<?php
session_start();
require_once "dvd-db.php";
require_once "dvd-util.php";
ensure_authenticated();
if (array_key_exists('title', $_POST)) {
try {
edit_dvd($_POST);
add_message("\nDVD updated!\n");
$_SESSION['last_edit'] = $title;
header("Location: index.php");
} catch (DbException $dbe) {
echo "<h3 class='error'>An error occurred while trying to update the DVD: {$dbe->getMessage()}</h3>";
}
} else {
echo "<h3 class='error'>No DVD was selected for editing. Please <a href='edit-select.php'>Try Again</a></h3>";
}
if (array_key_exists('title', $_POST)) {
/* If we're paranoid we should check that all of these variables
exist before trying to use them, and display error messasges
accordingly */
$title = $_POST['title'];
$genre = $_POST['genre'];
$release_year = $_POST['release_year'];
$director = $_POST['director'];
$rating = $_POST['rating'];
if ($_SESSION['dvd_title'] != $title) {
echo "ERROR ..... \n";
echo "Session title = " . $_SESSION['dvd_title'] . "\n";
echo "Title in post = " . $_POST['title'] . "\n";
} else {
$data = $_POST;
$success = edit_dvd($data);
if ($success) {
echo "\nDVD updated!\n";
} else {
echo "Problems were encountered while trying to update the DVD";
}
}
} else {
echo "Error - no DVD selected for update.";
/* XXX handle this properly */
}
/**
* DVD updated if we get here, forward the user somewhere where
* they can see their changes
*/
$_SESSION['last_edit'] = $title;
