flight_booking-app/edit_data.php at main · lexiscode/flight_booking-app · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
<?php

require "includes/db_connect.php";
require "includes/get_customer_data_id.php";

// connect to the database server
$conn = connectDB();

// READING or RETRIEVING from the database to get specific article post by their ids
if (isset($_GET['id'])){

    // checks if the article's id exits in the database, then returns an associative array, which stores in $article variable
    $data = getCustomerData($conn, $_GET['id']); // associative array

    if ($data){
        // Get array values from its keys, which then is stored as values in the HTML form below
        $customer_name = $data['customer_name'];
        $email = $data['email'];
        $phone_no = $data['phone_no'];
        $crew = $data['crew'];
        $location_to = $data['location_to'];
        $booking_time = $data['booking_time'];
        $booking_date = $data['booking_date'];
        $airline = $data['airline'];
        $fare = $data['fare'];
        $seat = $data['seat'];
        $customer_message = $data['customer_message'];
    } else {
        // if a non-existing id number is in the link
        die("Invalid ID. No data found");
    }

} else {
    // if no id is in the link
    die("ID not supplied. No data found");
}


// REPEAT VALIDATION, no need declaring of variables anymore
if ($_SERVER["REQUEST_METHOD"] == "POST"){

    if (isset($_POST['save'])){

        $id = $data['id']; // get id for which we wish to edit from
        $customer_name = trim(htmlspecialchars($_POST['name']));
        $booking_date = trim($_POST['date']);
        $booking_time = trim($_POST['time']);
        $location_to = trim($_POST['to']);
        $customer_message = trim(htmlspecialchars($_POST['message']));
        $phone_no = trim(htmlspecialchars($_POST['phone_no']));
        $email = trim(htmlspecialchars($_POST['email']));
        $seat = trim($_POST['seat']);
        $airline = trim($_POST['airline']);
        $fare = trim($_POST['fare']);
        $crew = trim($_POST['crew']);


        if (!empty($customer_name) && !empty($booking_date) && !empty($booking_time) && !empty($location_to)  && !empty($customer_message)  && !empty($email)  && !empty($seat)
            && !empty($airline) && !empty($fare) && !empty($crew)){

            // makes the message field "null" if not filled
            if ($customer_message == ''){
                $customer_message = null;
            }


            // connect to the database server
            $conn = connectDB();

            // update the data into the database server
            $sql = "UPDATE passengers_record
                    SET customer_name = ?, email = ?, phone_no = ?, crew = ?, location_to = ?, booking_time = ?, booking_date = ?, airline = ?, fare = ?, seat = ?, customer_message = ?
                    WHERE id = ?";

            // Prepares an SQL statement for execution
            $stmt = mysqli_prepare($conn, $sql);

            if ($stmt === false){
                echo mysqli_error($conn);
            } else {

                // Bind variables for the parameter markers in the SQL statement prepared
                // $id parameter must be included here at the end of the statement
                mysqli_stmt_bind_param($stmt, "sssssssssssi", $customer_name, $email, $phone_no, $crew, $location_to, $booking_time, $booking_date, $airline, $fare, $seat, $customer_message, $id);

                // Executes a prepared statement
                $results = mysqli_stmt_execute($stmt);

                // checking for errors, if none, then redirect the user to the new article page
                if ($results === false){
                    echo mysqli_stmt_error($stmt);
                } else {

                    //Returns the value generated for an AUTO_INCREMENT column by the last query
                    $id = mysqli_insert_id($conn);

                    // it is more advisable to use absolute paths below than relative path
                    header("Location: http://localhost/flight_booking-app/admin_page.php?id=$id");
                    exit;
                }
            }


        }
    }
}

?>

<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Flight Booking</title>
    <link rel="stylesheet" href="stylings/style.css"/>
</head>
<body>
    <h1 align="center" id="h1"><a href="http://localhost/flight_booking-app/index.php" style="color:white; text-decoration: none">Airline Booking Form</a></h1>
    <div class="container">
        <h2 align="center">Update Customer's Data</h2>

        <form action="" method="POST">
            <!-- HTML form which is specially for holding old data values by getting them from the database -->
            <?php require "./includes/the_form_retrieve.php"; ?>
            <br><br>

            <div align="center">
                <button id="update_submit" type="submit" name="save">UPDATE NOW!</button>
                <input id="update_clear" type="reset" value="Clear Form">
            </div>
        </form>
    </div>

</body>
</html>