-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathedit.php
More file actions
113 lines (94 loc) · 3.23 KB
/
Copy pathedit.php
File metadata and controls
113 lines (94 loc) · 3.23 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
<?php
session_start();
// Check if the user is already logged in, if yes then redirect him to welcome page
if(isset($_SESSION["loggedin"]) && $_SESSION["loggedin"] === true){
}
else{
header("location: login.php");
exit;
}
// Include config file
$title = "Edit My AniDEX";
$act2 = "active";
include "./includes/header.php";
// include the config file that we created before
require_once "./admin/config.php";
if (isset($_GET['id']) && !empty($_GET['id'])) {
// this is called a try/catch statement
try {
// FIRST: Connect to the database
$connection = new PDO($dsn, $username, $password, $options);
$id = $_GET['id'];
// SECOND: Create the SQL
$sql = "SELECT * FROM users, anibase where anibase.userid = users.id and anibase.animeid= :id";
// THIRD: Prepare the SQL
$statement = $connection->prepare($sql);
$statement->bindValue(':id', $id);
$statement->execute();
// FOURTH: Put it into a $result object that we can access in the page
$result = $statement->fetchAll();
if(isset($_POST['submit'])) {
try {
$connection = new PDO($dsn, $username, $password, $options);
$id = $_GET['id'];
$userid = $_SESSION['id'];
$episodes = $_POST['episodes'];
$sql2 = "UPDATE anibase SET episodes = :episodes WHERE anibase.animeid = :id and anibase.userid = :userid";
$statement = $connection->prepare($sql2);
$statement->bindValue(":id", $id);
$statement->bindValue(":userid", $userid);
$statement->bindValue(":episodes", $episodes);
$statement->execute();
}
catch(PDOException $error) {
echo $sql2. "<br>" . $error->getMessage();
}
}
}
catch(PDOException $error) {
// if there is an error, tell us what it is
echo $sql . "<br>" . $error->getMessage();
}
foreach($result as $row) {
if ($_SESSION['id'] == $row['userid']){
?>
<?php if (isset($_POST['submit']) && $statement) {?>
<h3><p class='container-fluid bg-success'>Anime Successfully Updated.</br>Results Refreshing...</p></h3>
<script> setTimeout(function() { window.location = "edit.php?id=<?php echo $row['animeid']?>"; }, 1250);</script>
<?php
}?>
<div class="container-fluid">
<h2>Edit AniDEX</h2>
<form action="edit.php?id=<?php echo $row['animeid'];?>" class="episodes" method="post">
<table class="table table-bordered table-striped">
<thead>
<tr>
<th>Anime</th>
<th>Episodes Watched</th>
<th>Delete</th>
</tr>
</thead>
<tbody>
<tr>
<td name="animename" value="<?php echo $row['animename'];?>"><?php echo $row['animename'];?></td>
<td>
<input required type="number" min="0" id="episodes" name="episodes" value="<?php echo $row['episodes'];?>">
<input type="submit" name="submit" value="SAVE" class="btn-update btn btn-default btn-sm">
</td>
<td> <a href="delete.php?id=<?php echo $row['animeid'];?>" class="btn btn-default btn-sm">
<span class="glyphicon glyphicon-remove"></span>
</a></td>
</tr>
</tbody>
</table>
<?php }
} ?>
</form>
</div>
</body>
</html>
<?php
}else{
echo "Error: Unknown ID";
}
?>