X-Git-Url: https://git.piment-noir.org/?a=blobdiff_plain;f=includes%2Fformmodify.php;h=a09debeb035b46008d279e7df50a2262a87a5dd9;hb=a0e7c679474abba8e61aa6241f7a5293ab631cc1;hp=20e53f651226f558038b5a53b60b80baf4d7487c;hpb=c49f721926f5d76a8eef80bd5174d68b5a151442;p=Project_webapp.git

diff --git a/includes/formmodify.php b/includes/formmodify.php
index 20e53f6..a09debe 100644
--- a/includes/formmodify.php
+++ b/includes/formmodify.php
@@ -1,17 +1,48 @@
 <?php
 $form_flight_id = filter_input(INPUT_POST, "flight_id", FILTER_SANITIZE_STRING);
 $form_nb_place = filter_input(INPUT_POST, "nb_place", FILTER_VALIDATE_INT);
+$form_previous_class_name = filter_input(INPUT_POST, "previous_class_name", FILTER_SANITIZE_STRING);
 $form_class_name = filter_input(INPUT_POST, "class_name", FILTER_SANITIZE_STRING);
 
-global $connection;
-$client_id = get_client_id($_SESSION['email']);
-$sql_pquery = "update RESERVATIONS
-                   set NbPlaces = ?, Classe = ?
-                   where NumCl = ? and NumVol = ?";
-$connection->prepare_query($sql_pquery);
-$connection->prepared_query_bind_param("isis", array($form_nb_place, $form_class_name, $client_id, $form_flight_id));
-$connection->run_prepared_query();
-$connection->close_prepared_query();
-echo "Modifications enregistre&#769;es. <br>";
-redirect("index.php?page=reservations", 3);
+global $is_logged_in;
+if (!$is_logged_in) {
+    echo "Please login first. <br>";
+    $_SESSION['login_referer'] = $_SERVER['HTTP_REFERER'];
+    redirect("index.php?page=login", 2);
+}
+
+$input_failure = false;
+
+if (!$form_nb_place) {
+    echo "Nombre de place(s) invalide. <br>";
+    $input_failure = true;
+}
+
+if (!$input_failure && $is_logged_in && !empty($form_nb_place) && !empty($form_class_name) && !empty($form_previous_class_name)) {
+    global $connection;
+    $client_id = get_client_id($_SESSION['email']);
+    if (strcmp($form_class_name, $form_previous_class_name) === 0) {
+        $sql_pquery = "update RESERVATIONS
+                       set NbPlaces = ?
+                       where NumCl = ? and NumVol = ? and Classe = ?";
+    } else {
+        $sql_pquery = "update RESERVATIONS
+                       set NbPlaces = ?, Classe = ?
+                       where NumCl = ? and NumVol = ? and Classe = ?";
+    }
+    $connection->prepare_query($sql_pquery);
+    if (strcmp($form_class_name, $form_previous_class_name) === 0) {
+        $connection->prepared_query_bind_param("iiss", array($form_nb_place, $client_id, $form_flight_id, $form_previous_class_name));
+    } else {
+        $connection->prepared_query_bind_param("isiss", array($form_nb_place, $form_class_name, $client_id, $form_flight_id, $form_previous_class_name));
+    }
+    $connection->run_prepared_query();
+    $connection->close_prepared_query();
+    echo "Modifications enregistre&#769;es. <br>";
+    redirect("index.php?page=reservations", 3);
+} else {
+    echo "Make an error message. <br>";
+    echo "<a href=\"javascript:history.go(-1)\">Retour</a>";
+}
+
 ?>