forked from Noor-Alina/COMP4150-Project
-
Notifications
You must be signed in to change notification settings - Fork 0
/
inspection_check.php
42 lines (34 loc) · 1.43 KB
/
inspection_check.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
<?php
// checking the request receive is a POST, if not we redirect it back to the login page.
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
header("Location: staff.php");
exit();
}
// Checking if the POST request has all inputs.
if (!isset($_POST['flat_num'], $_POST['staff_id'], $_POST['cond'], $_POST['comments'], $_POST['inspect_date'])) {
$_SESSION['error'] = 'Unset inputs.';
header("Location: staff.php");
exit();
}
// include the database file so we can make a connection to the database.
require_once 'database.php';
session_start();
// sanitize all inputs
$flat_num = $connection->real_escape_string($_POST['flat_num']);
$staff_id = $connection->real_escape_string($_POST['staff_id']);
$cond = $connection->real_escape_string($_POST['cond']);
$comments = $connection->real_escape_string($_POST['comments']);
$inspect_date = $connection->real_escape_string($_POST['inspect_date']);
// checking if the inputs are empty
if (empty($flat_num) || empty($staff_id) || empty($cond) || empty($comments) || empty($inspect_date)) {
$_SESSION['error'] = 'Missing inputs.';
header("Location: staff.php");
exit();
}
// create inspection id
$new_inspect_id = rand(0, 999999);
$result_invoice = $connection->query("INSERT INTO Flat_Inspections VALUES('$new_inspect_id', DATE '$inspect_date', '$cond','$comments', '$staff_id', '$flat_num')");
// $_SESSION['error'] = 'Missing inputs.';
header("Location: staff.php");
exit();
?>