-
Notifications
You must be signed in to change notification settings - Fork 1
/
addco_functions.php
114 lines (88 loc) · 2.59 KB
/
addco_functions.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
<?php
include 'connect.php';
include 'user.php';
session_start();
if (!isset($_SESSION['loggedin']) || $_SESSION['loggedin'] !== true) {
header("Location: index.html");
exit();
}
function add_co() {
User::checkPerm();
global $con;
$officer_ID = array_key_exists('officer_ID', $_REQUEST) ? $_REQUEST['officer_ID'] : die("officer ID required!");
$crime_ID = $_POST['crime_ID'];
$officer_ID = $_POST['officer_ID'];
$sql = "INSERT INTO `crime_officers`(`crime_ID`, `officer_ID`) VALUES (?,?)";
$criminal_ID = $_POST['criminal_ID'];
var_dump($_POST);
try {
$con->begin_transaction();
$stmt = $con->prepare($sql);
$stmt->bind_param(
"ii",
$crime_ID,
$officer_ID
);
$stmt->execute();
$con->commit();
header("location:popup.php?criminal_ID=$criminal_ID");
} catch (mysqli_sql_exception $exception) {
$con->rollback();
die($exception);
}
}
function update_co() {
User::checkPerm();
global $con;
$criminal_ID = array_key_exists('criminal_ID', $_REQUEST) ? $_REQUEST['criminal_ID'] : die("Criminal ID required!");
$sql = "UPDATE `crime_officers` SET `crime_ID`= ?, `officer_ID`= ?";
$crime_ID = $_POST['crime_ID'];
$officer_ID = $_POST['officer_ID'];
try {
$con->begin_transaction();
$stmt = $con->prepare($sql);
$stmt->bind_param(
"ii",
$crime_ID,
$officer_ID,
);
$stmt->execute();
$con->commit();
header("location:popup.php?criminal_ID=$criminal_ID");
} catch (mysqli_sql_exception $exception) {
$con->rollback();
die($exception);
}
}
function delete_co() {
User::checkPerm();
global $con;
$officer_ID = array_key_exists('officer_ID', $_POST) ? $_POST['officer_ID'] : die("Officer ID required!");
$criminal_ID = $_POST['criminal_ID'];
$crime_ID = $_POST['crime_ID'];
$sql = "DELETE FROM crime_officers WHERE crime_ID = ? AND officer_ID = ?";
$con->begin_transaction();
try {
$stmt = $con->prepare($sql);
$stmt->bind_param("ii", $crime_ID, $officer_ID);
$stmt->execute();
$con->commit();
header("location:popup.php?criminal_ID=$criminal_ID");
} catch (mysqli_sql_exception $exception) {
$con->rollback();
die($exception);
}
}
if (isset($_POST['m'])) {
$method = $_POST['m'];
} else {
return;
}
if ($method == 'a') {
add_co();
} elseif ($method == 'u') {
update_co();
} elseif ($method == 'd') {
delete_co();
}
?>