Polish the reservation modification code.

author Jérôme Benoit <jerome.benoit@piment-noir.org>

Fri, 19 Jan 2018 22:11:38 +0000 (23:11 +0100)

committer Jérôme Benoit <jerome.benoit@piment-noir.org>

Fri, 19 Jan 2018 22:11:38 +0000 (23:11 +0100)
author Jérôme Benoit <jerome.benoit@piment-noir.org>
Fri, 19 Jan 2018 22:11:38 +0000 (23:11 +0100)
committer Jérôme Benoit <jerome.benoit@piment-noir.org>
Fri, 19 Jan 2018 22:11:38 +0000 (23:11 +0100)
diff --git a/includes/formmodify.php b/includes/formmodify.php

index 20e53f651226f558038b5a53b60b80baf4d7487c..2a612a65101ae4926b1983a4fd358b7ac7ff3f7d 100644 (file)
--- a/includes/formmodify.php
+++ b/includes/formmodify.php
@@ -3,15 +3,28 @@ $form_flight_id = filter_input(INPUT_POST, "flight_id", FILTER_SANITIZE_STRING);
  $form_nb_place = filter_input(INPUT_POST, "nb_place", FILTER_VALIDATE_INT);
  $form_class_name = filter_input(INPUT_POST, "class_name", FILTER_SANITIZE_STRING);
  
-global $connection;
-$client_id = get_client_id($_SESSION['email']);
-$sql_pquery = "update RESERVATIONS
+$input_failure = false;
+
+if (!$form_nb_place) {
+    echo "Nombre de place(s) invalide. <br>";
+    $input_failure = true;
+}
+
+if (!$input_failure && !empty($form_nb_place) && !empty($form_class_name)) {
+    global $connection;
+    $client_id = get_client_id($_SESSION['email']);
+    $sql_pquery = "update RESERVATIONS
                     set NbPlaces = ?, Classe = ?
                     where NumCl = ? and NumVol = ?";
-$connection->prepare_query($sql_pquery);
-$connection->prepared_query_bind_param("isis", array($form_nb_place, $form_class_name, $client_id, $form_flight_id));
-$connection->run_prepared_query();
-$connection->close_prepared_query();
-echo "Modifications enregistre&#769;es. <br>";
-redirect("index.php?page=reservations", 3);
+    $connection->prepare_query($sql_pquery);
+    $connection->prepared_query_bind_param("isis", array($form_nb_place, $form_class_name, $client_id, $form_flight_id));
+    $connection->run_prepared_query();
+    $connection->close_prepared_query();
+    echo "Modifications enregistre&#769;es. <br>";
+    redirect("index.php?page=reservations", 3);
+} else {
+    echo "Make an error message. <br>";
+    echo "<a href=\"javascript:history.go(-1)\">Retour</a>";
+}
+
  ?>
diff --git a/includes/modify.php b/includes/modify.php

index aeb9741444e0b39a1df6028e9bab8c5f5b6f83ee..7915c48e53fe40688bb07bc288bb40c41839071e 100644 (file)
--- a/includes/modify.php
+++ b/includes/modify.php
@@ -1,8 +1,16 @@
  <?php
+global $is_logged_in;
+if (!$is_logged_in) {
+    echo "Please login first. <br>";
+    $_SESSION['login_referer'] = $_SERVER['HTTP_REFERER'];
+    redirect("index.php?page=login", 2);
+    include('footer.html');
+    exit();
+}
  $flight_id = filter_input(INPUT_GET, "flight_id", FILTER_SANITIZE_STRING);
  $class_name = filter_input(INPUT_GET, "class_name", FILTER_SANITIZE_STRING);
  $client_id = get_client_id($_SESSION['email']);
-echo "<h1> Modification de la re&#769;servation sur le vol $flight_id</h2>\n";
+echo "<h1> Modification de la re&#769;servation sur le vol $flight_id </h2>\n";
  global $connection;
  $sql_pquery = "select NumCl, NumVol, Classe, NbPlaces
                 from RESERVATIONS
author	Jérôme Benoit <jerome.benoit@piment-noir.org>
	Fri, 19 Jan 2018 22:11:38 +0000 (23:11 +0100)
committer	Jérôme Benoit <jerome.benoit@piment-noir.org>
	Fri, 19 Jan 2018 22:11:38 +0000 (23:11 +0100)
includes/formmodify.php		patch \| blob \| blame \| history
includes/modify.php		patch \| blob \| blame \| history