if ($num === "Five Bedroom") { return 5; } else { if ($num === "Six Bedroom") { return 6; } } } } } } } $fbid = $db->real_escape_string($_POST['editfbid']); $email = $db->real_escape_string($_POST['editemail']); $gender = $db->real_escape_string($_POST['gender']); $_SESSION['useremail'] = $email; $_SESSION['gender'] = $gender; $address = $db->real_escape_string($_POST['editaddress']); $bedrooms = $db->real_escape_string($_POST['editbedroom']); $bednum = bedsize($bedrooms); $bath = $db->real_escape_string($_POST['editbath']); $start = $db->real_escape_string($_POST['editstart']); $end = $db->real_escape_string($_POST['editend']); $price = $db->real_escape_string($_POST['editprice']); $db->query("UPDATE sublet SET `email`='" . $email . "', `gender` = '" . $gender . "', `address` = '" . $address . "', `bath` = '" . $bath . "', `bedroom` = '" . $bedrooms . "', `bednum` = '" . $bednum . "', `start` = '" . $start . "', `end` = '" . $end . "', `price` = '" . $price . "' WHERE `fbid`= '" . $fbid . "'"); $db->query("UPDATE subinterestmatch SET `hitemail` = '" . $email . "' WHERE `hitfbid` = '" . $fbid . "'"); $db->query("UPDATE subinterestmatch SET `interestedemail` = '" . $email . "' WHERE `interestedfbid` = '" . $fbid . "'"); $db->query("UPDATE subletusers SET `email` = '" . $email . "' WHERE `facebookid` = '" . $fbid . "'"); $db->query("UPDATE subletinterest SET `email` = '" . $email . "' WHERE `fbid` = '" . $fbid . "'"); $db->close(); echo "<script> top.location.href = 'roominfo.php' </script>";
} else { if ($num === "Six Bedroom") { return 6; } } } } } } } $name = $db->real_escape_string($_POST['name']); $email = $db->real_escape_string($_POST['email']); $fbid = $db->real_escape_string($_POST['fbid']); $address = $db->real_escape_string($_POST['address']); $bedroom = $db->real_escape_string($_POST['bedroom']); $bednum = bedsize($bedroom); $bath = $db->real_escape_string($_POST['bath']); $price = $db->real_escape_string($_POST['price']); $start = $db->real_escape_string($_POST['start']); $end = $db->real_escape_string($_POST['end']); $gender = $db->real_escape_string($_POST['gender']); $price = trim($price, '$'); //$comments = $db->real_escape_string($_POST['comments']); $entered; $test = $db->query("SELECT `enteredroom` FROM `subletusers` WHERE `facebookid` = '" . $fbid . "'"); while ($gettest = $test->fetch_assoc()) { $entered = $gettest['enteredroom']; } if (!$entered && $fbid != 0) { $db->query("INSERT INTO sublet (`name`, `email`, `fbid`, `address`, `bath`, `bedroom`, `bednum`, `start`, `end`, `price`, `gender`) VALUES ('" . $name . "', '" . $email . "', '" . $fbid . "', '" . $address . "', '" . $bath . "', '" . $bedroom . "', '" . $bednum . "', '" . $start . "', '" . $end . "', '" . $price . "', '" . $gender . "')"); $db->query("UPDATE `subletusers` SET `enteredroom` = 1 WHERE `facebookid` = '" . $fbid . "'");