|
1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
|
2 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> |
|
3 |
|
4 <head> |
|
5 <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" /> |
|
6 <link href="css/db.css" rel="STYLESHEET" type="TEXT/CSS" /> |
|
7 |
|
8 <title>Aktualisieren Partnerdaten</title> |
|
9 </head> |
|
10 |
|
11 <body> |
|
12 <div class="float-r"><img src="img/group_gear.png" border="0" alt="Partnerdaten bearbeiten" title="Partnerdaten bearbeiten"/></div> |
|
13 |
|
14 <?php |
|
15 |
|
16 /** |
|
17 * @author Bettina Schwarzer, Fritz-Haber-Institut |
|
18 * @copyright 08/2011 |
|
19 * |
|
20 * UPDATE/DELETE Partnerdaten |
|
21 */ |
|
22 |
|
23 error_reporting(E_ALL ^ E_NOTICE); |
|
24 |
|
25 include_once($_SERVER['DOCUMENT_ROOT'] ."/fhiiqm/inc/dbconnect.inc.php"); |
|
26 $dbc = new dbconnection(); |
|
27 |
|
28 $pid = $_GET["uid"]; |
|
29 if (!$rid) $rid=1; |
|
30 $ok = $_POST["ok"]; |
|
31 $upd = $_POST["upd"]; |
|
32 $del = $_POST["del"]; |
|
33 $part = $_POST["part"]; |
|
34 if (!$part['okn']) $ok=false; |
|
35 |
|
36 // print_r($raum); |
|
37 // echo "<br><br>\n"; |
|
38 // echo "Vertragsbezeichnung: " . $raum['cname'] ."<br><br>\n"; |
|
39 |
|
40 if ((!$ok && !$upd && !$del) || (!$ok && ($upd || $del))) |
|
41 { |
|
42 if (!$upd && !$del) |
|
43 { |
|
44 $sql = "SELECT part_ID,part_firma,part_nachname,part_vorname,part_titel,part_anrede,part_strasse, |
|
45 part_ort,part_plz,part_tel,part_fax,part_mobil,part_email,part_bemerkung |
|
46 FROM fhiiqm.Partner WHERE part_ID=$pid"; |
|
47 if ($result = $dbc ->queryObjectArray($sql)) |
|
48 { |
|
49 foreach ($result as $row) |
|
50 { |
|
51 $part['firma'] = $row->part_firma; |
|
52 $part['str'] = $row->part_strasse; |
|
53 $part['ort'] = $row->part_ort; |
|
54 $part['plz'] = $row->part_plz; |
|
55 $part['nname'] = $row->part_nachname; |
|
56 $part['vname'] = $row->part_vorname; |
|
57 $part['titel'] = $row->part_titel; |
|
58 $part['anr'] = $row->part_anrede; |
|
59 $part['tel'] = $row->part_tel; |
|
60 $part['motel'] = $row->part_mobil; |
|
61 $part['fax'] = $row->part_fax; |
|
62 $part['email'] = $row->part_email; |
|
63 $part['bem'] = $row->part_bemerkung; |
|
64 } |
|
65 } |
|
66 } |
|
67 include ("form/partner_form.inc.php"); |
|
68 |
|
69 if ($upd || $del) |
|
70 { |
|
71 if ($upd) |
|
72 $frage = "Alle Angaben ok?"; |
|
73 elseif ($del) |
|
74 $frage = "Partner wirklich löschen?"; |
|
75 echo "<tr> |
|
76 <td class=\"red\" valign=\"top\" align=\"left\">$frage</td> |
|
77 <td><input type=\"checkbox\" name=\"ok\" value=\"1\""; |
|
78 if ($ok) echo "checked"; |
|
79 echo "></td>\n</tr>\n"; |
|
80 } |
|
81 |
|
82 echo "<tr>\n"; |
|
83 echo " |
|
84 <td> </td> |
|
85 <td><input class=\"button\" type=\"submit\" value=\"ändern\" name=\"upd\" title=\"update\" /> |
|
86 <input class=\"button\" type=\"submit\" value=\"löschen\" name=\"del\" title=\"delete\" /></td>\n"; |
|
87 echo "</tr>\n"; |
|
88 echo "</table>\n"; |
|
89 echo "</div>\n"; |
|
90 echo "</form>\n"; |
|
91 |
|
92 } |
|
93 elseif ($ok && $del) |
|
94 { |
|
95 echo "<div align='center'>\n"; |
|
96 //daten loeschen |
|
97 |
|
98 $sql = "DELETE FROM Partner WHERE part_ID=pid"; |
|
99 $retd = $dbc -> execute($sql); |
|
100 if ($retd) |
|
101 { |
|
102 echo "<p class='green'><b>Partner '" . $part['firma'] . "' wurde gelöscht!</b></p>"; |
|
103 include ($_SERVER["DOCUMENT_ROOT"] ."/fhiiqm/inc/partner_show.inc.php"); |
|
104 } |
|
105 } |
|
106 elseif ($ok && $upd) |
|
107 { |
|
108 echo "<div align='center'>\n"; |
|
109 //daten speichern |
|
110 $part["firma"] = substr($part["firma"],0,50); |
|
111 $part["nname"] = substr($part["nname"],0,30); |
|
112 $part["vname"] = substr($part["vname"],0,30); |
|
113 if ($part['anr']== -1) $part['anr']=null; |
|
114 $part["titel"] = substr($part["titel"],0,10); |
|
115 $part["tel"] = substr($part["tel"],0,20); |
|
116 $part["mobil"] = substr($part["motel"],0,20); |
|
117 $part["fax"] = substr($part["fax"],0,20); |
|
118 $part["email"] = substr($part["email"],0,20); |
|
119 $part["ort"] = substr($part["ort"],0,50); |
|
120 $part["str"] = substr($part["str"],0,50); |
|
121 $part["plz"] = substr($part["plz"],0,10); |
|
122 $part["bem"] = substr($part["bem"],0,500); |
|
123 foreach ($part as $key=>$value) |
|
124 { |
|
125 if (is_null($value) || $value < "!") $part["$key"] = null; |
|
126 } |
|
127 |
|
128 // vermeiden von SQL-Injection |
|
129 $stmt = $dbc -> stmtinit(); |
|
130 if (is_object($stmt)) |
|
131 { |
|
132 $stmt -> prepare("UPDATE fhiiqm.Partner SET |
|
133 part_firma = ?, |
|
134 part_nachname = ?, |
|
135 part_vorname = ?, |
|
136 part_titel = ?, |
|
137 part_anrede = ?, |
|
138 part_strasse = ?, |
|
139 part_ort = ?, |
|
140 part_plz = ?, |
|
141 part_tel = ?, |
|
142 part_fax = ?, |
|
143 part_mobil = ?, |
|
144 part_email = ?, |
|
145 part_bemerkung = ? |
|
146 WHERE part_ID = $pid"); |
|
147 $stmt -> bind_param('sssssssssssss',$part["firma"],$part["nname"],$part["vname"],$part["titel"],$part['anr'], |
|
148 $part["str"],$part["ort"],$part["plz"],$part["tel"],$part["fax"],$part["motel"],$part["email"],$part["bem"]); |
|
149 $result = $stmt -> execute(); |
|
150 if ($dbc->error) echo "error: " . $dbc->error . "<br><br>\n"; |
|
151 if ($result) |
|
152 { |
|
153 // UPDATE o.k. |
|
154 echo "<p class='green'><b>Partnerdaten zu ID '$pid' wurden erfolgreich gespeichert.</b></p>\n"; |
|
155 echo "<br /><br />\n"; |
|
156 |
|
157 // Anzeigen gespeicherte Partnerdaten |
|
158 include ("inc/partner_dat_show.inc.php"); |
|
159 } |
|
160 else |
|
161 echo "<p class='red'>Ändern der Partnerdaten ist fehlgeschlagen!</p>\n"; |
|
162 } |
|
163 } |
|
164 if ($ok && ($upd || $del)) |
|
165 { |
|
166 echo "</div><br /><br />\n"; |
|
167 echo "<p> <a href=\"partner_flist.php\" target=\"_self\" title=\"Raumliste\">Zurück zur Partnerliste</a></p>\n"; |
|
168 echo "<p> <a href=\"partner_ins.php\" target=\"_self\" title=\"Partner erfassen\">Weiteren Partner erfassen</a></p>\n"; |
|
169 } |
|
170 |
|
171 ?> |
|
172 |
|
173 </body> |
|
174 </html> |