-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathstaffSave.php
More file actions
50 lines (41 loc) · 1.77 KB
/
staffSave.php
File metadata and controls
50 lines (41 loc) · 1.77 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
<?php
try {
$db = new PDO("mysql:dbname=hotel; host=localhost; port=3306", "root", "root");
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$id=$_POST['id'];
$password=$_POST['pwd'];
$password2=$_POST['pwd2'];
$name=$_POST['name'];
$phone=$_POST['phone'];
$department=$_POST['department'];
if ($password !== $password2) {
print "<script language=javascript> alert('You entered the wrong password.'); location.replace('signUp.php'); </script>";
exit;
}
$q_id = $db->quote($id);
$q_password = $db->quote($password);
$q_password2 = $db->quote($password2);
$q_name = $db->quote($name);
$q_phone = $db->quote($phone);
$q_attendance = $db->quote(0);
$q_department = $db->quote($department);
$rows = $db->query("SELECT * FROM staff");
$result = $rows->fetchAll();
for($i = 0; $i < count($result); $i++){
if($result[$i]["id"] == $id){
print "<script language=javascript> alert('This ID has been taken.'); location.replace('signUp.php'); </script>";
exit;
}
}
$str = "INSERT INTO staff (id, pw, sname, phone, department, attendance, accept)
VALUE ($q_id, $q_password, $q_name, $q_phone, $q_department, $q_attendance, 0)";
$db->exec($str);
print "<script language=javascript> alert('Registration will be completed after admin approval.'); location.replace('staffMain.php'); </script>";
exit;
} catch (PDOException $ex) {
?>
<p>Sorry, a database error occurred. Please try again later.</p>
<p>(Error details: <?= $ex->getMessage() ?>)</p>
<?php
}
?>