Hey! I am a newbie to php, but very interested in. I am currently on highschool and i am trying to make an appointment SQL table that could be managed, in a simple way, via browser that my sister could use. I was getting some results but then i messed up.. :(
i been smashing my head on this:
<?php
session_start();
define('ADMIN_PASS', 'password');
$mysql_server = '------';
$mysql_nome = '--------';
$mysql_password = '---------';
$mysql_database = '-----------';
$mysql_table = '----------';
$admin_password = isset($_COOKIE['admin_password']) ? $_COOKIE['admin_password'] : '';
if (empty($admin_password))
{
if (isset($_POST['admin_password']))
{
$admin_password = md5($_POST['admin_password']);
if ($admin_password == md5(ADMIN_PASS))
{
setcookie('admin_password', $admin_password);
}
}
}
$id = isset($_POST['id']) ? $_POST['id'] : '';
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : '';
$nome = isset($_POST['nome']) ? $_POST['nome'] : '';
$dia = isset($_POST['dia']) ? $_POST['dia'] : '';
$email = isset($_POST['email']) ? $_POST['email'] : '';
$estado = isset($_POST['estado']) ? $_POST['estado'] : 0;
$telefone = isset($_POST['telefone']) ? $_POST['telefone'] : '';
$hora = isset($_POST['hora']) ? $_POST['hora'] : '';
$db = mysql_connect($mysql_server, $mysql_nome, $mysql_password);
if (!$db)
{
die('Failed to connect to database server!<br>'.mysql_error());
}
mysql_select_db($mysql_database, $db) or die('Failed to select database<br>'.mysql_error());
if (!empty($action))
{
if ($action == 'delete')
{
$sql = "DELETE FROM `marcacao` WHERE `marcacao`.`id` = `id`";
mysql_query($sql, $db);
mysql_close($db);
header('Location: '.basename(__FILE__));
exit;
}
else
if ($action == 'update')
{
$sql = "UPDATE `".$mysql_table."` SET id = '$id', ";
if (!empty($_POST['password']))
{
$crypt_pass = md5($_POST['password']);
$sql = $sql . "`password` = '$crypt_pass',";
}
$sql = $sql . " `dia` = '$dia', `email` = '$email', `estado` = $estado, `telefone` = '$telefone', `hora` = '$hora', `nome` = '$nome' WHERE `id` = '$id'";
mysql_query($sql, $db);
mysql_close($db);
header('Location: '.basename(__FILE__));
exit;
}
else
if ($action == 'create')
{
$sql = "SELECT id FROM ".$mysql_table." WHERE id = '".$_POST['id']."'";
$result = mysql_query($sql, $db);
if ($data = mysql_fetch_array($result))
{
echo 'User already exists!';
exit;
}
$crypt_pass = md5($_POST['password']);
$sql = "INSERT `".$mysql_table."` (`id`, `nome`, `dia`, `hora`, `telefone`, `email`, `estado`) VALUES ('$id', '$nome', '$dia', '$hora', '$email', '$telefone', '$estado')";
mysql_query($sql, $db);
mysql_close($db);
header('Location: '.basename(__FILE__));
exit;
}
else
if ($action == 'logout')
{
session_unset();
session_destroy();
setcookie('admin_password', '', time() - 3600);
header('Location: '.basename(__FILE__));
exit;
}
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>User administrator</title>
<style type="text/css">
<!--
p
{
font-size: 13px;
font-family: Arial;
font-weight: normal;
text-decoration: none;
color: #000000;
}
th
{
font-size: 13px;
font-family: Arial;
font-weight: normal;
text-decoration: none;
background-color: #878787;
color: #FFFFFF;
text-align: left;
}
td
{
font-size: 13px;
font-family: Arial;
font-weight: normal;
text-decoration: none;
color: #000000;
}
input, select
{
font-size: 13px;
font-family: Arial;
font-weight: normal;
text-decoration: none;
color: #000000;
border:1px #000000 solid;
}
-->
</style>
</head>
<body bgcolor="#FFFFFF" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0">
<?php
if ($admin_password != md5(ADMIN_PASS))
{
echo "<center>\n";
echo "<p>User administrator login</p>\n";
echo "<form method=\"post\" action=\"" .basename(__FILE__) . "\">\n";
echo "<input type=\"password\" name=\"admin_password\" size=\"20\" />\n";
echo "<input type=\"submit\" value=\"Login\" name=\"submit\" />\n";
echo "</form>\n";
echo "</center>\n";
}
else
{
if (!empty($action))
{
if (($action == 'edit') || ($action == 'new'))
{
$nome_value = '';
$dia_value = '';
$email_value = '';
$estado_value = '';
$telefone_value = '';
$hora_value = '';
$sql = "SELECT * FROM ".$mysql_table." WHERE id = '".$id."'";
$result = mysql_query($sql, $db);
if ($data = mysql_fetch_array($result))
{
$id_value = $data['id'];
$nome_value = $data['nome'];
$dia_value = $data['dia'];
$email_value = $data['email'];
$estado_value = $data['estado'];
$telefone_value = $data['telefone'];
$hora_value = $data['hora'];
}
echo "<center>\n";
echo "<form action=\"" . basename(__FILE__) . "\" method=\"post\">\n";
echo "<table border=\"0\">\n";
if ($action == 'new')
{
echo "<input type=\"hidden\" name=\"action\" value=\"create\">\n";
}
else
{
echo "<input type=\"hidden\" name=\"action\" value=\"update\">\n";
}
echo "<input type=\"hidden\" name=\"id\" value=\"". $id_value . "\">\n";
echo "<tr><td>nome:</td>\n";
echo "<td><input type=\"text\" size=\"50\" name=\"nome\" value=\"" . $nome_value . "\"></td></tr>\n";
echo "<tr><td>dia:</td>\n";
echo "<td><input type=\"text\" size=\"50\" name=\"dia\" value=\"" . $dia_value . "\"></td></tr>\n";
echo "<tr><td>Email:</td>\n";
echo "<td><input type=\"text\" size=\"50\" name=\"email\" value=\"" . $email_value . "\"></td></tr>\n";
echo "<tr><td>campo1</td>\n";
echo "<td style=\"text-align:left\"><input type=\"text\" size=\"50\" name=\"telefone\" value=\"" . $telefone_value . "\"></td></tr>\n";
echo "<tr><td>campo2</td>\n";
echo "<td style=\"text-align:left\"><input type=\"text\" size=\"50\" name=\"hora\" value=\"" . $hora_value . "\"></td></tr>\n";
echo "<tr><td>estado:</td>\n";
echo "<td style=\"text-align:left\"><select name=\"estado\" size=\"1\"><option " . ($estado_value == "0" ? "selected " : "") . "value=\"0\">Pendente</option><option " . ($estado_value != "0" ? "selected " : "") . "value=\"1\">Confirmado</option></select></td></tr>\n";
echo "<tr><td> </td><td style=\"text-align:left\"><input type=\"submit\" name=\"cmdSubmit\" value=\"Save\">";
echo " ";
echo "<input type=\"reset\" name=\"cmdReset\" value=\"Reset\"> ";
echo "<input type=\"button\" name=\"cmdBack\" value=\"Back\" onclick=\"location.href='" . basename(__FILE__) . "'\"></td></tr>\n";
echo "</table>\n";
echo "</form>\n";
echo "</center>\n";
}
}
else
{
echo "<table width=\"100%\" cellspacing=\"0\" cellpadding=\"2\">\n";
echo "<tr><th>ID</th>\n";
echo "<th>Nome</th>\n";
echo "<th>Dia</th>\n";
echo "<th>Hora</th>\n";
echo "<th>Telefone</th>\n";
echo "<th>Email</th>\n";
echo "<th>Estado</th>\n";
echo "<th>Opcoes</th></tr>\n";
$sql = "SELECT * FROM ".$mysql_table." ORDER BY nome ASC";
$result = mysql_query($sql, $db);
while ($data = mysql_fetch_array($result))
{
echo "<tr>\n";
echo "<td>" . $data['id'] . "</td>\n";
echo "<td>" . $data['nome'] . "</td>\n";
echo "<td>" . $data['dia'] . "</td>\n";
echo "<td>" . $data['hora'] . "</td>\n";
echo "<td>" . $data['telefone'] . "</td>\n";
echo "<td>" . $data['email'] . "</td>\n";
echo "<td>" . ($data['estado'] == "0" ? "Pendente" : "Confirmado") . "</td>\n";
echo "<td>\n";
echo " <a href=\"" . basename(__FILE__) . "?action=edit&id=" . $data['id'] . "\">Editar</a> | \n";
echo " <a href=\"" . basename(__FILE__) . "?action=delete&id=" . $data['id'] . "\">Apagar</a>\n";
echo "</td>\n";
echo "</tr>\n";
}
echo "</table>\n";
echo "<p><a href=\"" . basename(__FILE__) . "?action=new\">Agendar Marcacao</a> <a href=\"" . basename(__FILE__) . "?action=logout\">Logout</a></p>\n";
}
}
?>
</body>
</html>
been around this for a couple of weeks. Can anyone PLZ help me?