-
Notifications
You must be signed in to change notification settings - Fork 0
/
edituserlevel.php
64 lines (48 loc) · 1.39 KB
/
edituserlevel.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
<?php
function test_input($data) {
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$username = test_input($_POST["usersl"]);
$equipment = test_input($_POST["eq"]);
$refpage = $_POST['refpage'];
$admin = $_POST['admin'];
//echo $username;
//echo $equipment;
$flag = False;
include 'db_connect.php';
$result = mysqli_query($conn_equipt,"SELECT * FROM ".$equipment);
foreach($result as $value){
echo $value['usern'];
if ($value['Name'] == $username){
$flag = True;
}
}
if ($flag == True){
echo "Already user <br>";
if($admin == 'y'){
echo '"redirectadmin"';
header("location:adminuserlist.php");
}else{
echo '"redirectnorm"';
header("location:manageuserlist.php");
}
}else{
$sql = "INSERT INTO ".$equipment." (Name,Level) VALUES ('".$username."','Trainee')";
echo $sql;
if ($conn_equipt->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn_equipt->error;
}
$sql = "INSERT INTO ".$username." (Equipment_Name,User_Level) VALUES ('".$equipment."','Trainee')";
if ($conn_users->query($sql) === TRUE) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . $conn_users->error;
}
header("location:".$refpage);
}
?>