header("location: index.php"); } else { if ($_SERVER['REQUEST_METHOD'] == "POST") { if (isset($_POST['schoolid'])) { $schoolid = $_POST['schoolid']; $managerid = $_POST['managerid']; $shift = $_POST['shift']; $school->addmanagertoschool($managerid, $schoolid, $shift); header("location: schools.php"); } } if ($_SERVER['REQUEST_METHOD'] == "GET") { if (isset($_GET['schoolid']) & isset($_GET['shift'])) { $schoolid = $sec->escape($_GET['schoolid']); $shift = $sec->escape($_GET['shift']); $schoolresult = $school->getschoolbyid($schoolid); if ($schoolresult->num_rows == 1) { $schoolrow = $schoolresult->fetch_assoc(); $managerresult = $manager->getmanagers(); if ($managerresult->num_rows > 0) { } else { header("location: managers.php?error=هیچ مدیری برای انتحاب وجود ندارد ابتدا مدیر را ایجاد کنید"); } } else { header("location: schools.php?error=این مدرسه حذف شده است"); } } else { header("location: schools.php"); } } }
include "php/school.php"; include "php/user.php"; $login = new user(); $logincheck = $login->islogin(); if ($logincheck != 1) { header("location: index.php"); die; } $school = new school(); $sec = new security(); $name; $address; $telephone; if ($_SERVER["REQUEST_METHOD"] == "GET") { if (isset($_GET['id'])) { $result = $school->getschoolbyid($_GET['id']); $row = $result->fetch_assoc(); $name = $row['Sname']; $address = $row['Address']; $telephone = $row['Telephone']; } } if ($_SERVER["REQUEST_METHOD"] == "POST") { $id = $sec->escape($_POST['schoolid']); $schoolname = $sec->escape($_POST["schoolname"]); $schoollength = $sec->checknullwithoutwhitespace($schoolname); $schooladdress = $sec->escape($_POST["schooladdress"]); $schooltel = $sec->escape($_POST["schooltel"]); if ($schoollength != 0) { $ans = $school->editschool($id, $schoolname, $schooladdress, $schooltel); if ($ans == 1) {