<?php
//updateemployee.php
session_start(); //Resume session
if(isset($_SESSION['name'])){// If $_SESSION['name'] not set, force redirect to home page
$name = $_SESSION['name'];
$status_msg="";
if (isset($_GET['data'])){
$data = $_GET['data'];
if(isset($_GET['update'])){
if(isset($_GET['name']) && isset($_GET['email'])&& isset($_GET['gender']) && isset($_GET['faculty'])){
if(!empty($_GET['name']) && !empty($_GET['email'])&& !empty($_GET['gender']) && !empty($_GET['faculty'])){
//$data = $_GET['data'];
$new_name = $_GET['name'];
$new_email = $_GET['email'];
$new_gender = $_GET['gender'];
$new_school = $_GET['faculty'];
$conn= connectDB();
$status_msg=updateRecord($new_name,$new_school,$new_gender,$conn,$new_email,$data);
echo $new_name;
echo $new_school;
echo $new_gender;
echo $new_email;
echo $data;
}else{
$status_msg="<h2 style='color:red;'>Incomplete Input. Please try again</h2>";
}
}
}
}}else{
header('Location: index.php');
}
if(isset($_GET['logout'])){
session_destroy();
header('Location: index.php');
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
</head>
<body>
<?php
if(isset($_GET['data'])){
$data = $_GET['data'];
echo $data;//To test if the Id matches the profile that needs to be updated
}
$status_msg = "";
function connectDB(){//Function to connect to database
$servername = "localhost";
$username = "root";
$password = "";
$db= "staff_db";
$conn = mysqli_connect($servername,$username,$password,$db);
if(!$conn){
die('Connection Failed: '.mysqli_connect_error());
}
return $conn;
}
//$sql = "SELECT * FROM staff_table WHERE staff_id='$data'";
$conn = connectDB();
function updateRecord($new_name,$new_gender,$new_school,$conn,$new_email,$data){
$sql = "UPDATE staff_table SET name='$new_name',gender='$new_gender',school='$new_school',email='$new_email' WHERE staff_id='$data'";
if (mysqli_query($conn,$sql)){
$status_msg="<h3 style= 'color:green;'>Account details are successfully updated.</h3>";
}else{
$status_msg= "ERROR: Could not execute SQL".mysqli_error($conn);
}
mysqli_close($conn);
return $status_msg;
}
?>
<h1>Update Staff Profile</h1>
<form action="UpdateEmployee.php" method="GET">
<fieldset>
<legend>Personal Information</legend>
<p><span class="error">* required field</span></p>
<label for="name">Full Name: <input type="text" id="name" name="name"><span class="error">*</span></label><br>
<label for="sID">Staff ID: <input type="text" id="sID" name="sID" placeholder="<?php echo $data;?>" disabled="disabled"></label><br>
<label for="email">Email: <input type="text" id="email" name="email"><span class="error">*</span></label><br>
<label for="gender">Gender:</label>
<select id="gender" name="gender">
<option value = "-1" selected>[Gender]</option>
<option value = "Male">Male</option>
<option value = "Female">Female</option>
</select><br>
<label for="faculty">School/Faculty</label>
<select id="faculty" name="faculty">
<option value = "-1" selected>[School/Faculty]</option>
<option value = "SFS">SFS</option>
<option value = "FBDA">FBDA</option>
<option value = "FECS">FECS</option>
</select><br>
<p><input type="submit" name="update" value="Update Staff"></p>
<p><?php echo $status_msg;?></p>
</fieldset>
</form>
<footer>
<p><a href="MainMenu.php">Main Menu</a></p>
<p><a href="">Logout</a></p>
</footer>
</body>
</html>
<?php
//displayemployeeinf.php
session_start(); //Resume session
if(isset($_SESSION['name'])){// If $_SESSION['name'] not set, force redirect to home page
$name = $_SESSION['name'];
}else{
header('Location: index.php');
}
if(isset($_POST['logout'])){
session_destroy();
header('Location: index.php');
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Display Employee Information</title>
</head>
<body>
<h1>Staff Profile</h1>
<div class="display">
<fieldset>
<legend>Employees Information</legend>
<?php
function connectDB(){//Function to connect to database
$servername = "localhost";
$username = "root";
$password = "";
$db= "staff_db";
$conn = mysqli_connect($servername,$username,$password,$db);
if(!$conn){
die('Connection Failed: '.mysqli_connect_error());
}
return $conn;
}
$data = $_GET['data'];
$sql = "SELECT * FROM staff_table WHERE name ='$data'";
$conn= connectDB();
$result = mysqli_query($conn,$sql);
if($result){
$row = mysqli_fetch_assoc($result);
}
if(isset($_POST['update'])){
header('Location: UpdateEmployee.php?data='.$row['staff_id'].'');
}
?>
<form method="POST">
<table class="center">
<tr><td><p><strong>Name:</strong></p></td><td><p><?php echo $row['name'];?></p></td></tr>
<tr><td><p><strong>Staff ID:</strong></p></td><td><p><?php echo $row['staff_id'];?></p></td></tr>
<tr><td><p><strong>Email</strong></p></td><td><p><?php echo $row['email'];?></p></td></tr>
<tr><td><p><strong>Gender</strong></p></td><td><p><?php echo $row['gender'];?></p></td></tr>
<tr><td><p><strong>School</strong></p></td><td><p><?php echo $row['school'];?></p></td></tr>
</table>
<p><input type="submit" name="update" value="Update"></p>
<p><input type="submit" name="delete" value="Delete"></p>
</form>
</fieldset>
</div>
<footer>
<p><a href="MainMenu.php">Main Menu</a></p>
<p><a href="">Logout</a></p>
</footer>
</body>
</html>