<?php
$page_title = "Edit Resource | CES Admin";
include_once($_SERVER['DOCUMENT_ROOT'] . "/php/common_functions.php"); //common functions in the course registartion system
include_once($_SERVER['DOCUMENT_ROOT'] . "/php/config.php"); //holds global config variables
check_if_authenticated('admin');//check if user is logged in
$resource_id = "";
if(isset($_GET['resource_id'])){
$resource_id =$_GET['resource_id'];
}elseif (isset($_POST['resource_id'])) {
$resource_id =$_POST['resource_id'];
}
$db = mysqli_connect($mysql_server, $user, $pass, $database);
if(isset($_POST['delete'])){
$sql = "DELETE FROM ces_resources WHERE resource_id=\"$resource_id\"";
if(mysqli_query($db, $sql)){
header("location:index.php?msg=success");
exit;
} //end if
else {//else the update did not happen so output an error
$msg = return_sql_error('Error - deleting resource failed when doing:', $sql);
}//else
}
elseif(isset($_POST['submit'])){
//form has been submitted, don't prompt for info; add form data to database and show what has been added
$title = htmlentities($_POST['title'], ENT_QUOTES);
$url = htmlentities($_POST['url'], ENT_QUOTES);
$tel = htmlentities($_POST['tel'], ENT_QUOTES);
$description = htmlentities($_POST['description'], ENT_QUOTES);
$organization = htmlentities($_POST['organization'], ENT_QUOTES);
$sql = "UPDATE ces_resources
SET title = \"$title\",
url=\"$url\",
phone=\"$tel\",
description=\"$description\",
organization=\"$organization\",
updated=NOW()
WHERE resource_id=$resource_id";
if(mysqli_query($db, $sql)){ //if the update is successful show the new entry
header("location:index.php#".$resource_id);
exit;
} //end if
else {//else the update did not happen so output an error
$msg = return_sql_error('Error - resources submission failed when doing:', $sql);
}//else
}
include_once($_SERVER['DOCUMENT_ROOT'] . "/admin/php/top-admin.php"); //get the HTML heading common to all pages in the CES admin module
?>
<article class="ces-admin">
<h2>CES Admin - Edit Resource</h2>
<?php
include_once($_SERVER['DOCUMENT_ROOT'] . "/admin/php/nav-admin.php");
if (isset($msg)){
echo "<p>".$msg."</p>";
}
$db = mysqli_connect($mysql_server, $user, $pass, $database);
$sql = mysqli_query($db, "SELECT resource_id, title, url, phone, description, organization, created, updated
FROM ces_resources
WHERE resource_id=$resource_id
ORDER BY title");
while ($query = mysqli_fetch_array($sql)) {
$title = $query["title"];
$url = $query["url"];
$phone = $query["phone"];
$description = $query["description"];
$organization = $query["organization"];
} //while
echo "\n</tbody>";
echo "\n</table>";
?>
<form method="post" action="<?php echo $_SERVER['PHP_SELF'] ?>">
<input type="hidden" name="resource_id" value='<?php echo $resource_id?>'>
<div class="form-group">
<label for="title">Title:</label>
<input class="form-control" type='text' id='title' name='title' placeholder="Resource Title" autofocus required value='<?php echo $title?>'>
</div>
<div class="form-group">
<label for="url">Link:</label>
<input class="form-control" type='url' id='url' name='url' placeholder="http://..." required value='<?php echo $url?>'>
</div>
<div class="form-group">
<label for="tel">Phone Number:</label>
<input class="form-control" type='tel' id='tel' name='tel' placeholder="403-955-1234" value='<?php echo $phone?>'>
</div>
<div class="form-group">
<label for="description">Description:</label>
<textarea class="form-control" rows='8' style="height:auto; resize:none;" name='description' wrap='soft' required placeholder="Resource Description"><?php echo $description?></textarea>
</div>
<div class="form-group">
<label for="organization">Organization:</label>
<input class="form-control" type='text' id='organization' name='organization' placeholder="Organization" value='<?php echo $organization?>' >
</div>
<input type='submit' name='submit' value="Save Changes" class="btn ces-green-btn">
<a class="btn ces-orange-btn" href="/admin/resources/">Cancel</a>
<input type='submit' name='delete' value="Delete" class="btn ces-grey-btn pull-right">
</form>
<?php
?>
</article>
</section><!-- #middle-->
</div><!-- #wrapper -->
<?php require_once $_SERVER['DOCUMENT_ROOT'].'/require/footer.php';?>