-
Notifications
You must be signed in to change notification settings - Fork 0
/
AddNewAsset.php
139 lines (126 loc) · 4.91 KB
/
AddNewAsset.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
<?php
// Login Credentials required.
require('../includes/ProtectMB.php');
// Destroy session at time limit.
require('../includes/SessionExpire.php');
//Turn on error reporting
ini_set('display_errors', 'On');
// Import dBase Credentials.
require('../../project/g3f2Kcd57nE4s25.php');
// Connect to the database.
$mysqli = new mysqli($servername, $username, $password, $database);
// Date details for 1,000 years in the future.
$dateTime = new DateTime("NOW");
$day = $dateTime->format('d');
$month = $dateTime->format('m');
$year = $dateTime->format('Y') + 1000;
?>
<!DOCTYPE HTML>
<html>
<head>
<?php
include('../includes/HeadMB.php');
require('../includes/Sanitizer.php');
?>
</head>
<body>
<h1>MoonBuyers InterGalactic</h1>
<h2>Add New Asset</h2>
<?php // Get 'to be Owned_By' Account ID.
if(isset($_POST['AddNewAsset'])){
$idFromPostData = $_POST['AddNewAsset'];
}
?>
<div>
<h3>Data Entry</h3>
<form method="post">
<div class="form-group container">
<input class="form-control" type="text" name="Name" id="Name" placeholder="Name" required>
<input class="form-control" type="text" name="Descr" id="Descr" placeholder="Description of New Asset" required>
<input class="form-control" type="number" name="Radius" id="Radius" min="0" step="0.01" placeholder="Radius in Kilometers" required>
<input class="form-control" type="number" name="Mass" id="Mass" min="0" step="0.01" placeholder="Mass in Kilograms" required>
<input class="form-control" type="number" name="ApMag" id="ApMag" min="-30" max="30" step="0.001" placeholder="Apparent Magnitude" required>
<br>
<h5>Have You Confirmed the T.P.S. Report for Correct Ownership Information?</h5>
<select name="Owned_By">
<?php
if(!($stmt = $mysqli->prepare("SELECT id FROM Account"))) {
echo "Prepare failed: " . $stmt->errno . " " . $stmt->error;
}
if (!$stmt->execute()) {
echo "Execute failed: " . $mysqli->connect_errno . " " . $mysqli->connect_error;
}
if(!$stmt->bind_result($id)) {
echo "Bind failed: " . $mysqli->connect_errno . " " . $mysqli->connect_error;
}
while($stmt->fetch()) {
if ($id == $idFromPostData) {
echo '<option selected value=" '. $id . ' "> ' . $id . '</option>\n';
}
else {
echo '<option value=" '. $id . ' "> ' . $id . '</option>\n';
}
}
$stmt->close();
?>
</select>
<br>
<h5>Management Approval Required for Any Date Other Than <?php echo date("m-d-Y", mktime(0,0,0,$month,$day,$year)); ?></h5>
<input name="cDate" type="date" id="cDate" value="<?php echo date("Y-m-d", mktime(0,0,0,$month,$day,$year)); ?>" required>
<br><br>
<input type="submit" type="reset" value="Add Asset" name="submit" id="submit">
</div>
</form>
<br>
<button type="button" class="button" onclick="location.href = 'IndexMB.php';">Return to Main Page</button>
<br><br>
</div>
<?php
/* Form handler - Executes on 'Add Asset' submit button clicked. */
if(isset($_POST['submit'])){
/* Prepare statement for INSERT new customer's details. */
if(!($stmt = $mysqli->prepare("INSERT INTO Asset (Name, Description, Radius, Mass, ApMag, Create_Date, Owned_By)
VALUES(?,?,?,?,?,?,?)"))) {
echo "<p class=\"error\">Prepare for Asset INSERT query failed: " . $stmt->errno . " " . $stmt->error . "</p>" ;
}
// Sanitize user input.
$cleaner = new Cleaner();
$_name = $cleaner->CleanString($_POST['Name']);
$_descr = $cleaner->CleanString($_POST['Descr']);
$_radius = $cleaner->CleanDecimal($_POST['Radius']);
$_mass = $cleaner->CleanDecimal($_POST['Mass']);
$_apMag = $cleaner->CleanDecimal($_POST['ApMag']);
$_cDate = $cleaner->CleanDate($_POST['cDate']);
if (empty(trim($_POST['Owned_By']))) {
$Owned_By = $idFromPostData;
}
else {
$Owned_By = $_POST['Owned_By'];
}
/* Bind Parameters for INSERT new Asset's details. */
if(!($stmt->bind_param("ssdddsi", $_name, $_descr, $_radius, $_mass, $_apMag, $_cDate, $Owned_By))) {
echo "<p class=\"error\">Bind failed: " . $stmt->errno . " " . $stmt->error . "</p>";
}
/* Execute INSERT new Asset's details. */
if(!$stmt->execute()){
echo "<p class=\"error\">Execute failed: " . $stmt->errno . " " . $stmt->error . "</p>";
} else {
echo "<p class=\"success\">Added " . $stmt->affected_rows . " new Asset to Asset table.</p>";
}
$stmt->close();
}
?>
<!-- Decimal Places Control. -->
<script
src="https://code.jquery.com/jquery-3.6.0.slim.min.js" integrity="sha256-u7e5khyithlIdTpu22PHhENmPcRdFiHRjhAuHcs05RI=" crossorigin="anonymous">
</script>
<script>
$("#Radius, #Mass").blur(function() {
this.value = parseFloat(this.value).toFixed(2);
});
$("#ApMag").blur(function() {
this.value = parseFloat(this.value).toFixed(3);
});
</script>
</body>
</html>