evo koda:
edit.php
Code:
<?php
//------------------------------------------
//database connection
mysql_connect("localhost", "xxx", "xxx") or die(mysql_error());
mysql_select_db("xxx") or die(mysql_error());
//end database connection
//------------------------------------------
$authlvl = "3";
include("authcheck.php");
include("cstring.php");
//------------------------------------------
//echo out a navigation panel
echo "<body bgcolor='#C0C0C0'>";
echo "<center><a href='index.php'>Pregled na Kategoerii</a> | <a href='index.php?action=dodaj'>Dodaj Software</a></center>";
switch($_GET['action'])
{
case "popravi":
//if there is an ID given..
if($_GET['id'])
{
//set $id to the URL id, cast to an INT
//for security purposes
$id = (int)$_GET['id'];
//query the database
$query = mysql_query("SELECT * FROM software WHERE id = '$id'") or die (mysql_error());
//if no rows returned...
if(mysql_num_rows($query) == 0)
{
echo "That ID is not in the database!";
}
//else, show it!
else
{
//loop through the database
while($row = mysql_fetch_array($query))
{
echo "<br>
<form action='$PHP_SELF?action=popravi' method='post'>
<div align='center'>
<table border='0' cellpadding='0' cellspacing='0' width='500' style='border: 1px solid black; padding: 3px;'>
<tr>
<td colspan='2'>Software: <b>$row[naslov]</b></td>
</tr>
<tr>
<td>Sifra:</td>
<td><input type='text' name='sifra' value='$row[sifra]' disabled></td>
<tr>
<tr>
<td>Naslov:</td>
<td><input type='text' name='naslov' value='$row[naslov]'></td>
<tr>
<td>Opis:</td>
<td><textarea name='opis' cols='40' rows='5'>$row[opis]</textarea></td>
</tr>
<tr>
<td>Kategorija:</td>
<td>
<select name='kategorija'>
<option>- Izberi -</option>
";
//the categorys table and getting all the
$query = mysql_query("SELECT * FROM software_kategorija ORDER BY id ASC") or die(mysql_error());
while($row = mysql_fetch_array($query))
{
echo "<option value='$row[id]'>$row[kategorija]";
}
echo "
</select>
</td>
</tr>
<tr>
<td>CD & DVD:</td>
<td>
<select name='cd'>
<option>- Izberi -</option>
";
//so the user can select which category
$query = mysql_query("SELECT * FROM software_cd ORDER BY id ASC") or die(mysql_error());
while($row = mysql_fetch_array($query))
{
echo "<option value='$row[id]'>$row[cd]";
}
echo "
</select>
</td>
</tr>
<tr>
<td>Novo?</td>
<td><input type='checkbox' name='novo' value='1' checked></td>
</tr>
<tr>
<td colspan='2'><center><input type='submit' name='izmeni' value='Submit New Software'></center></td>
</tr>
</form>
</table>
</tr>
<tr>
<td colspan='2' style='border: 1px solid black;'><center><b>Software</b></center><br /></td>
</tr>
<tr>
";
}
}
//if set izmeni ..
if(isset($_POST['izmeni']))
{
$naslov = mysql_real_escape_string(strip_tags($_POST['naslov']));
$opis = mysql_real_escape_string(strip_tags($_POST['opis']));
$kategorija = mysql_real_escape_string(strip_tags($_POST['kategorija']));
$cd = mysql_real_escape_string(strip_tags($_POST['cd']));
$novo = mysql_real_escape_string($_POST['novo']);
$datum = date("m/d/Y");
//we begin error checking....
$error_msg = array();
if(empty($naslov))
{
$error_msg[] = "Please insert a naslov!<br />";
}
if(empty($opis))
{
$error_msg[] = "Please insert a opis!<br />";
}
if(empty($kategorija))
{
$error_msg[] = "Please select a kategorija!<br />";
}
if(empty($cd))
{
$error_msg[] = "Please select CD!<br />";
}
//print the errors, if any
if(count($error_msg)>0)
{
echo "<strong>ERROR:</strong><br>\n";
foreach($error_msg as $err)
echo "$err";
}
//everythings ok, insert it to the DB
else
{
//update the product!
$popravi2 = "UPDATE software SET naslov = '$naslov', opis = '$opis', kat_id = '$kategorija', cd_id = '$cd', novo = '$novo' WHERE id = '$id'";
mysql_query($popravi2) or die(mysql_error("Nemoze da napravi Update."));
echo "<p><b>Update-ot e uspesno napraven!</b></p>";
}
echo "
</tr>
</body>
";
}
}
}
?>
<?php
//------------------------------------------
//database connection
mysql_connect("localhost", "xxx", "xxx") or die(mysql_error());
mysql_select_db("xxx") or die(mysql_error());
//end database connection
//------------------------------------------
$authlvl = "3";
include("authcheck.php");
include("cstring.php");
//------------------------------------------
//echo out a navigation panel
echo "<body bgcolor='#C0C0C0'>";
echo "<center><a href='index.php'>Pregled na Kategoerii</a> | <a href='index.php?action=dodaj'>Dodaj Software</a></center>";
switch($_GET['action'])
{
case "popravi":
//if there is an ID given..
if($_GET['id'])
{
//set $id to the URL id, cast to an INT
//for security purposes
$id = (int)$_GET['id'];
//query the database
$query = mysql_query("SELECT * FROM software WHERE id = '$id'") or die (mysql_error());
//if no rows returned...
if(mysql_num_rows($query) == 0)
{
echo "That ID is not in the database!";
}
//else, show it!
else
{
//loop through the database
while($row = mysql_fetch_array($query))
{
echo "<br>
<form action='$PHP_SELF?action=popravi' method='post'>
<div align='center'>
<table border='0' cellpadding='0' cellspacing='0' width='500' style='border: 1px solid black; padding: 3px;'>
<tr>
<td colspan='2'>Software: <b>$row[naslov]</b></td>
</tr>
<tr>
<td>Sifra:</td>
<td><input type='text' name='sifra' value='$row[sifra]' disabled></td>
<tr>
<tr>
<td>Naslov:</td>
<td><input type='text' name='naslov' value='$row[naslov]'></td>
<tr>
<td>Opis:</td>
<td><textarea name='opis' cols='40' rows='5'>$row[opis]</textarea></td>
</tr>
<tr>
<td>Kategorija:</td>
<td>
<select name='kategorija'>
<option>- Izberi -</option>
";
//the categorys table and getting all the
$query = mysql_query("SELECT * FROM software_kategorija ORDER BY id ASC") or die(mysql_error());
while($row = mysql_fetch_array($query))
{
echo "<option value='$row[id]'>$row[kategorija]";
}
echo "
</select>
</td>
</tr>
<tr>
<td>CD & DVD:</td>
<td>
<select name='cd'>
<option>- Izberi -</option>
";
//so the user can select which category
$query = mysql_query("SELECT * FROM software_cd ORDER BY id ASC") or die(mysql_error());
while($row = mysql_fetch_array($query))
{
echo "<option value='$row[id]'>$row[cd]";
}
echo "
</select>
</td>
</tr>
<tr>
<td>Novo?</td>
<td><input type='checkbox' name='novo' value='1' checked></td>
</tr>
<tr>
<td colspan='2'><center><input type='submit' name='izmeni' value='Submit New Software'></center></td>
</tr>
</form>
</table>
</tr>
<tr>
<td colspan='2' style='border: 1px solid black;'><center><b>Software</b></center><br /></td>
</tr>
<tr>
";
}
}
//if set izmeni ..
if(isset($_POST['izmeni']))
{
$naslov = mysql_real_escape_string(strip_tags($_POST['naslov']));
$opis = mysql_real_escape_string(strip_tags($_POST['opis']));
$kategorija = mysql_real_escape_string(strip_tags($_POST['kategorija']));
$cd = mysql_real_escape_string(strip_tags($_POST['cd']));
$novo = mysql_real_escape_string($_POST['novo']);
$datum = date("m/d/Y");
//we begin error checking....
$error_msg = array();
if(empty($naslov))
{
$error_msg[] = "Please insert a naslov!<br />";
}
if(empty($opis))
{
$error_msg[] = "Please insert a opis!<br />";
}
if(empty($kategorija))
{
$error_msg[] = "Please select a kategorija!<br />";
}
if(empty($cd))
{
$error_msg[] = "Please select CD!<br />";
}
//print the errors, if any
if(count($error_msg)>0)
{
echo "<strong>ERROR:</strong><br>\n";
foreach($error_msg as $err)
echo "$err";
}
//everythings ok, insert it to the DB
else
{
//update the product!
$popravi2 = "UPDATE software SET naslov = '$naslov', opis = '$opis', kat_id = '$kategorija', cd_id = '$cd', novo = '$novo' WHERE id = '$id'";
mysql_query($popravi2) or die(mysql_error("Nemoze da napravi Update."));
echo "<p><b>Update-ot e uspesno napraven!</b></p>";
}
echo "
</tr>
</body>
";
}
}
}
?>