Your IP : 216.73.216.162

Current Path : /home/x/b/o/xbodynamge/namtation/reservation/admin/
Upload File :
Current File : /home/x/b/o/xbodynamge/namtation/reservation/admin/action_client.php

<?php
include_once('init.inc.php');

echo 'cici';

if ($_POST['type']=="new"){

$nom = addslashes($_POST['nom']).' ';
$prenom = addslashes($_POST['prenom']).' ';
$email = addslashes($_POST['email']).' ';
$webaccess = 0;
if ($_POST['webaccess'] == "checked") {$webaccess = '1';}
$adr = addslashes($_POST['adr']).' ';
$cp = addslashes($_POST['cp']).' ';
$ville = addslashes($_POST['ville']).' ';
$gsm = addslashes($_POST['gsm']).' ';

$error = "";
if (trim($nom)=="" or trim($prenom)=="" or trim($email)=="") $error=$error."1";


$sql = "SELECT count(*) as emailexist from reservation".$DB_prefixtable."client where email='".trim($_POST['email'])."'"; 
$req = mysqli_query($db, $sql) or die('Erreur SQL !'.mysqli_error()); 
$client = mysqli_fetch_assoc($req);

if ($client['emailexist']>=1) $error=$error."2";
    
if ($error==""){
	
$sql = "insert into reservation".$DB_prefixtable."client (nom, prenom, mdp, email, webaccess, gsm, adr, cp, ville, nb_seance, validite_seance) value ('".$nom."','".$prenom."', 'xz68ecd4ds564c684qsx684', '".trim($email)."', ".$webaccess.", '".$gsm."','".$adr."','".$cp."','".$ville."',".$_POST['nb_seance'].",'".$_POST['date_validite_annee']."/".$_POST['date_validite_mois']."/".$_POST['date_validite_jour']."')";

$req = mysqli_query($db, $sql) or die('Erreur SQL !'.mysqli_error());

header('Location: page_client.php'); 

}
else{

header('Location: modif_client.php?error='.$error.'&id=nope'); 

}


  
}




if ($_POST['type']=="modif"){


$nom = addslashes($_POST['nom']);
$prenom = addslashes($_POST['prenom']);
$email = addslashes($_POST['email']);
$webaccess = 0;
if ($_POST['webaccess'] == "checked") $webaccess = '1';
$adr = addslashes($_POST['adr']);
$cp = addslashes($_POST['cp']);
$ville = addslashes($_POST['ville']);
$gsm = addslashes($_POST['gsm']);

$error = "";
if (trim($nom)=="" or trim($prenom)=="") $error=$error."1";

echo $sql = "SELECT count(*) as emailexist from reservation".$DB_prefixtable."client where email='".trim($_POST['email'])."' and id != ".$_POST['id']; 
$req = mysqli_query($db, $sql) or die('Erreur SQL !'.mysqli_error()); 
$client = mysqli_fetch_assoc($req);

if ($client['emailexist']>=1) $error=$error."2";
    
if ($error==""){
	
$sql = "update reservation".$DB_prefixtable."client set nom='".$nom."', prenom='".$prenom."', email='".$email."', webaccess='".$webaccess."', gsm='".$gsm."', adr='".$adr."', cp='".$cp."', ville='".$ville."', nb_seance=".$_POST['nb_seance'].", validite_seance='".$_POST['date_validite_annee']."/".$_POST['date_validite_mois']."/".$_POST['date_validite_jour']."' where id=".$_POST['id'];

$req = mysqli_query($db, $sql) or die('Erreur SQL !'.mysqli_error());

header('Location: page_client.php'); 
}
else{

header('Location: modif_client.php?error='.$error.'&id='.$_POST['id']); 

}
  
}



if ($_POST['type']=="remove"){

$sql = "delete from reservation".$DB_prefixtable."client where id=".$_POST['id'];
$req = mysqli_query($db, $sql) or die('Erreur SQL !'.mysqli_error()); 

header('Location: page_client.php'); 
  
}


if ($_POST['type']=="add_seance"){

$sql = "update reservation".$DB_prefixtable."client set nb_seance=".$_POST['nb_seance'].", validite_seance = '".$_POST['date_validite_annee'].'-'.sprintf("%02d",$_POST['date_validite_mois']).'-'.sprintf("%02d",$_POST['date_validite_jour'])."' where id=".$_POST['id'];
$req = mysqli_query($db, $sql) or die('Erreur SQL !'.mysqli_error());

header('Location: page_client.php'); 
  
}



?>