Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once('inc/ses_check.php');
- require_once('inc/mysql_connection.php');
- require_once('inc/my_functions.php');
- if(isset($_POST['pr_action'])){
- $action=$_POST['pr_action'];
- switch($action){
- case 1: //this is for add
- $username=$_POST['usr_name'];
- $fullname=$_POST['usr_fullname'];
- $usertype=$_POST['usr_usertype'];
- $password=$_POST['usr_pwd'];
- $retries=0;
- if(!isUsernameExist($username)){
- $sql="INSERT INTO tbl_users(username,fullname,pwd,retries,usertype)VALUES('$username','$fullname','$password','$retries','$usertype');";
- $result=mysql_query($sql);
- if($result){
- echo infoMsg(1);
- }else{
- die("error");
- }
- }else{
- echo errMsg(1);
- }
- break;
- case 2: //retrieve values from the previous page
- $username=$_POST['usr_name'];
- $fullname=$_POST['usr_fullname'];
- $usertype=$_POST['usr_usertype'];
- $password=$_POST['usr_pwd'];
- $retries=0;
- $temp_Id=$_POST['temp_id'];
- if(!checkIfUpdateDuplicatesUser($username,$temp_Id)){
- $sql="UPDATE tbl_users SET username='$username',fullname='$fullname',pwd='$password',retries=$retries,usertype=$usertype WHERE Id=$temp_Id;";
- $result=mysql_query($sql);
- if($result){
- echo infoMsg(2);
- }else{
- die("Error in updating record".mysql_error());
- }
- }else{
- echo errMsg(1);
- }
- break;
- case 3:
- $temp_Id=$_POST['selected_Id'];
- $sql="DELETE FROM tbl_users WHERE Id=$temp_Id;";
- $result=mysql_query($sql);
- if(result){
- $_SESSION['errmsg']=infoMsg(3);
- header('location:user_mgmt.php');
- }else{
- die("Error in deleting record".mysql_error());
- }
- break;
- case 4:
- $search_str=$_POST['txt_search'];
- if($search_str<>""){
- $_SESSION['search_str']=$search_str;
- }
- header('location:user_mgmt.php');
- break;
- case 5:
- $Id=$_POST['Id'];
- $typeCode=$_POST['type_code'];
- $typeDesc=$_POST['type_desc'];
- if(!isUserIdExist($Id)){
- $sql="INSERT INTO tbl_usertypes(Id,type_code,type_desc) VALUES('$Id','$typeCode','$typeDesc');";
- $result=mysql_query($sql);
- if($result){
- echo infoMsg(1);
- }else{
- die("Error".mysql_error());
- }
- }else{
- echo errMsg(1);
- }
- break;
- }
- }else{
- die('Invalid Action');
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement