PHPize Online / SQLize Online  /  SQLtest Online

A A A
Share      Blog   Popular
Copy Format Clear
A<?php session_start(); require_once "./functions/admin.php"; $title = "Add new book"; require "./template/header.php"; require "./functions/database_functions.php"; $conn = db_connect(); if(isset($_POST['add'])){ $isbn = trim($_POST['isbn']); $isbn = mysqli_real_escape_string($conn, $isbn); $title = trim($_POST['title']); $title = mysqli_real_escape_string($conn, $title); $author = trim($_POST['author']); $author = mysqli_real_escape_string($conn, $author); $descr = trim($_POST['descr']); $descr = mysqli_real_escape_string($conn, $descr); $price = floatval(trim($_POST['price'])); $price = mysqli_real_escape_string($conn, $price); $publisher = trim($_POST['publisher']); $publisher = mysqli_real_escape_string($conn, $publisher); // add image if(isset($_FILES['image']) && $_FILES['image']['name'] != ""){ $image = $_FILES['image']['name']; $directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']); $uploadDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . "bootstrap/img/"; $uploadDirectory .= $image; move_uploaded_file($_FILES['image']['tmp_name'], $uploadDirectory); } // find publisher and return pubid // if publisher is not in db, create new $findPub = "SELECT * FROM publisher WHERE publisher_name = '$publisher'"; $findResult = mysqli_query($conn, $findPub); if(!$findResult){ // insert into publisher table and return id $insertPub = "INSERT INTO publisher(publisher_name) VALUES ('$publisher')"; $insertResult = mysqli_query($conn, $insertPub); if(!$insertResult){ echo "Can't add new publisher " . mysqli_error($conn); exit; } $publisherid = mysql_insert_id($conn); } else { $row = mysqli_fetch_assoc($findResult); $publisherid = $row['publisherid']; } $query = "INSERT INTO books VALUES ('" . $isbn . "', '" . $title . "', '" . $author . "', '" . $image . "', '" . $descr . "', '" . $price . "', '" . $publisherid . "')"; $result = mysqli_query($conn, $query); if(!$result){ echo "Can't add new data " . mysqli_error($conn); exit; } else { header("Location: admin_book.php"); } } ?> <form method="post" action="admin_add.php" enctype="multipart/form-data"> <table class="table"> <tr> <th>ISBN</th> <td><input type="text" name="isbn"></td> </tr> <tr> <th>Title</th> <td><input type="text" name="title" required></td> </tr> <tr> <th>Author</th> <td><input type="text" name="author" required></td> </tr> <tr> <th>Image</th> <td><input type="file" name="image"></td> </tr> <tr> <th>Description</th> <td><textarea name="descr" cols="40" rows="5"></textarea></td> </tr> <tr> <th>Price</th> <td><input type="text" name="price" required></td> </tr> <tr> <th>Publisher</th> <td><input type="text" name="publisher" required></td> </tr> </table> <input type="submit" name="add" value="Add new book" class="btn btn-primary"> <input type="reset" value="cancel" class="btn btn-default"> </form> <br/> <?php if(isset($conn)) {mysqli_close($conn);} require_once "./template/footer.php"; ?>
Copy Clear
Copy Format Clear
<?php session_start(); $title = "Add new book"; require "./template/header.php"; require "./functions/database_functions.php"; $conn = db_connect(); if(isset($_POST['add'])){ $isbn = trim($_POST['isbn']); $isbn = mysqli_real_escape_string($conn, $isbn); $title = trim($_POST['title']); $title = mysqli_real_escape_string($conn, $title); $author = trim($_POST['author']); $author = mysqli_real_escape_string($conn, $author); $descr = trim($_POST['descr']); $descr = mysqli_real_escape_string($conn, $descr); $price = floatval(trim($_POST['price'])); $price = mysqli_real_escape_string($conn, $price); $publisher = trim($_POST['publisher']); $publisher = mysqli_real_escape_string($conn, $publisher); // add image if(isset($_FILES['image']) && $_FILES['image']['name'] != ""){ $image = $_FILES['image']['name']; $directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']); $uploadDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . "bootstrap/img/"; $uploadDirectory .= $image; move_uploaded_file($_FILES['image']['tmp_name'], $uploadDirectory); } // find publisher and return pubid // if publisher is not in db, create new $findPub = "SELECT * FROM publisher WHERE publisher_name = '$publisher'"; $findResult = mysqli_query($conn, $findPub); if(!$findResult){ // insert into publisher table and return id $insertPub = "INSERT INTO publisher(publisher_name) VALUES ('$publisher')"; $insertResult = mysqli_query($conn, $insertPub); if(!$insertResult){ echo "Can't add new publisher " . mysqli_error($conn); exit; } $publisherid = mysql_insert_id($conn); } else { $row = mysqli_fetch_assoc($findResult); $publisherid = $row['publisherid']; } $query = "INSERT INTO books VALUES ('" . $isbn . "', '" . $title . "', '" . $author . "', '" . $image . "', '" . $descr . "', '" . $price . "', '" . $publisherid . "')"; $result = mysqli_query($conn, $query); if(!$result){ echo "Can't add new data " . mysqli_error($conn); exit; } else { header("Location: admin_book.php"); } } ?> <form method="post" action="admin_add.php" enctype="multipart/form-data"> <table class="table"> <tr> <th>ISBN</th> <td><input type="text" name="isbn"></td> </tr> <tr> <th>Title</th> <td><input type="text" name="title" required></td> </tr> <tr> <th>Author</th> <td><input type="text" name="author" required></td> </tr> <tr> <th>Image</th> <td><input type="file" name="image"></td> </tr> <tr> <th>Description</th> <td><textarea name="descr" cols="40" rows="5"></textarea></td> </tr> <tr> <th>Price</th> <td><input type="text" name="price" required></td> </tr> <tr> <th>Publisher</th> <td><input type="text" name="publisher" required></td> </tr> </table> <input type="submit" name="add" value="Add new book" class="btn btn-primary"> <input type="reset" value="cancel" class="btn btn-default"> </form> <br/> <?php if(isset($conn)) {mysqli_close($conn);} require_once "./template/footer.php"; ?>
Show:  
Copy Clear