function RMHstaffApproverUpdate() { error_log("RMHstaffApproverUpdate"); $user_profile_id = sanitize($_GET['view']); if (isset($_POST['go'])) { error_log("go is set"); $profileObjArray = retrieve_UserProfile_RMHAdmin($user_profile_id); $profileObj = is_array($profileObjArray) ? current($profileObjArray) : false; if ($profileObj) { $profileObj->set_usernameId($_POST["App_Username"]); $profileObj->set_userCategory($_POST["App_Category"]); $profileObj->set_userEmail($_POST["App_Email"]); $ReturnValue = update_UserProfile($user_profile_id); if ($ReturnValue) { $profileObj->set_rmhStaffTitle($_POST["App_Title"]); $profileObj->set_rmhStaffFirstName($_POST["App_FirstName"]); $profileObj->set_rmhStaffLastName($_POST["App_LastName"]); $profileObj->set_rmhStaffPhone($_POST["App_Phone"]); $ReturnValue1 = update_RMHStaffProfile($user_profile_id); if ($ReturnValue1) { error_log("update returned success"); header('Location: admin/listUsers.php'); } else { error_log("could not update RMHStaffProfile"); $errors['invalid_profile'] = "Could not complete request"; } } else { error_log("Could not update admin information"); $errors['invalid_profile'] = "Could not update admin information"; } } else { error_log("Could not update profile"); $errors['invalid_profile'] = "Could not update profile information"; } } else { error_log("go not set"); } }
/** * Inserts a new RMH Staff Profile into the RMHStaffProfile table * @param $userprofile = the userprofile to insert * * @author: Linda Shek */ function insert_RmhStaffProfile($userprofile) { if (!$userprofile instanceof UserProfile) { return false; } connect(); //Check if the rmh staff profile already exists $query = "SELECT * FROM rmhstaffprofile WHERE RMHStaffProfileID =" . $userprofile->get_rmhStaffProfileId(); $result = mysql_query($query) or die(mysql_error()); if (mysql_num_rows($result) > 0) { //Need to return an update function if already exists. return update_RMHStaffProfile($userprofile); } $query = "INSERT INTO rmhstaffprofile (UserProfileID, Title, FirstName, LastName, Phone) VALUES (" . $userprofile->get_userProfileId() . ",'" . $userprofile->get_rmhStaffTitle() . "','" . $userprofile->get_rmhStaffFirstName() . "','" . $userprofile->get_rmhStaffLastName() . "','" . $userprofile->get_rmhStaffphone() . "')"; $result = mysql_query($query); if (!$result) { echo mysql_error() . " Sorry unable to insert into RMH Staff Profile."; mysql_close(); return false; } mysql_close(); return true; }