if ($action == "open") { $query = "UPDATE {$table}\r\n SET komplet=0\r\n WHERE id=\"{$order}\""; sql_update($query); } if ($action == "processed") { $query = "UPDATE {$table}\r\n SET status=1\r\n WHERE id=\"{$order}\""; //echo $query; sql_update($query); } if ($action == "prijata") { $query = "UPDATE {$table}\r\n SET status=0\r\n WHERE id=\"{$order}\""; sql_update($query); } } if (!isset($order) || empty($order)) { display_all($page, $vyber); // ak nie je zvolena ziadna objednavka tak zobrazi vsetky objednavky } else { if (!isset($revision) || empty($revision)) { //ak bol odoslany formular na zmenu statusu objednavky if ($_POST[save_status]) { //echo "status"; check_access("revision_action"); $query = "UPDATE {$table}\r\n SET status=" . sec_input(sec_sql($_POST["status"])) . "\r\n WHERE id=\"{$order}\""; sql_update($query); } if ($_POST[save_zakaznik]) { //echo "status"; check_access("revision_action"); $query = "UPDATE {$table}\r\n SET id_zakaznik=" . sec_input(sec_sql($_POST["zakaznik"])) . "\r\n WHERE id=\"{$order}\""; sql_update($query);
foreach ($del_rev_id as $rev_id) { $query_porez = "UPDATE porez\r\n SET vymaz={$vymaz} \r\n WHERE id_revizia=\"{$rev_id['id']}\""; sql_update($query_porez); $query_subor = "UPDATE subor\r\n SET vymaz={$vymaz} \r\n WHERE id_revizia=\"{$rev_id['id']}\""; sql_update($query_porez); $query_revizia = "UPDATE revizia\r\n SET vymaz={$vymaz} \r\n WHERE id=\"{$rev_id['id']}\""; sql_update($query_revizia); $query_objednavka = "UPDATE objednavka\r\n SET vymaz={$vymaz} \r\n WHERE id=\"{$order}\""; sql_update($query_objednavka); header("location: ?vyber=objednavky"); } mysql_query("COMMIT"); } } if (!isset($order) || empty($order)) { display_all($page, $vyber, $search_name); // ak nie je zvolena ziadna objednavka tak zobrazi vsetky objednavky } else { if (!isset($revision) || empty($revision)) { //ak bol odoslany formular na zmenu statusu objednavky if ($_POST[save_status]) { //echo "status"; check_access("revision_action"); $query = "UPDATE {$table}\r\n SET status=" . sec_input(sec_sql($_POST["status"])) . "\r\n WHERE id=\"{$order}\""; sql_update($query); } if ($_POST[save_zakaznik]) { //echo "status"; check_access("revision_action"); $query = "UPDATE {$table}\r\n SET id_zakaznik=" . sec_input(sec_sql($_POST["zakaznik"])) . "\r\n WHERE id=\"{$order}\""; sql_update($query);
<?php //echo "0 "; $connection = new PDO("mysql:host=localhost;dbname=peeps", "root", ""); switch ($_POST["function_to_be_called"]) { case "create": create_type(trim($_POST['new_trait']), (bool) $_POST['discrete']); break; case "list": display_all(); break; case "delete": delete($_POST['type']); break; case "delete_trait": delete_trait($_POST['id']); break; case "change_rank": change_rank($_POST['id'], $_POST['is_direction_up']); break; case "create_trait": create_trait($_POST['profile_id'], $_POST['trait_id'], $_POST['trait_type'], $_POST['trait_value'], $_POST['trait_discrete']); break; } function change_rank($id, $is_direction_up) { global $connection; $statement = $connection->prepare("select * from traits where id=?"); $statement->bindValue(1, $id, PDO::PARAM_INT); $statement->execute(); $main_record = $statement->fetchObject();