179. <?php
180. if (isset($_REQUEST["setScores"])) {
181.     $id1 = $_POST["first"];
182.     $id2 = $_POST["second"];
183.     $score1 = strip_tags(isset($_POST["score1"]) ? $_POST["score1"] : "");
184.     $score2 = strip_tags(isset($_POST["score2"]) ? $_POST["score2"] : "");
185.  
186.     $sql = "SELECT `name` FROM `tennisPlayers` WHERE `id` = '$id1' ;";
187.     $result = $conn->query($sql);
188.     $temp = $result->fetch_assoc();
189.     $name1 = mysqli_real_escape_string($conn, strip_tags($temp["name"]));
190.  
191.     $sql = "SELECT `name` FROM `tennisPlayers` WHERE `id` = '$id2' ;";
192.     $result = $conn->query($sql);
193.     $temp = $result->fetch_assoc();
194.     $name2 = mysqli_real_escape_string($conn, strip_tags($temp["name"]));
195.  
196.     $sql = "SELECT `gameID` FROM `tennisGames` WHERE `player1` = '$name1' && `player2` = '$name2';";
197.     $result = $conn->query($sql);
198.     $temp = $result->fetch_assoc();
199.     $gameID = $temp["gameID"];
200.  
201.     $sql = "UPDATE `tennisGames` SET `player1score`='$score1',`player2score`='$score2'
202.                              WHERE `gameID` = '$gameID';";
203.     $conn->query($sql);
204.  
205.     if (($conn->query($sql) === TRUE) && ($id1 != $id2)) {
206.         echo "<p>Scores successfully entered.</p>";
207.     } else {
208.         echo "<p>Scores not entered successfully.</p>";
209.     }
210.  
211.     if ($score1 > $score2) {
212.         $sql = "UPDATE `tennisPlayers` SET `wins`= `wins` + 1 WHERE `id` = '$id1';";
213.     } else {
214.         $sql = "UPDATE `tennisPlayers` SET `wins`= `wins` + 1 WHERE `id` = '$id2';";
215.     }
216.  
217.     if (($conn->query($sql) === TRUE) && ($id1 != $id2)) {
218.         echo "<p>Player wins updated.</p>";
219.     }
220.  
221.     $conn->close();
222. }
223. }
224. ?>
225.  
226. <form action="https://devweb2017.cis.strath.ac.uk/~ywb16155/tennis_proj/index.php">
227.     <input type="submit" value="Go to Index" />
228. </form>
229.  
230. </body>
231. </html>