Expand|Select|Wrap|Line Numbers
- <?php require_once('Connections/try1.php'); ?> <?php
- if (!function_exists("GetSQLValueString")) {
- function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
- {
- if (PHP_VERSION < 6) {
- $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
- }
- $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
- switch ($theType) {
- case "text":
- $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
- break;
- case "long":
- case "int":
- $theValue = ($theValue != "") ? intval($theValue) : "NULL";
- break;
- case "double":
- $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
- break;
- case "date":
- $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
- break;
- case "defined":
- $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
- break;
- }
- return $theValue;
- }
- }
- $editFormAction = $_SERVER['PHP_SELF'];
- if (isset($_SERVER['QUERY_STRING'])) {
- $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
- }
- if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form")) {
- $insertSQL = sprintf("INSERT INTO borrowitem (booking_ID, item, borrower_name, borrower_ID, deptCollege, borrower_phone, borrower_email, borrower_dateuse, borrower_timeuse, purposeuse, locationuse) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
- GetSQLValueString($_POST['book'], "int"),
- GetSQLValueString($_POST['Item'], "text"),
- GetSQLValueString($_POST['name'], "text"),
- GetSQLValueString($_POST['id'], "text"),
- GetSQLValueString($_POST['co'], "text"),
- GetSQLValueString($_POST['phonenum'], "text"),
- GetSQLValueString($_POST['useremail'], "text"),
- GetSQLValueString($_POST['startdate1'], "date"),
- GetSQLValueString($_POST['stime'], "date"),
- GetSQLValueString($_POST['purposeuse'], "text"),
- GetSQLValueString($_POST['locationuse'], "text"));
- mysql_select_db($database_try1, $try1);
- $Result1 = mysql_query($insertSQL, $try1) or die(mysql_error());
- $insertGoTo = "display.php";
- if (isset($_SERVER['QUERY_STRING'])) {
- $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
- $insertGoTo .= $_SERVER['QUERY_STRING'];
- }
- header(sprintf("Location: %s", $insertGoTo));
- }
- mysql_select_db($database_try1, $try1);
- $query_display = "SELECT * FROM borrowitem ORDER BY booking_ID ASC";
- $display = mysql_query($query_display, $try1) or die(mysql_error());
- $row_display = mysql_fetch_assoc($display);
- $totalRows_display = mysql_num_rows($display);
- ?> <?php include("try1.php") ?> <html> <head> <title>menu</title> </head> <body bgcolor="#F4FA58"> <form action="<?php echo $editFormAction; ?>" name="form" method="POST"> <table border="1" width="489" align="center"> <tr> <td width="182"><table border="1" width="489" align="center"> <tr> <td width="203" align="left"><font color="#0000FF">Booking ID: </font></td> <td width="270"><input type="text" name="book" size="20"></td> <tr> <td width="203" align="left"><font color="#0000FF">Staff ID / Student ID: </font></td> <td width="270"><input type="text" name="id"; size="20"></td> </tr> <tr> <td width="203" align="left"><font color="#0000FF">Name</font></td> <td width="270"><input type="text" name="name" size="40"></td> </tr> <tr> <td width="203" align="left"><font color="#0000FF">Course/College :</font></td> <td width="270"><input type="text" name="co" size="40"></td> </tr> <tr> <td><font color="#0000FF">Choose your Item : </font></td> <td><select name="Item"> <option value="LCDprojector">LCD_Projector</option> <option value="Screen">Screen</option> <option value="Screen&LCDProjector">Screen &LCD Projector</option> </select></td> </tr> <tr> <td width="203" align="left"><font color="#0000FF">Date Use : </font></td> <td width="270"><input name="startdate1" type="date" value="<?php if(isset($_POST['startdate1'])){ echo $_POST['startdate1']; }?>" /></td> </tr> <tr> <td width="203" align="left"><font color="#0000FF">Time Use : </font></td> <td width="270"><input type="time" name="stime"; size="10"> </td> </tr> <tr> <td width="203" align="left"><font color="#0000FF">Purpose : </font></td> <td width="270"><input type="text" name="purposeuse"; size="45"></td> </tr> <tr> <td width="203" align="left"><font color="#0000FF">Location : </font></td> <td width="270"><input type="text" name="locationuse"; size="45"></td> </tr> <tr> <td width="203" align="left"><font color="#0000FF">Phone Number : </font></td> <td width="270"><input type="text" name="phonenum"; size="45"></td> </tr> <tr> <td width="203" align="left"><font color="#0000FF">Email : </font></td> <td width="270"><input type="text" name="useremail"; size="45"></td> </tr> </table></td> </tr> </table> <p align="center"><input type="submit" value="Submit"> <input type="reset" value="Reset"> <input type="hidden" name="MM_insert" value="form"> </form> </body> </html> <?php
- mysql_free_result($display);
- ?>