<?php session_start(); require_once "dvd-db.php"; require_once "dvd-util.php"; ensure_authenticated(); if (array_key_exists('title', $_POST)) { try { edit_dvd($_POST); add_message("\nDVD updated!\n"); $_SESSION['last_edit'] = $title; header("Location: index.php"); } catch (DbException $dbe) { echo "<h3 class='error'>An error occurred while trying to update the DVD: {$dbe->getMessage()}</h3>"; } } else { echo "<h3 class='error'>No DVD was selected for editing. Please <a href='edit-select.php'>Try Again</a></h3>"; }
if (array_key_exists('title', $_POST)) { /* If we're paranoid we should check that all of these variables exist before trying to use them, and display error messasges accordingly */ $title = $_POST['title']; $genre = $_POST['genre']; $release_year = $_POST['release_year']; $director = $_POST['director']; $rating = $_POST['rating']; if ($_SESSION['dvd_title'] != $title) { echo "ERROR ..... \n"; echo "Session title = " . $_SESSION['dvd_title'] . "\n"; echo "Title in post = " . $_POST['title'] . "\n"; } else { $data = $_POST; $success = edit_dvd($data); if ($success) { echo "\nDVD updated!\n"; } else { echo "Problems were encountered while trying to update the DVD"; } } } else { echo "Error - no DVD selected for update."; /* XXX handle this properly */ } /** * DVD updated if we get here, forward the user somewhere where * they can see their changes */ $_SESSION['last_edit'] = $title;