HUM/processTaskForm.php at master · swimtech20/HUM · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
<?php
session_start();
include '../../../dbconnect.php';
require_once("functions.php");
ini_set("display_errors", true);
error_reporting(E_ALL);
	$tTitle = $taskDate = $sql = "";
	$titleErr = $taskDateErr = "";
	$hasErrors = false;

	if($_SERVER['REQUEST_METHOD']=='POST'){
		$tTitle = cleanData($_POST['task']);
			$titleErr = validate($tTitle, 'tTitle');
			if(!empty($titleErr)){
				$hasErrors = true;
			}//if
		$time = $_POST['taskDate'];
		if(!$hasErrors){
			sendData($tTitle, $_SESSION["gid"], $time);
			redirect("../taskSettings.php");
		}
		else{
			redirect("../taskSettings.php");
		}
	}//if

	//FUNCTIONS
	function cleanData($data){
		$data = trim($data);
		$data = stripslashes($data);
		$data = htmlspecialchars($data);
		return $data;
	}//cleanData

	function validate($data, $field) {
			$data = strtolower($data);
			$data = ucfirst($data);
			$gid = $_SESSION["gid"];

			switch($field){

				case 'tTitle':{
					$sql = "SELECT * FROM task WHERE name = '$data' AND GID = '$gid'";
					$result = mysqli_query($GLOBALS['db'], $sql);

					$count = mysqli_num_rows($result);
					if($count != 0){
						return "Task of the same name already exists";
					}
					else {
						return "";
					}
				}//case tTitle
			 case 'taskDate':{

			 }//case taskDate

			}//switch

	}//function validate

	function sendData($task, $gid, $time){
			$sql = "INSERT INTO task (name, GID, time) VALUES ('$task','$gid', '$time' )";
			$result = mysqli_query($GLOBALS['db'], $sql);

			if(!$result){
				die('Error: ' . mysqli_error($GLOBALS['db']));
			}
			else{
				//echo "Task successfully created and assigned!";
			}//ifelse
	}//function sendData
?>