-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathedit_area.php
executable file
·156 lines (110 loc) · 3.44 KB
/
edit_area.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
<?php
/*
Allows user to edit specific entry in database
*/
session_start();
// creates the edit record form
// since this form is used multiple times in this file, made it for easily reuse!
function renderForm($id, $name, $area, $error)
{
?>
<!DOCTYPE HTML>
<html>
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="http://www.w3schools.com/lib/w3.css">
<head>
<title>Edit the Research Information of the Professor</title>
</head>
<?php
// if there are any errors, display them
if ($error != '')
{
echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>';
}
?>
<body style="margin:10%; margin-left:20%; margin-right:20%">
<div class="w3-card-4 w3-large">
<div class="w3-container w3-indigo">
<h2>Edit Research Information</h2>
</div>
<form action="" method="post" class="w3-container">
<input class="w3-input w3-border" type="hidden" name="id" value="<?php echo $id; ?>"/>
<input class="w3-input w3-border" type="hidden" name="name" value="<?php echo $name; ?>"/>
<p><label class="w3-label"><strong>Area ID:</strong></label> <?php echo $id; ?></p>
<p>
<label class="w3-label"><strong>Name:</strong></label> <?php echo $name; ?>
</p>
<p>
<label class="w3-label"><strong>Research Area* :</strong></label>
<input class="w3-input w3-border" type="text" name="area" value="<?php echo $area; ?>"/>
</p>
<p><strong>* Required</strong></p>
<input class="w3-btn-block w3-indigo" type="submit" name="submit" value="Submit">
</form>
<div class="w3-panel w3-padding-4"></div>
</div>
</body>
</html>
<?php
}
// connect to the database
include('connect_db.php');
// check if the form has been submitted. If it has, process the form and save it to the database
if (isset($_POST['submit']))
{
// get form data, making sure it is valid
$id = mysql_real_escape_string(htmlspecialchars($_POST['id']));
$name = mysql_real_escape_string(htmlspecialchars($_POST['name']));
$area = mysql_real_escape_string(htmlspecialchars($_POST['area']));
// check that email/dept fields are both filled in
if ($id == '' || $name == '' || $area == '')
{
// generate error message
$error = 'ERROR: Please fill in all required fields!';
//error, display form
renderForm($id, $name, $area, $error);
}
else
{
// save the data to the database
$myquery = "UPDATE research SET name = '$name', area = '$area' WHERE id = '$id'";
mysql_query($myquery)
or die("Cannot process the query : ". $myquery. mysql_error());
// once saved, redirect back to the view page
header("Location: users_page.php");
}
}
else
// if the form hasn't been submitted, get the data from the db and display the form
{
// get the 'id' value from the URL (if it exists), making sure that it is valid
if (isset($_GET['id']) && is_numeric($_GET['id']) )
{
// query db
$id = $_GET['id'];
$myquery = "SELECT research.* FROM research WHERE research.id = $id";
$result = mysql_query($myquery)
or die("Cannot process the query: ".$myquery. mysql_error());
$row = mysql_fetch_array($result);
// check that the 'id' matches up with a row in the databse
if($row)
{
// get data from db
$name = $row[1];
$area = $row[2];
// show form
renderForm($id, $name, $area, '');
}
else
// if no match, display result
{
echo "No matched results for the id: ".$id."!";
}
}
else
// if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error
{
echo 'Error! Invalid id : '.$_GET['id'].' !';
}
}
?>