Location: PHPKode > scripts > PHP-AGTC membership system > admin/update_contact.php
<?php

  require '../mysqlvars.php';
  require '../lib/db.php';
  require '../lib/form_functions.php';

  session_start('ADMIN');

  $dbConn = connectDB($dbHost, $dbUser, $dbPass, $dbDB);
  if (!$dbConn) {
	die('Database is currently down...please try again later');
  }
  
  require 'includes/secure_page.php';

  if (!isset($_GET['address_id']) && !isset($_POST['address_id'])) {
	die ('Illegal navigation');
  }
  else {
	$address_id = isset($_GET['address_id']) ? $_GET['address_id'] : $_POST['address_id'];
  }


  unset($error);
  unset($confirm);
  $found = false;

  if (isset($_POST['confirm'])) {
	$found = true;
	if (empty($_POST['last_name'])) {
	  $error = 'You must enter a last name';
	}
	if (!isset($error)) {
	  $query = 'UPDATE wsd_contacts SET ';
	  $query .= "first_name = '" . prepareData($_POST['first_name']) . "'" . ',';
	  $query .= "last_name = '" . prepareData($_POST['last_name']) . "'" . ',';
	  $query .= "email = '" . prepareData($_POST['email']) . "'" . ',';
	  $query .= "home_phone = '" . prepareData($_POST['home_phone']) . "'" . ',';
	  $query .= "work_phone = '" . prepareData($_POST['work_phone']) . "'" . ',';
	  $query .= "mobile_phone = '" . prepareData($_POST['mobile_phone']) . "'" . ',';
	  $query .= "address = '" . prepareData($_POST['address']) . "'" . ',';
	  $query .= "city = '" . prepareData($_POST['city']) . "'" . ',';
	  $query .= "zip_code = '" . prepareData($_POST['zip_code']) . "'" . ',';
	  $query .= "country = '" . prepareData($_POST['country']) . "'" . ',';
	  $query .= "comments = '" . prepareData($_POST['comments']) . "',";
	  $query .= "shared = '" . ($_POST['shared']==1 ? "1" : "0") . "'";
	  $query .= " WHERE ";
	  $query .= "address_id = '" . $address_id . "'";
	  if (mysql_query($query,$dbConn)) { ?>
	  <SCRIPT LANGUAGE="JavaScript">
	  <!--
		 if (window.opener) {
		   if (!window.opener.closed) { 
			 window.opener.location.reload(1); 
		   }
		   window.close();
		 }
					       
	  //-->
	  </SCRIPT>
	  <?php      
		$confirm = 'Contact updated';
		$found = false;
	  }
	  else {
		$error = mysql_error();
	  }
	  
	}
	if (isset($error)) {
	  $address_id = stripData($_POST['address_id']);
	  $first_name = stripData($_POST['first_name']);
	  $last_name = stripData($_POST['last_name']);
	  $email = stripData($_POST['email']);
	  $home_phone = stripData($_POST['home_phone']);
	  $work_phone = stripData($_POST['work_phone']);
	  $mobile_phone = stripData($_POST['mobile_phone']);
	  $address = stripData($_POST['address']);
	  $city = stripData($_POST['city']);
	  $zip_code = stripData($_POST['zip_code']);
	  $country = stripData($_POST['country']);
	  $file = stripData($_POST['file']);
	  $comments = stripData($_POST['comments']);
	}
  }
  else {
	$query = "SELECT first_name, last_name, email, home_phone, work_phone, mobile_phone, address, city, zip_code, country, comments, shared, username FROM wsd_contacts WHERE ";
	$query .= "address_id = '" . $address_id . "'";
	$result = mysql_query($query, $dbConn);
	if ($result) {
	  if ($frow = mysql_fetch_array($result)) {
		$found = true;
		$first_name = $frow['first_name'];
		$last_name = $frow['last_name'];
		$email = $frow['email'];
		$home_phone = $frow['home_phone'];
		$work_phone = $frow['work_phone'];
		$mobile_phone = $frow['mobile_phone'];
		$address = $frow['address'];
		$city = $frow['city'];
		$zip_code = $frow['zip_code'];
		$country = $frow['country'];
		$comments = $frow['comments'];
		$shared = $frow['shared'];
		$username = $frow['username'];
	  }
	  else {
		$error = 'Contact not found';
	  }
	}
	else {
	  $error = mysql_error();
	}
	 
  }

   include '../members/includes/header.php';
  
?>

	<tr>
	  <td>
		<table class="fg">
		  <tr>
			<td class="title">Update Record created by user '<?php echo $username; ?>'</td>
		  </tr>
		</table>
	  </td>
	</tr>
	
	<tr>
	  <td>
	  <table class="nb">
		  <?php if (isset($confirm)) { echo "<tr><td class=\"bold\">$confirm</td><tr>"; } ?>

		  <?php if (isset($error)) { echo "<tr><td class=\"error\">$error</td></tr>"; } ?>

		</table>
	  </td>
	</tr>
	<tr>
	  <td>
		<?php if ($found) { ?>
		  <table class="fg">
			<form method="POST" action="<?php echo $_SERVER['PHP_SELF'] ?>">
			<tr><td class="label">&nbsp;</td><td class="field"><input type="hidden" name="address_id" value="<?php echo $address_id ?>"></td></tr>
			
			<tr>
			  <td class="label">First name:</td>
			  <td class="field">
				<input type="text" name="first_name" size="20" maxlength="50" value="<?php if (isset($first_name)) { echo htmlspecialchars($first_name); } ?>">
			  </td>
			</tr>
			<tr>
			  <td class="label">Last name:</td>
			  <td class="field">
				<input type="text" name="last_name" size="20" maxlength="50" value="<?php if (isset($last_name)) { echo htmlspecialchars($last_name); } ?>">
			  </td>
			</tr>
			<tr>
			  <td class="label">Email:</td>
			  <td class="field">
				<input type="text" name="email" size="20" maxlength="50" value="<?php if (isset($email)) { echo htmlspecialchars($email); } ?>">
			  </td>
			</tr>
			<tr>
			  <td class="label">Home phone:</td>
			  <td class="field">
				<input type="text" name="home_phone" size="20" maxlength="50" value="<?php if (isset($home_phone)) { echo htmlspecialchars($home_phone); } ?>">
			  </td>
			</tr>
			<tr>
			  <td class="label">Work phone:</td>
			  <td class="field">
				<input type="text" name="work_phone" size="20" maxlength="50" value="<?php if (isset($work_phone)) { echo htmlspecialchars($work_phone); } ?>">
			  </td>
			</tr>
			<tr>
			  <td class="label">Mobile:</td>
			  <td class="field">
				<input type="text" name="mobile_phone" size="20" maxlength="50" value="<?php if (isset($mobile_phone)) { echo htmlspecialchars($mobile_phone); } ?>">
			  </td>
			</tr>
			<tr>
			  <td class="label">Address:</td>
			  <td class="field">
				<input type="text" name="address" size="20" maxlength="50" value="<?php if (isset($address)) { echo htmlspecialchars($address); } ?>">
			  </td>
			</tr>
			<tr>
			  <td class="label">City:</td>
			  <td class="field">
				<input type="text" name="city" size="20" maxlength="50" value="<?php if (isset($city)) { echo htmlspecialchars($city); } ?>">
			  </td>
			</tr>
			<tr>
			  <td class="label">Zip code:</td>
			  <td class="field">
				<input type="text" name="zip_code" size="20" maxlength="50" value="<?php if (isset($zip_code)) { echo htmlspecialchars($zip_code); } ?>">
			  </td>
			</tr>
			<tr>
			  <td class="label">Country:</td>
			  <td class="field">
				<select name="country">
				<?php if (isset($country)) { ?>
				  <option selected value="<?php echo $country ?>"><?php echo $country ?>
				<?php } ?>
				<option value="">
				<?php 
				  $result = mysql_query("SELECT country, country_name FROM wsd_countries ORDER BY country_name");
				  if ($result) {
					if ($frow = mysql_fetch_row($result)) {
					  do {
					    echo '<option value="' . $frow[0] . '">' . $frow[1];
					  } while ($frow = mysql_fetch_row($result));
					}
				  }
				  
				  ?>
				</select>
			  </td>
			</tr>
			
			<tr>
			  <td class="label">Comments:</td>
			  <td class="field">
				<textarea name="comments" cols="30" rows="5"><?php if (isset($comments)) { echo htmlspecialchars($comments); } ?></textarea>
			  </td>
			</tr>
			<tr>
			  <td class="label">&nbsp;</td>
			  <td class="field" valign="top">
				<input type="checkbox" name="shared" value="1" <?php if ($shared==1) { echo "checked"; } ?>> <b>Shared with other members</b>
			  </td>
			</tr>
			<tr><td class="label">&nbsp;</td><td class="field"><input type="Submit" name="confirm" value="Update"></td></tr>
			</form>
		  </table>
		<?php } ?>
	  </td>
	</tr>
  

<?php include '../members/includes/footer.php' ?>

Return current item: PHP-AGTC membership system