#**************************************************************************** #* Checking for post vars. Go back to form if none found. #**************************************************************************** if (count($_POST) == 0) { header("Location: ../admin/staff_new_form.php"); exit; } #**************************************************************************** #* Validate data #**************************************************************************** $staff = new Staff(); $staff->setLastChangeUserid($_SESSION["userid"]); $staff->setLastName($_POST["last_name"]); $_POST["last_name"] = $staff->getLastName(); $staff->setFirstName($_POST["first_name"]); $_POST["first_name"] = $staff->getFirstName(); $staff->setUsername($_POST["username"]); $_POST["username"] = $staff->getUsername(); $staff->setPwd($_POST["pwd"]); $_POST["pwd"] = $staff->getPwd(); $staff->setPwd2($_POST["pwd2"]); $_POST["pwd2"] = $staff->getPwd2(); $staff->setCircAuth(isset($_POST["circ_flg"])); $staff->setCircMbrAuth(isset($_POST["circ_mbr_flg"])); $staff->setCatalogAuth(isset($_POST["catalog_flg"])); $staff->setAdminAuth(isset($_POST["admin_flg"])); $staff->setReportsAuth(isset($_POST["reports_flg"])); $validData = $staff->validateData(); $validPwd = $staff->validatePwd(); if (!($validData && $validPwd)) { $pageErrors["last_name"] = $staff->getLastNameError();
/** * bool update(Staff $staff) * * Update a staff member in the staff table. * * @param Staff $staff staff member to update * @return boolean returns false, if error occurs * @access public */ function update($staff) { if (!$staff instanceof Staff) { $this->_error = "Argument is an inappropriate object."; return false; } // If changing login check to see if it already exists. /*if ($this->existLogin($staff->getLogin(), $staff->getIdMember())) { $this->_isError = true; $this->_error = "Login is already in use."; return false; }*/ $sql = "UPDATE " . $this->_table . " SET " . "collegiate_number=?, " . "nif=?, " . "first_name=?, " . "surname1=?, " . "surname2=?, " . "address=?, " . "phone_contact=?, " . "login=? " . "WHERE id_member=?;"; $params = array(urlencode($staff->getCollegiateNumber()), urlencode($staff->getNIF()), urlencode($staff->getFirstName()), urlencode($staff->getSurname1()), urlencode($staff->getSurname2()), urlencode($staff->getAddress()), urlencode($staff->getPhone()), urlencode($staff->getLogin()), $staff->getIdMember()); return $this->exec($sql, $params); }