-
Notifications
You must be signed in to change notification settings - Fork 0
/
tenant_new.php
110 lines (100 loc) · 3.35 KB
/
tenant_new.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Nebenkostenabrechnung - Neuen Mieter anlegen</title>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta name="author" content="Felix Horn">
<meta http-equiv="language" content="de">
<link rel="stylesheet" type="text/css" href="styles.css">
</head>
<?php
include 'inc/php_functions.inc.php';
include 'inc/dbconnect.inc.php';
$result = FALSE;
if ($_POST) {
/*
* Check input */
$post_name = mysqli_real_escape_string($db, $_POST['name']);
if ( !(ctype_digit($_POST['persons'])) || !($_POST['persons'] < 11) ) {
exit('Fehler: Personen');
}
$post_entry = strtodate($_POST['entry']);
if ( ($post_entry == false) || ($post_entry == 'NULL') ) {
exit('Fehler: Einzugsdatum');
}
$post_extract = strtodate($_POST['extract']);
if ($post_extract == false) {
exit('Fehler: Auszugsdatum');
}
if ( !(ctype_digit($_POST['apartment_id'])) ) {
exit('Fehler: Wohnung');
}
/*
* Put in database */
$query = 'INSERT INTO
tenant
VALUES (\'\',\'' .
$post_name . '\',\'' .
$_POST['persons'] . '\',' .
$post_entry . ',' .
$post_extract . ',\'' .
$_POST['apartment_id'] . '\')';
$result = mysqli_real_query($db, $query);
}
/*
* Check $_GET['param'] */
if ( !(ctype_digit($_GET['param'])) ) {
exit('Error: Param');
}
$query_apartment = 'SELECT
apartment.id, apartment.name
FROM
apartment
WHERE apartment.house_id =' . $_GET['param'] . '
ORDER BY apartment.name ASC';
$result_apartment = mysqli_query($db, $query_apartment);
mysqli_close($db);
echo '<body';
if ($result) {
echo ' onload="window.opener.location.href=\'tenant.php\'; window.close();"';
}
echo '>';
?>
<div class="head">
<h1>Neuen Mieter anlegen</h1>
</div>
<div class="inhalt">
<form action="tenant_new.php?param=<?php echo $_GET['param']; ?>" method="post">
<p>
<label for="name">Name:</label>
<input type="text" name="name" class="feld" />
</p>
<p>
<label for="persons">Personen:</label>
<input type="text" name="persons" class="feld" />
</p>
<p>
<label for="entry">Einzug (TT.MM.YYYY):</label>
<input type="text" name="entry" class="feld" />
</p>
<p>
<label for="extract">Auszug (TT.MM.YYYY):</label>
<input type="text" name="extract" class="feld" />
</p>
<p>
<label for="apartment_id">Wohnung:</label>
<select name="apartment_id">
<?php
while($row_apartment = mysqli_fetch_object($result_apartment)) {
echo '<option value="' . $row_apartment->id . '">' . $row_apartment->name ."</option>\n";
}
?>
</select>
</p>
<p style="text-align: center">
<input type="submit" value="Eingeben" />
</p>
</form>
</div>
</body>
</html>