foreach($_POST AS $key => $value) { $_POST[$key] = mysqli_real_escape_string($link, $value); } $sql = "UPDATE `$default_table_name` SET `gate_number` = '{$_POST['count1']}' , `location` = '{$_POST['location']}' , `ip` = '{$_POST['ip']}' , `timestamp` = '$timestamp' WHERE `id` = '$id' "; mysqli_query($link, $sql) or die(mysqli_error()); // if coming from index.php, return if (isset($_REQUEST['origin']) && $_REQUEST['origin'] == 'index' ){ header('Location: ../', true, 302); } // report success reporter("green", "<div class='row'><div class='col-md-6'>Gate count edited. <a href='list.php'>Back to gate count management.</a>", " "); } else { reporter("red","Could not edit gate count. <a href='list.php'>Back to gate count management.</a>"," "); } } else { $row = mysqli_fetch_array ( mysqli_query($link, "SELECT * FROM `$default_table_name` WHERE `id` = '$id' ")); ?> <!-- <div class="row"> <div class="col-md-12"> <h4 class="alert"><strong>Previous Count:</strong> <?php echo number_format($row['gate_number']); ?> </h4> </div> </div> -->
} else { foreach ($_REQUEST as $key => $value) { $_REQUEST[$key] = mysqli_real_escape_string($link, $value); } $IP = IPgrabber(); if (isset($_POST['date'])) { $date = date("Y-m-d", strtotime($_POST['date'])); } else { $date = date("Y-m-d"); } $timestamp = $date . " {$_REQUEST['hour']}"; $original_timestamp = date("Y-m-d H:i:s"); $sql = "INSERT INTO `{$default_table_name}` ( `gate_number` , `location` , `ip`, `timestamp`, `original_timestamp` ) VALUES( '{$_REQUEST['count1']}' , '{$_REQUEST['location']}' , '{$IP}', '{$timestamp}', '{$original_timestamp}' ) "; $result = mysqli_query($link, $sql) or die(mysqli_error()); // report success reporter("green", "<div class='row'><div class='col-md-6'>Gate count submitted. <a href='list.php'>Back to gate count management.</a>", " "); } } else { ?> <div class="row"> <div class="col-md-6"> <form action='new.php' method='POST' class="form" role="form"> <!-- location --> <input type="hidden" id="location" name="location" value="<?php echo $_COOKIE['location']; ?> "></input> <!-- add count -->
$query = "INSERT INTO {$default_table_name}(gate_number, location, timestamp, original_timestamp, ip) VALUES ('{$count}', '{$location}', '{$hour_block_timestamp}', '{$original_timestamp}', '{$IP}')"; if ($stmt = mysqli_prepare($link, $query)) { $insert_result = mysqli_stmt_execute($stmt); if ($insert_result === TRUE) { $_SESSION['result'] = "success"; $_SESSION['date'] = date("h:i:sa"); $_SESSION['gate_count_string'] = "{$count}"; $_SESSION['last_trans_id'] = mysqli_insert_id($link); } else { $_SESSION['result'] = "success"; } mysqli_stmt_close($stmt); // redirect to avoid multiple submissions header('Location: ./', true, 302); } else { reporter("red", "Error: Submission Failed. Failed on query:<br><br>{$query}", " "); } } } userSetter(); ?> <div id="ref_actions"> <!-- location choosing --> <div class="row-fluid"> <div class="col-md-12"> <form action="" method="POST"> <!-- <label for="location">Select Location</label> --> <select class="form-control" id="location" name="location" onchange=this.form.submit()> <?php