-global $connection;
-$client_id = get_client_id($_SESSION['email']);
-$sql_pquery = "update RESERVATIONS
- set NbPlaces = ?, Classe = ?
- where NumCl = ? and NumVol = ?";
-$connection->prepare_query($sql_pquery);
-$connection->prepared_query_bind_param("isis", array($form_nb_place, $form_class_name, $client_id, $form_flight_id));
-$connection->run_prepared_query();
-$connection->close_prepared_query();
-echo "Modifications enregistrées. <br>";
-redirect("index.php?page=reservations", 3);
+global $is_logged_in;
+if (!$is_logged_in) {
+ echo "Please login first. <br>";
+ $_SESSION['login_referer'] = $_SERVER['HTTP_REFERER'];
+ redirect("index.php?page=login", 2);
+}
+
+$input_failure = false;
+
+if (!$form_nb_place) {
+ echo "Nombre de place(s) invalide. <br>";
+ $input_failure = true;
+}
+
+if (!$input_failure && $is_logged_in && !empty($form_nb_place) && !empty($form_class_name) && !empty($form_previous_class_name)) {
+ global $connection;
+ $client_id = get_client_id($_SESSION['email']);
+ if (strcmp($form_class_name, $form_previous_class_name) === 0) {
+ $sql_pquery = "update RESERVATIONS
+ set NbPlaces = ?
+ where NumCl = ? and NumVol = ? and Classe = ?";
+ } else {
+ $sql_pquery = "update RESERVATIONS
+ set NbPlaces = ?, Classe = ?
+ where NumCl = ? and NumVol = ? and Classe = ?";
+ }
+ $connection->prepare_query($sql_pquery);
+ if (strcmp($form_class_name, $form_previous_class_name) === 0) {
+ $connection->prepared_query_bind_param("iiss", array($form_nb_place, $client_id, $form_flight_id, $form_previous_class_name));
+ } else {
+ $connection->prepared_query_bind_param("isiss", array($form_nb_place, $form_class_name, $client_id, $form_flight_id, $form_previous_class_name));
+ }
+ $connection->run_prepared_query();
+ $connection->close_prepared_query();
+ echo "Modifications enregistrées. <br>";
+ redirect("index.php?page=reservations", 3);
+} else {
+ echo "Make an error message. <br>";
+ echo "<a href=\"javascript:history.go(-1)\">Retour</a>";
+}
+