Databases Reference
In-Depth Information
echo "\n</td>\n</tr>\n</table>\n<br />";
?>
Example A-4. edit.php
<?php
// edit.php: Show the user the available gifts and the gifts in
// their shopping list
// Include database parameters and related functions
require_once("db.php");
// Check if the user is logged in
// (this also starts the session)
logincheck();
// Check that the user is Jack or Jill (username is 'jack' or
// 'jill'); other users are not allowed to edit the gifts.
if($_SESSION['username']!="jack" && $_SESSION['username']!="jill")
{
$message = "You are not authorized to edit the gift details. Please ".
"select gift suggestions from the list to add to your shopping list!";
header("Location: list.php?message=".urlencode($message));
exit;
}
// Connect to the MySQL DBMS and use the wedding database - credentials are
// in the file db.php
if(!($connection= @ mysqli_connect(
$DB_hostname, $DB_username, $DB_password, $DB_databasename)))
showerror($connection);
// See if we've arrived here after clicking the delete link
if(count($_GET) && (clean($_GET['action'], 10)=='delete'))
{
// Yes; compose a query to delete the specified gift from the
// gifts table
$query = "DELETE FROM gifts WHERE gift_id=".clean($_GET['gift_id'], 10);
// Run the query through the connection
if (($result = @ mysqli_query($connection, $query))==FALSE)
showerror($connection);
}
// See if we've arrived here after clicking the update button; if
// so, update the gift details.
elseif(isset($_POST['update']))
{
// Define an SQL query to list the gift IDs in the database
$query = "SELECT gift_id FROM gifts";
// Run the query through the connection
if (($result = @ mysqli_query($connection, $query))==FALSE)
showerror($connection);
// Process the submitted data for each gift ID in the database
while($row = @ mysqli_fetch_array($result))
