$sql = "SELECT listId\n\t\t\t\tFROM user_university_list\n\t\t\t\tWHERE username = :username\n\t\t\t\tAND univId = :univId"; $stmt = $dbConn->prepare($sql); $stmt->execute(array(':username' => $_SESSION['username'], ':univId' => $univId)); $results = $stmt->fetch(); if ($results == NULL) { return false; } else { return true; } } // Add a school to the user's list if (isset($_POST['add'])) { if (!inUserList($_POST['univId'])) { $sql = "INSERT INTO user_university_list (username, univId)\n\t\t\t\t\tVALUES (:username,:univId)"; $stmt = $dbConn->prepare($sql); $stmt->execute(array(":username" => $_SESSION['username'], "univId" => $_POST['univId'])); } // Go back to the page that submitted this request header('Location: ' . $_POST['redirect']); } // Remove a school from the user's list if (isset($_POST['remove'])) { if (inUserList($_POST['univId'])) { global $dbConn; $sql = "DELETE FROM user_university_list\n\t\t\t\t\tWHERE username = :username\n\t\t\t\t\tAND univId = :univId"; $stmt = $dbConn->prepare($sql); $stmt->execute(array(':username' => $_SESSION['username'], ':univId' => $_POST['univId'])); } // Go back to the page that submitted this request header('Location: ' . $_POST['redirect']); }
</a> </td> </tr> <tr><td colspan="2"> <form method='post' action='updateList.php' style="display: inline"> <input type="hidden" name="redirect" value="admissions.php?id=<?php echo $_GET['id']; ?> "> <input type="hidden" name="univId" value=<?php echo $_GET['id']; ?> > <?php include 'updateList.php'; if (inUserList($_GET['id'])) { echo '<input type="submit" name="remove" value="Remove from My List">'; } else { echo '<input type="submit" name="add" value="Add to My List">'; } ?> </form> <form action="findSchool.php" style="display: inline;"> <input type="submit" value="Go Back"> </form> </td></tr> </table> </div> </body>