-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmanage_bookstorecatalog.php
91 lines (81 loc) · 3 KB
/
manage_bookstorecatalog.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
<?php
session_start();
$user = 'admin1';
$pass = 'Admin1Pass4235!a';
$db = 'cosc471';
try {
$dbConnection = new mysqli('localhost', $user, $pass, $db);
} catch (mysqli_sql_exception $e) {
print "Error!: " . $e->getMessage() . "<br/>";
die();
}
//create a table with a form to add a new book
echo "<table align='center' style='border:2px solid blue;'>";
echo "<tr>";
echo "<th>ISBN</th>";
echo "<th>Title</th>";
echo "<th>Author</th>";
echo "<th>Publisher</th>";
echo "<th>Category</th>";
echo "<th>Price</th>";
echo "</tr>";
echo "<tr>";
echo "<form action='manage_bookstorecatalog.php' method='post'>";
echo "<td><input type='text' name='isbn' id='isbn' value='enter an ISBN'></td>";
echo "<td><input type='text' name='title' id='title' value='enter a title'></td>";
echo "<td><input type='text' name='author' id='author' value='enter an author'></td>";
echo "<td><input type='text' name='publisher' id='publisher' value='enter a publisher'></td>";
echo "<td><input type='text' name='category' id='category' value='enter a category'></td>";
echo "<td><input type='text' name='price' id='price' value='enter a price'></td>";
echo "<td><input type='submit' name='add' id='add' value='Add'></td>";
echo "</form>";
//pull all the books from the DB
$query = "SELECT * FROM books";
$result = $dbConnection->query($query);
//display the books in a table
echo "<table align='center' style='border:2px solid blue;'>";
echo "<tr>";
echo "<th>ISBN</th>";
echo "<th>Title</th>";
echo "<th>Author</th>";
echo "<th>Publisher</th>";
echo "<th>Category</th>";
echo "<th>Price</th>";
while ($row = $result->fetch_assoc()) {
echo "<tr>";
echo "<td>" . $row['ISBN'] . "</td>";
echo "<td>" . $row['title'] . "</td>";
echo "<td>" . $row['Author'] . "</td>";
echo "<td>" . $row['publisher'] . "</td>";
echo "<td>" . $row['category'] . "</td>";
echo "<td>" . $row['price'] . "</td>";
//add a delete button by each book
echo "<td><form action='manage_bookstorecatalog.php' method='post'>";
echo "<input type='hidden' name='isbn' value='" . $row['ISBN'] . "'>";
echo "<input type='submit' name='delete' value='Delete'>";
echo "</form></td>";
echo "</tr>";
}
echo "</table>";
//back button
echo "<form action='admin_tasks.php' method='post' align='center'>";
echo "<input type='submit' name='back' value='Back'>";
echo "</form>";
if (isset($_POST['delete'])) {
$isbn = $_POST['isbn'];
$query = "DELETE FROM books WHERE ISBN = '$isbn'";
$result = $dbConnection->query($query);
header("Location: manage_bookstorecatalog.php");
}
if (isset($_POST['add'])) {
$isbn = $_POST['isbn'];
$title = $_POST['title'];
$author = $_POST['author'];
$publisher = $_POST['publisher'];
$category = $_POST['category'];
$price = $_POST['price'];
$query = "INSERT INTO books (ISBN, title, Author, publisher, category, price) VALUES ('$isbn', '$title', '$author', '$publisher', '$category', '$price')";
$result = $dbConnection->query($query);
header("Location: manage_bookstorecatalog.php");
}
?>