-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathedit.php
More file actions
68 lines (51 loc) · 1.83 KB
/
edit.php
File metadata and controls
68 lines (51 loc) · 1.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
<?php
include_once('config.php');
if(!$_GET['id'])
{
die('Some error occured!!');
}
$db = @mysql_connect($database['host'], $database['username'], $database['password']) or die('Can\'t connect do database');
@mysql_select_db($database['name']) or die('The database selected does not exists');
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
$errors = validate(array('id', 'firstname', 'lastname', 'phone'), $_POST);
if(count($errors) == 0)
{
$query = sprintf("UPDATE contacts set firstname = '%s',
lastname = '%s',
phone = '%s',
mobile = '%s' WHERE id = %s",
mysql_real_escape_string($_POST['firstname']),
mysql_real_escape_string($_POST['lastname']),
mysql_real_escape_string($_POST['phone']),
mysql_real_escape_string($_POST['mobile']),
mysql_real_escape_string($_POST['id'])
);
$rs = mysql_query($query);
if (!$rs)
{
die_with_error(mysql_error(), $query);
}
header('Location: index.php');
}
}
else
{
$query = sprintf('SELECT * FROM contacts WHERE id = %s', mysql_real_escape_string($_GET['id']));
$rs = mysql_query($query);
if (!$rs)
{
die_with_error(mysql_error(), $query);
}
$row = mysql_fetch_assoc($rs);
$_POST['id'] = $row['id'];
$_POST['firstname'] = $row['firstname'];
$_POST['lastname'] = $row['lastname'];
$_POST['phone'] = $row['phone'];
$_POST['mobile'] = $row['mobile'];
}
mysql_close($db);
?>
<?php include_once('header.php') ?>
<?php include_once('_form.php') ?>
<?php include_once('footer.php') ?>