Signed-off-by: Jérôme Benoit <jerome.benoit@piment-noir.org>
$form_nb_place = filter_input(INPUT_POST, "nb_place", FILTER_VALIDATE_INT);
$form_class_name = filter_input(INPUT_POST, "class_name", FILTER_SANITIZE_STRING);
$form_nb_place = filter_input(INPUT_POST, "nb_place", FILTER_VALIDATE_INT);
$form_class_name = filter_input(INPUT_POST, "class_name", FILTER_SANITIZE_STRING);
-global $connection;
-$client_id = get_client_id($_SESSION['email']);
-$sql_pquery = "update RESERVATIONS
+$input_failure = false;
+
+if (!$form_nb_place) {
+ echo "Nombre de place(s) invalide. <br>";
+ $input_failure = true;
+}
+
+if (!$input_failure && !empty($form_nb_place) && !empty($form_class_name)) {
+ global $connection;
+ $client_id = get_client_id($_SESSION['email']);
+ $sql_pquery = "update RESERVATIONS
set NbPlaces = ?, Classe = ?
where NumCl = ? and NumVol = ?";
set NbPlaces = ?, Classe = ?
where NumCl = ? and NumVol = ?";
-$connection->prepare_query($sql_pquery);
-$connection->prepared_query_bind_param("isis", array($form_nb_place, $form_class_name, $client_id, $form_flight_id));
-$connection->run_prepared_query();
-$connection->close_prepared_query();
-echo "Modifications enregistrées. <br>";
-redirect("index.php?page=reservations", 3);
+ $connection->prepare_query($sql_pquery);
+ $connection->prepared_query_bind_param("isis", array($form_nb_place, $form_class_name, $client_id, $form_flight_id));
+ $connection->run_prepared_query();
+ $connection->close_prepared_query();
+ echo "Modifications enregistrées. <br>";
+ redirect("index.php?page=reservations", 3);
+} else {
+ echo "Make an error message. <br>";
+ echo "<a href=\"javascript:history.go(-1)\">Retour</a>";
+}
+
+global $is_logged_in;
+if (!$is_logged_in) {
+ echo "Please login first. <br>";
+ $_SESSION['login_referer'] = $_SERVER['HTTP_REFERER'];
+ redirect("index.php?page=login", 2);
+ include('footer.html');
+ exit();
+}
$flight_id = filter_input(INPUT_GET, "flight_id", FILTER_SANITIZE_STRING);
$class_name = filter_input(INPUT_GET, "class_name", FILTER_SANITIZE_STRING);
$client_id = get_client_id($_SESSION['email']);
$flight_id = filter_input(INPUT_GET, "flight_id", FILTER_SANITIZE_STRING);
$class_name = filter_input(INPUT_GET, "class_name", FILTER_SANITIZE_STRING);
$client_id = get_client_id($_SESSION['email']);
-echo "<h1> Modification de la réservation sur le vol $flight_id</h2>\n";
+echo "<h1> Modification de la réservation sur le vol $flight_id </h2>\n";
global $connection;
$sql_pquery = "select NumCl, NumVol, Classe, NbPlaces
from RESERVATIONS
global $connection;
$sql_pquery = "select NumCl, NumVol, Classe, NbPlaces
from RESERVATIONS
repositories / Project_webapp.git / commitdiff
