-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcode.php
More file actions
executable file
·135 lines (114 loc) · 3.74 KB
/
code.php
File metadata and controls
executable file
·135 lines (114 loc) · 3.74 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
<?php
$conn = require __DIR__ . "/database.php";
session_start();
if (!isset($_SESSION["email"])) {
// Redirect to the login page if the user is not logged in
header('Location: index.php');
exit();
}
$email = mysqli_real_escape_string($conn, $_SESSION['email']);
$query = "SELECT * FROM account WHERE email='$email'";
$result = mysqli_query($conn, $query);
if ($row = mysqli_fetch_assoc($result)) {
$name = $row['userName'];
$password = $row['password'];
$phone = $row['phoneNum'];
$role = $row['role'];
} else {
// Handle case where email is not found in the database
$name = '';
$password = '';
$phone = '';
$role = '';
}
if (isset($_GET['client_name'])) {
$client_name = mysqli_real_escape_string($conn, $_GET['client_name']);
$query = "SELECT * FROM client WHERE fullName='$client_name'";
$query_run = mysqli_query($conn, $query);
if (mysqli_num_rows($query_run) == 1) {
$client = mysqli_fetch_array($query_run);
$res = [
'status' => 200,
'message' => 'הלקוח נשלף בהצלחה דרך השם',
'data' => $client
];
echo json_encode($res);
return;
} else {
$res = [
'status' => 404,
'message' => 'שם הלקוח לא נמצא'
];
echo json_encode($res);
return;
}
}
if (isset($_POST['update_client'])) {
$clientName = mysqli_real_escape_string($conn, $_POST['clientName']);
$address = mysqli_real_escape_string($conn, $_POST['address']);
$id = mysqli_real_escape_string($conn, $_POST['id']);
$gender = mysqli_real_escape_string($conn, $_POST['gender']);
$phone = mysqli_real_escape_string($conn, $_POST['phone']);
$phone2 = mysqli_real_escape_string($conn, $_POST['phone2']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
if ($clientName == NULL || $address == NULL || $id == NULL || $phone == NULL || $gender == NULL) {
$res = [
'status' => 422,
'message' => 'שדה חובה ריק'
];
echo json_encode($res);
return;
} else if (!is_numeric($id)) {
$res = [
'status' => 422,
'message' => 'מספר זיהוי חייב להיות מספר'
];
echo json_encode($res);
return;
} else if (($email != null) && (!filter_var($email, FILTER_VALIDATE_EMAIL))) {
$res = [
'status' => 422,
'message' => 'אימייל לא חוקי'
];
echo json_encode($res);
return;
}
$query = "UPDATE client SET fullName='$clientName', address='$address', id='$id', gender='$gender', phone='$phone', phone2='$phone2', email='$email'
WHERE fullName='$clientName'";
$query_run = mysqli_query($conn, $query);
if ($query_run) {
$res = [
'status' => 200,
'message' => 'הלקוח עודכן בהצלחה'
];
echo json_encode($res);
return;
} else {
$res = [
'status' => 500,
'message' => 'הלקוח לא עודכן'
];
echo json_encode($res);
return;
}
}
if (isset($_POST['delete_client'])) {
$client_name = mysqli_real_escape_string($conn, $_POST['client_name']);
$query = "DELETE FROM client WHERE fullName='$client_name'";
$query_run = mysqli_query($conn, $query);
if ($query_run) {
$res = [
'status' => 200,
'message' => 'הלקוח נמחק בהצלחה'
];
echo json_encode($res);
return;
} else {
$res = [
'status' => 500,
'message' => 'הלקוח לא נמחק'
];
echo json_encode($res);
return;
}
}