From 8d17cae35f4eb54914596e544f4a6ee43268426d Mon Sep 17 00:00:00 2001 From: =?utf8?q?J=C3=A9r=C3=B4me=20Benoit?= Date: Fri, 19 Jan 2018 23:11:38 +0100 Subject: [PATCH] Polish the reservation modification code. MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Jérôme Benoit --- includes/formmodify.php | 31 ++++++++++++++++++++++--------- includes/modify.php | 10 +++++++++- 2 files changed, 31 insertions(+), 10 deletions(-) diff --git a/includes/formmodify.php b/includes/formmodify.php index 20e53f6..2a612a6 100644 --- a/includes/formmodify.php +++ b/includes/formmodify.php @@ -3,15 +3,28 @@ $form_flight_id = filter_input(INPUT_POST, "flight_id", FILTER_SANITIZE_STRING); $form_nb_place = filter_input(INPUT_POST, "nb_place", FILTER_VALIDATE_INT); $form_class_name = filter_input(INPUT_POST, "class_name", FILTER_SANITIZE_STRING); -global $connection; -$client_id = get_client_id($_SESSION['email']); -$sql_pquery = "update RESERVATIONS +$input_failure = false; + +if (!$form_nb_place) { + echo "Nombre de place(s) invalide.
"; + $input_failure = true; +} + +if (!$input_failure && !empty($form_nb_place) && !empty($form_class_name)) { + global $connection; + $client_id = get_client_id($_SESSION['email']); + $sql_pquery = "update RESERVATIONS set NbPlaces = ?, Classe = ? where NumCl = ? and NumVol = ?"; -$connection->prepare_query($sql_pquery); -$connection->prepared_query_bind_param("isis", array($form_nb_place, $form_class_name, $client_id, $form_flight_id)); -$connection->run_prepared_query(); -$connection->close_prepared_query(); -echo "Modifications enregistrées.
"; -redirect("index.php?page=reservations", 3); + $connection->prepare_query($sql_pquery); + $connection->prepared_query_bind_param("isis", array($form_nb_place, $form_class_name, $client_id, $form_flight_id)); + $connection->run_prepared_query(); + $connection->close_prepared_query(); + echo "Modifications enregistrées.
"; + redirect("index.php?page=reservations", 3); +} else { + echo "Make an error message.
"; + echo "Retour"; +} + ?> diff --git a/includes/modify.php b/includes/modify.php index aeb9741..7915c48 100644 --- a/includes/modify.php +++ b/includes/modify.php @@ -1,8 +1,16 @@ "; + $_SESSION['login_referer'] = $_SERVER['HTTP_REFERER']; + redirect("index.php?page=login", 2); + include('footer.html'); + exit(); +} $flight_id = filter_input(INPUT_GET, "flight_id", FILTER_SANITIZE_STRING); $class_name = filter_input(INPUT_GET, "class_name", FILTER_SANITIZE_STRING); $client_id = get_client_id($_SESSION['email']); -echo "

Modification de la réservation sur le vol $flight_id

\n"; +echo "

Modification de la réservation sur le vol $flight_id

\n"; global $connection; $sql_pquery = "select NumCl, NumVol, Classe, NbPlaces from RESERVATIONS -- 2.34.1