-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathAddMovie.php
More file actions
118 lines (90 loc) · 2.8 KB
/
AddMovie.php
File metadata and controls
118 lines (90 loc) · 2.8 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
<?php
/*|-------------------------------------------------------------------------
*| CMPS 460 Spring 2015
*| Ryan Adair
*| 4/28/15
*|
*| The following code is the work of the author named above.
*|-----------------------------------------------------------------------
*| This script generates a webpage with the appropriate fields
*| displayed to allow an admin to enter a new movie into the
*| Movie table of the database.
*|-----------------------------------------------------------------------*/
include "login.php";
if(isset($_SESSION["userType"]) == false)
{
echo "Not logged in!";
echo '<br><br>';
echo '<a href ="LoginPage.php">Go Log In</a>';
die();
}
?>
<html>
<head>
<title>
Add A Movie
</title>
</head>
<h3>
Add New Movie
</h3>
<body>
<?php
$sessionUser = $_SESSION['userType'];
// restrict access only to certain userTypes
if($sessionUser != "admin")
{
echo 'You do not have permission to view this page.';
echo '<br><br>';
echo '<a href ="LoginPage.php">Go Log In</a>';
die();
}
echo "Logged in as: $sessionUser";
if($sessionUser == "member")
{
echo "<br>Membership ID: " . $_SESSION['memberID'] . "<br>";
}
$date = $_SESSION["today"];
echo "<br>";
echo "Today's date: $date";
?>
<br>
<br>
<?php
if(isset($_POST['title']) && isset($_POST['stars']) && isset($_POST['description']) && isset($_POST['runtime']) && isset($_POST['rating']))
{
$title = $_POST['title'];
$stars = $_POST['stars'];
$description = $_POST['description'];
$runtime = $_POST['runtime'];
$rating = $_POST['rating'];
$addMovieQuery = "insert into Movie (Title, Stars, Description, RunningTimeMinutes, Rating)
values ('$title', '$stars', '$description', '$runtime', '$rating')";
$addMovieResult = mysql_query($addMovieQuery) or die(mysql_error());
echo "Movie successfully added!<br>";
}
else
{
?>
<form action='AddMovie.php' method = 'post'>
Title: <input type="text" name="title" placeholder="Title..." required><br><br>
Starring: <br><textarea name="stars" cols=40 rows=4 placeholder="Stars..."></textarea><br><br>
Description: <br><textarea name="description" cols=60 rows=8 placeholder="Description..."></textarea><br><br>
Running Time: <input type="number" min="1" step="1" name="runtime" placeholder="90" required> min<br><br>
Rating: <select name="rating">
<option value="G">G</option>
<option value="PG">PG</option>
<option value="PG13">PG-13</option>
<option value="R">R</option>
</select><br>
<br><input type="submit" value="Add Movie">
</form>
<?php
}
echo "<br>";
echo "<form action ='index.php'>";
echo "<input type ='submit' value = 'Go back to index' >";
echo "</form>";
?>
</body>
</html>