-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathupdate.php
More file actions
180 lines (167 loc) · 8.03 KB
/
Copy pathupdate.php
File metadata and controls
180 lines (167 loc) · 8.03 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
<?php require_once('Connections/conMaterial.php'); ?>
<?php include("initializeSession.php"); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$pageNum = $_GET['pageNum_rsMaterial'];
$editFormAction = $_SERVER['PHP_SELF']."?pageNum_rsMaterial=$pageNum";
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
$updateSQL = sprintf("UPDATE material SET materialName=%s, productName=%s, producerName=%s, contact=%s, telephone=%s, fax=%s, adress=%s, productPrice=%s, materialLoss=%s, madeIn=%s, notes=%s, other=%s WHERE id=%s",
GetSQLValueString($_POST['materialName'], "text"),
GetSQLValueString($_POST['productName'], "text"),
GetSQLValueString($_POST['producerName'], "text"),
GetSQLValueString($_POST['contact'], "text"),
GetSQLValueString($_POST['telephone'], "text"),
GetSQLValueString($_POST['fax'], "text"),
GetSQLValueString($_POST['adress'], "text"),
GetSQLValueString($_POST['productPrice'], "text"),
GetSQLValueString($_POST['materialLoss'], "text"),
GetSQLValueString($_POST['madeIn'], "text"),
GetSQLValueString($_POST['notes'], "text"),
GetSQLValueString($_POST['other'], "text"),
GetSQLValueString($_POST['id'], "int"));
mysql_select_db($database_conMaterial, $conMaterial);
$Result1 = mysql_query($updateSQL, $conMaterial) or die(mysql_error());
if (isset($_SERVER['QUERY_STRING'])) {
$posPageNo = strpos($_SERVER['QUERY_STRING'], '&pageNum');
if (($posPageNo >= 0) && ($posPageNo != NULL)) {
// $updateGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
// $updateGoTo .= $_SERVER['QUERY_STRING'];
$length = strlen($_SERVER['QUERY_STRING']);
$query = "?".substr($_SERVER['QUERY_STRING'],$posPageNo+1,$length-$posPageNo);
} else {
// $query = "";
$query = "?pageNum_rsMaterial=0";
}
}
$updateGoTo = "index.php".$query;
header(sprintf("Location: %s", $updateGoTo));
}
$colname_rsMaterialUpdate = "-1";
if (isset($_GET['id'])) {
$colname_rsMaterialUpdate = $_GET['id'];
}
mysql_select_db($database_conMaterial, $conMaterial);
$query_rsMaterialUpdate = sprintf("SELECT * FROM material WHERE id = %s", GetSQLValueString($colname_rsMaterialUpdate, "int"));
$rsMaterialUpdate = mysql_query($query_rsMaterialUpdate, $conMaterial) or die(mysql_error());
$row_rsMaterialUpdate = mysql_fetch_assoc($rsMaterialUpdate);
$totalRows_rsMaterialUpdate = mysql_num_rows($rsMaterialUpdate);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Update</title>
<style type="text/css">
.trLabel {
margin-right: 10px;
margin-left: 10px;
padding-right: 10px;
padding-left: 10px;
}
</style>
</head>
<body>
<p><a href="index.php">Top Page</a> </p>
<?php include("logInOut.php"); ?>
<form action="<?php echo $editFormAction; ?>" method="post" name="form1" id="form1">
<table align="center">
<tr valign="baseline">
<td align="right" nowrap="nowrap" class="trLabel">原料名</td>
<td><input type="text" name="materialName" value="<?php echo htmlentities($row_rsMaterialUpdate['materialName'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap" class="trLabel">商品名</td>
<td><input type="text" name="productName" value="<?php echo htmlentities($row_rsMaterialUpdate['productName'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap" class="trLabel">メーカー</td>
<td><input type="text" name="producerName" value="<?php echo htmlentities($row_rsMaterialUpdate['producerName'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap" class="trLabel">連絡先</td>
<td><input type="text" name="contact" value="<?php echo htmlentities($row_rsMaterialUpdate['contact'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap" class="trLabel">電話番号</td>
<td><input type="text" name="telephone" value="<?php echo htmlentities($row_rsMaterialUpdate['telephone'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap" class="trLabel">FAX</td>
<td><input type="text" name="fax" value="<?php echo htmlentities($row_rsMaterialUpdate['fax'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap" class="trLabel">所在地</td>
<td><input type="text" name="adress" value="<?php echo htmlentities($row_rsMaterialUpdate['adress'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap" class="trLabel">原料の価格</td>
<td><input type="text" name="productPrice" value="<?php echo htmlentities($row_rsMaterialUpdate['productPrice'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap" class="trLabel">原料のロット</td>
<td><input type="text" name="materialLoss" value="<?php echo htmlentities($row_rsMaterialUpdate['materialLoss'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap" class="trLabel">産地</td>
<td><input type="text" name="madeIn" value="<?php echo htmlentities($row_rsMaterialUpdate['madeIn'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap" class="trLabel">備考</td>
<td><input type="text" name="notes" value="<?php echo htmlentities($row_rsMaterialUpdate['notes'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap" class="trLabel">他</td>
<td><input type="text" name="other" value="<?php echo htmlentities($row_rsMaterialUpdate['other'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap" class="trLabel"> </td>
<td>
<?php if ($_SESSION['MM_Username'] != NULL) { ?>
<input type="submit" value="Update" />
<?php } ?>
</td>
</tr>
</table>
<input type="hidden" name="MM_update" value="form1" />
<input type="hidden" name="id" value="<?php echo $row_rsMaterialUpdate['id']; ?>" />
</form>
<?php
// echo $posPageNo."<br/>";
// echo "query = ".$query."<br/>";
// echo "pageNum = ".$pageNum."<br/>";
?>
</body>
</html>
<?php
mysql_free_result($rsMaterialUpdate);
?>