Exemplo n.º 1
0
    $newRole = valString($_POST['Role'], true);
    $newPhone = valPhone($_POST['phone'], true);
    $newEmail = valEmail($_POST['email'], true);
    $newDepartment = valString($_POST['department'], true);
    $newUserName = valString($_POST['username'], true);
    $newPassword = valString($_POST['pass'], true);
    $newUser = new userClass($newfName, $newlName, $newRole, $newPhone, $newEmail, $newDepartment, $newUserName, $newPassword);
    $newUser->createUser();
    header("Location: /JGWentworth/View/User.php");
}
// end first if
if (isset($_POST['EditUser'])) {
    $fName = valString($_POST['fName'], true);
    $lName = valString($_POST['lName'], true);
    $role = valString($_POST['Role'], true);
    $phone = valPhone($_POST['phone'], true);
    $email = valEmail($_POST['email'], true);
    $department = valString($_POST['department'], true);
    $userName = valString($_POST['username'], true);
    $password = valString($_POST['pass'], true);
    $userID = $_POST['editID'];
    $updateUser = new userClass($fName, $lName, $role, $phone, $email, $department, $userName, $password, $userID);
    $updateUser->updateUser();
    header("Location: /JGWentworth/View/User.php");
}
// end second if
if (isset($_GET['delete'])) {
    $deleteID = urldecode(base64_decode($_GET['delete']));
    userClass::deleteUser($deleteID);
    header("Location: /JGWentworth/View/User.php");
}
Exemplo n.º 2
0
    if (empty($target_file)) {
        $sql = "UPDATE COMPANY_MEMBER " . "SET CompanyID ='" . $companyID . "', FirstName = '" . $editCompFName . "', " . "LastName = '" . $editCompLName . "', Title ='" . $editCompTitle . ", " . "Phone = '" . $editCompPhone . "', Email = '" . $editCompEmail . "', " . "DateFirstContact = '" . $editCompFContacted . "' " . "WHERE MemberID ='" . $compClientId . "';";
        $pdo->query($sql);
    }
    header("Location: /JGWentworth/View/Client.php");
}
/******* Edit No Company Client *********************************************************************************************/
if (isset($_POST['editNoCompClient'])) {
    $target_dir = $_SERVER["DOCUMENT_ROOT"] . '/JGWentworth/ClientImages/';
    $target_file = $target_dir . basename($_FILES['editNoCompPhoto']['name']);
    $compClientId = $_POST['editClientID'];
    $editClientFName = valString($_POST['editClientFName'], true);
    $editClientLName = valString($_POST['editClientLName'], true);
    $editClientTitle = valString($_POST['editClientTitle'], true);
    $editClientEmail = valEmail($_POST['editClientEmail'], true);
    $editClientPhone = valPhone($_POST['editClientPhone'], true);
    $editClientAddress = valString($_POST['editClientAddress'], true);
    $editClientFContacted = valDate($_POST['editClientFContacted'], true);
    if (!empty($target_file)) {
        move_uploaded_file($_FILES['editNoCompPhoto']['tmp_name'], $target_file);
        $sql = "UPDATE NON_MEMBER " . "SET FirstName ='" . $editCompFName . "', LastName ='" . $editCompLName . "', " . "Title ='" . $editCompTitle . "', Email ='" . $editCompEmail . "', Phone ='" . $editCompPhone . "',  " . "Address = '" . $editClientAddress . "', DateFirstContact ='" . $editCompFContacted . "', " . "PhotoURL ='" . $target_file . "' " . "WHERE MemberID ='" . $editClientID . "';";
        $pdo->query($sql);
    }
    if (empty($target_file)) {
        $sql = "UPDATE NON_MEMBER " . "SET FirstName = '" . $editCompFName . "', " . "LastName = '" . $editCompLName . "', Title ='" . $editCompTitle . ", " . "Email = '" . $editCompEmail . "', Phone = '" . $editCompPhone . "',  " . "Address = '" . $editClientAddress . "', DateFirstContact = '" . $editCompFContacted . "' " . "WHERE MemberID ='" . $editClientID . "';";
        $pdo->query($sql);
    }
    header("Location: /JGWentworth/View/Client.php");
}
/******* Delete Company Client **********************************************************************************************/
if (isset($_GET['delete_compClient'])) {