<?php
if (isset($_POST)) {
//include database connection and prebuilt functions to insert data into database
include_once "header_db.php";
include_once "functions.php";
//This statement addsslashes to all the post datas.
include_once "addslashes_to_POST.php";
$male_id = (int) $_POST['male_id'];
$event_id = (int) $_POST['event_id'];
$sql = "SELECT * FROM rsvp WHERE event_id = " . $event_id . " AND male_id = " . $male_id . ";";
$resultset = mysqli_query($connection, $sql);
$no_rows = mysqli_num_rows($resultset);
if ($no_rows == 0) {
$table_name = "rsvp";
//rsvp fields
$arr_fields = array("male_id", "event_id", "is_male", "is_female", "are_kids", "no_of_guests");
//$arr_values = array(102,3,'1','0','1',0);
$sql = build_custom_insert_str($table_name, $arr_fields, $_POST);
//echo $sql.";";
if (mysqli_query($connection, $sql)) {
echo "1";
} else {
echo "0";
}
} else {
echo "2";
}
mysqli_close($connection);
}
<?php
session_start();
//check credentials of the user
include "authenticate.php";
if (isset($_POST)) {
//include database connection and prebuilt functions to insert data into database
include_once "header_db.php";
include_once "functions.php";
//This statement addsslashes to all the post datas.
include_once "addslashes_to_POST.php";
$table_name = "events";
for ($i = 0; $i < 2; $i++) {
$sql = build_custom_insert_str($table_name, array('Title', 'Description', 'Date', 'Time', 'Location', 'Dress_Code'), $_POST);
mysqli_query($connection, $sql);
$table_name = "events_full";
}
$sql = "UPDATE `db_version` SET `version` = version + 1;";
mysqli_query($connection, $sql);
mysqli_close($connection);
header('Location:event_html.php');
} else {
header('Location:event_html.php');
}