-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrename_category.php
113 lines (102 loc) · 4.31 KB
/
rename_category.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
<?php
include_once 'data.php';
if (isset($_SESSION['auth']) && isset($_SESSION['permissions']) && ($_SESSION['permissions'] == 'A' || $_SESSION['permissions'] == 'U')) {
include_once 'functions.php';
database_connect($database_path, 'library');
if (!empty($_GET['old_category'])) $old_category_query = $dbHandle->quote($_GET['old_category']);
if (!empty($_GET['add_category']) && !empty($_GET['new_category'])) {
$new_category_query = $dbHandle->quote($_GET['new_category']);
$dbHandle->exec("INSERT INTO categories (category) VALUES ($new_category_query)");
}
if (!empty($_GET['change_category']) && !empty($_GET['new_category']) && !empty($_GET['old_category'])) {
$new_category_query = $dbHandle->quote($_GET['new_category']);
$dbHandle->exec("UPDATE categories SET category=$new_category_query WHERE categoryID=$old_category_query");
}
if (!empty($_GET['delete_category']) && !empty($_GET['old_category'])) {
$dbHandle->beginTransaction();
$dbHandle->exec("DELETE FROM filescategories WHERE categoryID=$old_category_query");
$dbHandle->exec("DELETE FROM categories WHERE categoryID=$old_category_query");
$dbHandle->commit();
}
$stmt = $dbHandle->prepare("SELECT categoryID,category FROM categories ORDER BY category COLLATE NOCASE");
?>
<form action="rename_category.php" method="GET">
<table border="0" cellpadding="0" cellspacing="0" style="width: 100%">
<tr>
<td class="details alternating_row" colspan="2"><b>Add category:</b></td>
</tr>
<tr>
<td class="details">New category:</td>
<td class="details">
<input type="text" size="30" name="new_category">
</td>
</tr>
<tr>
<td class="details" colspan="2">
<input type="hidden" name="add_category" value="add_category">
<input type="submit" value=" Add ">
</td>
</tr>
</table>
</form>
<form action="rename_category.php" method="GET">
<table border="0" cellpadding="0" cellspacing="0" style="width: 100%">
<tr>
<td class="details alternating_row" colspan="2"><b>Rename category:</b></td>
</tr>
<tr>
<td class="details">Old category:</td>
<td class="details">
<select name="old_category">
<option value="">-</option>
<?php
$stmt->execute();
while ($category = $stmt->fetch(PDO::FETCH_ASSOC)) {
print "\r\n<option value=\"".htmlspecialchars($category['categoryID'])."\">".htmlspecialchars(substr($category['category'], 0, 50))."</option>";
}
?>
</select>
</td>
</tr>
<tr>
<td class="details">New category:</td>
<td class="details">
<input type="text" size="30" name="new_category">
</td>
</tr>
<tr>
<td class="details" colspan="2">
<input type="hidden" name="change_category" value="change_category">
<input type="submit" value=" Rename ">
</td>
</tr>
</table>
</form>
<br><br>
<form action="rename_category.php" method="GET">
<table border="0" cellpadding="0" cellspacing="0" style="width: 100%">
<tr>
<td class="details alternating_row"><b>Delete category:</b></td>
</tr>
<tr>
<td class="details">
<select name="old_category">
<option value="">-</option>
<?php
$stmt->execute();
while ($category = $stmt->fetch(PDO::FETCH_ASSOC)) {
print "\r\n<option value=\"".htmlspecialchars($category['categoryID'])."\">".htmlspecialchars(substr($category['category'], 0, 50))."</option>";
}
?>
</select>
<input type="hidden" name="delete_category" value="delete_category">
<input type="submit" value=" Delete ">
</td>
</tr>
</table>
</form>
<?php
} else {
print 'Super User or User permissions required.';
}
?>