ProjetCirPHP/modifier.php at master · JeresB/ProjetCirPHP · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
<?php
  include 'loginBDD.php';
  include 'header.php';
  $old_nom = $_POST["nom"];
  $old_prenom = $_POST["prenom"];

  echo "<div class='container'>
        <div class='page-header'>
          <h1>Modifer l'étudiant : ".$old_nom." ".$old_prenom." <small> Back office</small></h1>
        </div>";
        $query = $pdo->prepare("SELECT * FROM etudiant WHERE `nom` = '".$_POST['nom']."' AND `prenom` = '".$_POST['prenom']."'");
        $query->execute();
        $row = $query->fetch();
        $query_section = $pdo->prepare("SELECT * FROM section");
        $query_section->execute();

  echo '<form class="form-horizontal" method="post" action="modifier.php">
          <div class="form-group">
            <label class="control-label col-sm-2" for="nouveau_nom">Nom:</label>
              <div class="col-sm-10">
              <input type="text" class="form-control" name = "nouveau_nom" id="nouveau_nom" value="'.$row['nom'].'" >
              </div>
          </div>
          <input type="hidden" class="form-control" name = "nom" id="nouveau_nom" value="'.$row['nom'].'" >
          <div class="form-group">
            <label class="control-label col-sm-2" for="nouveau_nom">prenom:</label>
              <div class="col-sm-10">
              <input type="text" class="form-control" name = "nouveau_prenom" id="nouveau_nom" value="'.$row['prenom'].'" >
              </div>
          </div>
          <input type="hidden" class="form-control" name = "prenom" id="nouveau_nom" value="'.$row['prenom'].'" >
          <div class="form-group">
            <label class="control-label col-sm-2" for="nouveau_nom">Mail:</label>
              <div class="col-sm-10">
              <input type="text" class="form-control" name = "nouveau_mail" id="nouveau_nom" value="'.$row['mail'].'" >
              </div>
          </div>
          <input type="hidden" class="form-control" name = "mail" id="nouveau_nom" value="'.$row['mail'].'" >
          <div class="form-group">
            <label class="control-label col-sm-2" for="nouveau_nom">Date de naissance:</label>
              <div class="col-sm-10">
              <input type="text" class="form-control" name = "nouveau_date" id="nouveau_nom" value="'.$row["date_naissance"].'" >
              </div>
          </div>
          <input type="hidden" class="form-control" name = "date" id="nouveau_nom" value="'.$row["date_naissance"].'" >
          <div class="form-group">
            <label class="control-label col-sm-2" for="section">Section :</label>
              <div class="col-sm-10">
                <select class="form-control selectpicker" name = "nouveau_section" id = "section" required>';
                  for ($i=0; $row_section = $query_section->fetch() ; $i++) {
                    echo '<option>'.$row_section["section"].'</option>';
                  }
                echo '</select>
              </div>
          </div>
          <input type="hidden" name="section" value='.$row_section.' />
          <input type="submit"/>
        </form>';
            $nom = htmlspecialchars($_POST["nouveau_nom"]);
            $prenom = htmlspecialchars($_POST["nouveau_prenom"]);
            $mail = htmlspecialchars($_POST["nouveau_mail"]);
            $date = htmlspecialchars($_POST["nouveau_date"]);
            $section = htmlspecialchars($_POST["nouveau_section"]);

    if (isset($_POST["nouveau_nom"]) AND $_POST["nouveau_nom"] != $row['nom']) {
      $query = $pdo->prepare("UPDATE  `etudiant` SET  `nom` =  '".$nom."' WHERE  `mail` =  '".$row["mail"]."'");
      $query->execute();
      echo '<script type="text/javascript">
              alert ("Nom modifié !");
            </script>';
    }
    if (isset($_POST["nouveau_prenom"]) AND $_POST["nouveau_prenom"] != $row['prenom']) {
      $query = $pdo->prepare("UPDATE etudiant SET prenom =  '".$prenom."' WHERE mail =  '".$row["mail"]."'");
      $query->execute();
      echo '<script type="text/javascript">
              alert ("Prenom modifié !");
            </script>';
    }
    if (isset($_POST["nouveau_mail"]) AND $_POST["nouveau_mail"] != $row['mail'] ) {
      $query = $pdo->prepare("UPDATE etudiant SET mail =  '".$mail."' WHERE mail =  '".$row["mail"]."'");
      $query->execute();
      echo '<script type="text/javascript">
              alert ("Adresse mail modifiée !");
            </script>';
    }
    if (isset($_POST["nouveau_date"]) AND  $_POST["nouveau_date"] != $row["date_naissance"]) {
      $query = $pdo->prepare("UPDATE etudiant SET date_naissance =  '".$date."' WHERE mail =  '".$row["mail"]."'");
      echo '<script type="text/javascript">
              alert ("Date de naissance modifiée !");
            </script>';
    }
    if (isset($_POST["nouveau_section"])  AND $_POST["nouveau_section"] != $row_section["section"]) {
      $query = $pdo->prepare("UPDATE etudiant SET section =  '".$section."' WHERE mail =  '".$row["mail"]."'");
      $query->execute();
      echo '<script type="text/javascript">
              alert ("Section modifiée !");
            </script>';
    }


  include 'footer.php';