--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/fhiiqm/partner_upd.php Wed Aug 31 14:22:19 2011 +0200
@@ -0,0 +1,174 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+
+<head>
+ <meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
+ <link href="css/db.css" rel="STYLESHEET" type="TEXT/CSS" />
+
+ <title>Aktualisieren Partnerdaten</title>
+</head>
+
+<body>
+ <div class="float-r"><img src="img/group_gear.png" border="0" alt="Partnerdaten bearbeiten" title="Partnerdaten bearbeiten"/></div>
+
+<?php
+
+/**
+ * @author Bettina Schwarzer, Fritz-Haber-Institut
+ * @copyright 08/2011
+ *
+ * UPDATE/DELETE Partnerdaten
+ */
+
+ error_reporting(E_ALL ^ E_NOTICE);
+
+ include_once($_SERVER['DOCUMENT_ROOT'] ."/fhiiqm/inc/dbconnect.inc.php");
+ $dbc = new dbconnection();
+
+ $pid = $_GET["uid"];
+ if (!$rid) $rid=1;
+ $ok = $_POST["ok"];
+ $upd = $_POST["upd"];
+ $del = $_POST["del"];
+ $part = $_POST["part"];
+ if (!$part['okn']) $ok=false;
+
+// print_r($raum);
+// echo "<br><br>\n";
+// echo "Vertragsbezeichnung: " . $raum['cname'] ."<br><br>\n";
+
+ if ((!$ok && !$upd && !$del) || (!$ok && ($upd || $del)))
+ {
+ if (!$upd && !$del)
+ {
+ $sql = "SELECT part_ID,part_firma,part_nachname,part_vorname,part_titel,part_anrede,part_strasse,
+ part_ort,part_plz,part_tel,part_fax,part_mobil,part_email,part_bemerkung
+ FROM fhiiqm.Partner WHERE part_ID=$pid";
+ if ($result = $dbc ->queryObjectArray($sql))
+ {
+ foreach ($result as $row)
+ {
+ $part['firma'] = $row->part_firma;
+ $part['str'] = $row->part_strasse;
+ $part['ort'] = $row->part_ort;
+ $part['plz'] = $row->part_plz;
+ $part['nname'] = $row->part_nachname;
+ $part['vname'] = $row->part_vorname;
+ $part['titel'] = $row->part_titel;
+ $part['anr'] = $row->part_anrede;
+ $part['tel'] = $row->part_tel;
+ $part['motel'] = $row->part_mobil;
+ $part['fax'] = $row->part_fax;
+ $part['email'] = $row->part_email;
+ $part['bem'] = $row->part_bemerkung;
+ }
+ }
+ }
+ include ("form/partner_form.inc.php");
+
+ if ($upd || $del)
+ {
+ if ($upd)
+ $frage = "Alle Angaben ok?";
+ elseif ($del)
+ $frage = "Partner wirklich löschen?";
+ echo "<tr>
+ <td class=\"red\" valign=\"top\" align=\"left\">$frage</td>
+ <td><input type=\"checkbox\" name=\"ok\" value=\"1\"";
+ if ($ok) echo "checked";
+ echo "></td>\n</tr>\n";
+ }
+
+ echo "<tr>\n";
+ echo "
+ <td> </td>
+ <td><input class=\"button\" type=\"submit\" value=\"ändern\" name=\"upd\" title=\"update\" />
+ <input class=\"button\" type=\"submit\" value=\"löschen\" name=\"del\" title=\"delete\" /></td>\n";
+ echo "</tr>\n";
+ echo "</table>\n";
+ echo "</div>\n";
+ echo "</form>\n";
+
+ }
+ elseif ($ok && $del)
+ {
+ echo "<div align='center'>\n";
+ //daten loeschen
+
+ $sql = "DELETE FROM Partner WHERE part_ID=pid";
+ $retd = $dbc -> execute($sql);
+ if ($retd)
+ {
+ echo "<p class='green'><b>Partner '" . $part['firma'] . "' wurde gelöscht!</b></p>";
+ include ($_SERVER["DOCUMENT_ROOT"] ."/fhiiqm/inc/partner_show.inc.php");
+ }
+ }
+ elseif ($ok && $upd)
+ {
+ echo "<div align='center'>\n";
+ //daten speichern
+ $part["firma"] = substr($part["firma"],0,50);
+ $part["nname"] = substr($part["nname"],0,30);
+ $part["vname"] = substr($part["vname"],0,30);
+ if ($part['anr']== -1) $part['anr']=null;
+ $part["titel"] = substr($part["titel"],0,10);
+ $part["tel"] = substr($part["tel"],0,20);
+ $part["mobil"] = substr($part["motel"],0,20);
+ $part["fax"] = substr($part["fax"],0,20);
+ $part["email"] = substr($part["email"],0,20);
+ $part["ort"] = substr($part["ort"],0,50);
+ $part["str"] = substr($part["str"],0,50);
+ $part["plz"] = substr($part["plz"],0,10);
+ $part["bem"] = substr($part["bem"],0,500);
+ foreach ($part as $key=>$value)
+ {
+ if (is_null($value) || $value < "!") $part["$key"] = null;
+ }
+
+ // vermeiden von SQL-Injection
+ $stmt = $dbc -> stmtinit();
+ if (is_object($stmt))
+ {
+ $stmt -> prepare("UPDATE fhiiqm.Partner SET
+ part_firma = ?,
+ part_nachname = ?,
+ part_vorname = ?,
+ part_titel = ?,
+ part_anrede = ?,
+ part_strasse = ?,
+ part_ort = ?,
+ part_plz = ?,
+ part_tel = ?,
+ part_fax = ?,
+ part_mobil = ?,
+ part_email = ?,
+ part_bemerkung = ?
+ WHERE part_ID = $pid");
+ $stmt -> bind_param('sssssssssssss',$part["firma"],$part["nname"],$part["vname"],$part["titel"],$part['anr'],
+ $part["str"],$part["ort"],$part["plz"],$part["tel"],$part["fax"],$part["motel"],$part["email"],$part["bem"]);
+ $result = $stmt -> execute();
+ if ($dbc->error) echo "error: " . $dbc->error . "<br><br>\n";
+ if ($result)
+ {
+ // UPDATE o.k.
+ echo "<p class='green'><b>Partnerdaten zu ID '$pid' wurden erfolgreich gespeichert.</b></p>\n";
+ echo "<br /><br />\n";
+
+ // Anzeigen gespeicherte Partnerdaten
+ include ("inc/partner_dat_show.inc.php");
+ }
+ else
+ echo "<p class='red'>Ändern der Partnerdaten ist fehlgeschlagen!</p>\n";
+ }
+ }
+ if ($ok && ($upd || $del))
+ {
+ echo "</div><br /><br />\n";
+ echo "<p> <a href=\"partner_flist.php\" target=\"_self\" title=\"Raumliste\">Zurück zur Partnerliste</a></p>\n";
+ echo "<p> <a href=\"partner_ins.php\" target=\"_self\" title=\"Partner erfassen\">Weiteren Partner erfassen</a></p>\n";
+ }
+
+?>
+
+</body>
+</html>
\ No newline at end of file