-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathUpdateCinema.php
More file actions
123 lines (95 loc) · 2.65 KB
/
UpdateCinema.php
File metadata and controls
123 lines (95 loc) · 2.65 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
<?php
// Author: Matt Wallace
// Last Edited: 04/28/2015
// I promise this is my code.
// Description:
// Update a cinema in the database
include "login.php";
if(isset($_SESSION["userType"]) == false)
{
echo "Not logged in!";
echo '<br><br>';
echo '<a href ="LoginPage.php">Go Log In</a>';
die();
}
?>
<html>
<head>
<title>
Update Cinema
</title>
</head>
<h3>
Update Cinema
</h3>
<body>
<?php
$sessionUser = $_SESSION['userType'];
// restrict access only to certain userTypes
if($sessionUser != "admin")
{
echo 'Not logged in as a Admin!';
echo '<br><br>';
echo '<a href ="LoginPage.php">Go Log In</a>';
die();
}
echo "Logged in as: $sessionUser";
if($sessionUser == "member")
{
echo "<br>Membership ID: " . $_SESSION['memberID'] . "<br>";
}
$date = $_SESSION["today"];
echo "<br>";
echo "Today's date: $date";
?>
<br>
<br>
<?php
if(isset($_POST['cinemaToUpdate']))
{
$cinemaID = $_POST['cinemaToUpdate'];
$cinemaGet = "select * from Cinema C where C.ID = $cinemaID";
$cinemaResult = mysql_query($cinemaGet) or die (mysql_error());
if($row = mysql_fetch_array($cinemaResult))
{
$cinemaName = $row['Name'];
$cinemaAddress = $row['Address'];
$cinemaPhoneNumber = $row['PhoneNumber'];
echo "<form action ='ConfirmUpdateCinema.php' method='post'>";
echo "Name: <input type='text' name='cinemaName' value='$cinemaName' required>";
echo "<br>";
echo "Address: <input type='text' name='cinemaAddress' value='$cinemaAddress' required>";
echo "<br>";
echo "Phone Number: <input type='tel' name='cinemaPhoneNumber' value='$cinemaPhoneNumber' required>";
echo "<br>";
echo "<input type ='hidden' name ='cinemaID' value='$cinemaID'>";
echo "<br>";
echo "<input type = 'submit' value = 'Update Cinema'>";
echo "</form>";
}
}
else
{
$cinemasQuery = "select * from Cinema";
$cinemasResult = mysql_query($cinemasQuery) or die(mysql_error());
echo "<form action ='UpdateCinema.php' method='post'>";
echo "<select name='cinemaToUpdate'>";
while($row = mysql_fetch_array($cinemasResult))
{
$cinemaID = $row['ID'];
$cinemaName = $row['Name'];
$cinemaAddress = $row['Address'];
echo "<option value= '$cinemaID' >$cinemaName, $cinemaAddress</option>";
}
echo "</select>";
echo "<br><br>";
echo "<input type = 'submit' value = 'Select cinema to edit'>";
echo "</form>";
}
echo "<br>";
echo "<form action ='index.php'>";
echo "<input type ='submit' value = 'Go back to index' >";
echo "</form>";
?>
</body>
</html>