Show sourcecode

The following files exists in this folder. Click to view.

webbsrvprg/exercises/databas/

admin.php
createtable.php
deletepost.php
deletetable.php
insertdefaultposts.php
insertpost.php
ovn_sqlintro1.php
ovn_sqlintro1_delete.php
ovn_sqlintro1_insert.php
ovn_sqlintro1_skapa.php
ovn_sqlintro1_skrivut.php
ovn_sqlintro1_update.php
ovn_sqlintro2.php
ovn_sqlintro2_delete.php
ovn_sqlintro2_insert.php
ovn_sqlintro2_login.php
ovn_sqlintro2_skapa.php
ovn_sqlintro2_skrivut.php
ovn_sqlintro2_update.php
ovn_sqlintro3.php
ovn_sqlintro3_default.php
ovn_sqlintro3_insert.php
ovn_sqlintro3_skapa.php
ovn_sqlintro3_skrivut.php
selectposts.php
updatepost.php
welcome.php

`ovn_sqlintro1_update.php`

146 lines UTF-8 Windows (CRLF)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146


<!doctype html>

<html>



<body>

<?php

include ('../../dbconnection.php');

$message = null;

$getid = null;

$getfirstname = null;

$getlastname = null;

$getphonenum = null;

$getepost = null;



if (isset($_POST['firstname']) && isset($_POST['lastname']) && 

  isset($_POST['id']) && isset($_POST['epost']) && !empty($_POST['firstname']) && 

  !empty($_POST['lastname']) && !empty($_POST['id']) && !empty($_POST['epost'])) {

      

    $id = $_POST['id'];

    $firstname = $_POST['firstname'];

    $lastname = $_POST['lastname'];

    $phonenum = isset($_POST['phonenum']) ? $_POST['phonenum'] : 0;

    $epost = $_POST['epost'];

    

    try {    

        $sql = "UPDATE kompisar SET firstname=?, lastname=?, phonenum=?, epost=?  

          WHERE id=?";

        $stmt = $dbconn->prepare($sql);

        $data = array($firstname, $lastname, $phonenum, $epost, $id);

        $stmt->execute($data);

            

        $message .= "<br />Record updated successfully.<br />";

        $_GET['id'] = null;

    }

    catch(PDOException $e)

        {

        $message .= $sql . "<br>" . $e->getMessage();

    }

} else {

    $message .= "<br />Först väljer du en post. 

      Sen måste du fylla i minst förnamn och efternamn!<br /><br />";

}



if (isset($_GET['id']) && !empty($_GET['id']) ) {

    $id = $_GET['id'];

    

    try {    

        # prepare

        $sql = "SELECT * FROM kompisar WHERE id=?";

        $stmt = $dbconn->prepare($sql);

        $data = array($id);

        $stmt->execute($data);

            

        $res = $stmt->fetch(PDO::FETCH_ASSOC);

        $getid = htmlentities($res['id']);

        $getfirstname = htmlentities($res['firstname']);

        $getlastname = htmlentities($res['lastname']);

        $getphonenum = htmlentities($res['phonenum']);

        $getepost = htmlentities($res['epost']);

        

        $message .= "<br />Record was selected successfully.<br />";

    }

    catch(PDOException $e)

        {

        $message .= $sql . "<br>" . $e->getMessage();

    }

} else {



    $message .= "<br />Välj en ny post att uppdatera.<br /><br />";



}



echo $message;



    ?>

        <form method="post" action=""> 

        <table> 

            <tr>

            <td>Förnamn*:</td>

            <td>

                <input type="text" name="firstname" size="40" maxlength="40" 

                  value="<?= $getfirstname; ?>">

            </td>

            </tr> 

            <tr>

            <td>Efternamn*:</td>

            <td>

                <input type="text" name="lastname" size="40" maxlength="40" 

                  value="<?= $getlastname; ?>">

            </td>

            </tr> 

            <tr>

            <td>Mobilnummer:</td>

            <td>

                <input type="text" name="phonenum" size="20" maxlength="20" 

                  value="<?= $getphonenum; ?>">

            </td>

            </tr> 

            <tr>

            <td>Epost:</td>

            <td>

                <input type="text" name="epost" size="20" maxlength="20" 

                  value="<?= $getepost; ?>">

            </td>

            </tr> 

            <tr>

            <td>* = obligatoriskt</td>

            <td>

                <button type="submit">Lägg till</button>

                <input type="hidden" name="id" value="<?= $getid; ?>">

            </td>

            </tr> 

        </table> 

    </form>

<?php    

    // Ouput table with all posts

    /*** The SQL SELECT statement ***/

    $sql = "SELECT * FROM kompisar";

    $stmt = $dbconn->prepare($sql);

    // fetch width column names, create a table

    $data = array();  

    $stmt->execute($data);

    $output = "<table><caption>En ostylad tabell!</caption>";

    while ($res = $stmt->fetch(PDO::FETCH_ASSOC)) {

        $idx = htmlentities($res['id']);

        $first = htmlentities($res['firstname']);

        $last = htmlentities($res['lastname']);

        $phonenumx = htmlentities($res['phonenum']);

        $epostx = htmlentities($res['epost']);

        

        $output .= "<tr>".

            "<td><a href='?id=$idx'>$idx</a></td>".

            "<td>$first</td>".

            "<td>$last</td>".

            "<td>$phonenumx</td>".

            "<td>$epostx</td>".

        "</tr>";

        

    }

    $output .= "</table>";

    echo "$output";



    $dbconn = null;

?>



</body>

</html>