-
Notifications
You must be signed in to change notification settings - Fork 0
/
update.php
117 lines (101 loc) · 3.92 KB
/
update.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
<?php
require_once "config.php";
$title = $body = "";
$title_err = $body_err = "";
if(isset($_POST["id"]) && !empty($_POST["id"])){
$id = $_POST["id"];
$input_title = trim($_POST["title"]);
if(empty($input_title)){
$title_err = "Please enter a title.";
} elseif(!filter_var($input_title, FILTER_VALIDATE_REGEXP, array("options"=>array("regexp"=>"/^[a-zA-Z\s]+$/")))){
$title_err = "Please enter a valid post title.";
} else{
$title = $input_title;
}
$input_body = trim($_POST["body"]);
if(empty($input_body)){
$body_err = "Please enter the post body.";
} else{
$body = $input_body;
}
if(empty($title_err) && empty($body_err)){
$sql = "UPDATE posts SET title=?, body=? WHERE id=?";
if($stmt = $mysqli->prepare($sql)){
$stmt->bind_param("ssi", $param_title, $param_body, $param_id);
$param_title = $title;
$param_body = $body;
$param_id = $id;
if($stmt->execute()){
header("location: index.php");
exit();
} else{
echo "Oops! Something went wrong. Please try again later.";
}
}
$stmt->close();
}
$mysqli->close();
} else{
if(isset($_GET["id"]) && !empty(trim($_GET["id"]))){
$id = trim($_GET["id"]);
$sql = "SELECT * FROM posts WHERE id = ?";
if($stmt = $mysqli->prepare($sql)){
$stmt->bind_param("i", $param_id);
$param_id = $id;
if($stmt->execute()){
$result = $stmt->get_result();
if($result->num_rows == 1){
$row = $result->fetch_array(MYSQLI_ASSOC);
$title = $row["title"];
$body = $row["body"];
} else{
header("location: error.php");
exit();
}
} else{
echo "Oops! Something went wrong. Please try again later.";
}
}
$stmt->close();
$mysqli->close();
} else{
header("location: error.php");
exit();
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Update Record</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
<link rel="stylesheet" href="style.css">
</head>
<body>
<div class="wrapper">
<div class="container-fluid">
<div class="row">
<div class="col-md-12">
<h2 class="mt-5">Update Post</h2>
<form action="<?php echo htmlspecialchars(basename($_SERVER['REQUEST_URI'])); ?>" method="post">
<div class="form-group">
<label>Title</label>
<input type="text" name="title" class="form-control <?php echo (!empty($title_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $title; ?>">
<span class="invalid-feedback"><?php echo $title_err;?></span>
</div>
<div class="form-group">
<label>Body</label>
<textarea name="body" class="form-control <?php echo (!empty($body_err)) ? 'is-invalid' : ''; ?>"><?php echo $body; ?></textarea>
<span class="invalid-feedback"><?php echo $body_err;?></span>
</div>
<input type="hidden" name="id" value="<?php echo $id; ?>"/>
<input type="submit" class="btn btn-primary" value="Submit">
<a href="index.php" class="btn btn-secondary ml-2">Cancel</a>
</form>
</div>
</div>
</div>
</div>
</body>
</html>