Skip to content

GitLab

Commit 05aaa7a2 authored by Gabriel Moreau's avatar Gabriel Moreau
Browse files

Update SQL to use function and more robust code

parent fdb7f59d
Hide whitespace changes
Inline Side-by-side
module/db-functions.php
View file @ 05aaa7a2
......@@ -415,6 +415,18 @@ function get_supplier_find($pdo, $find='') {
return $supplier_fetch;
}
// ---------------------------------------------------------------------
function set_supplier_update($pdo, $id_supplier, $name, $address, $tel, $fax, $email, $www, $contact, $description) {
$sql = 'UPDATE LOW_PRIORITY fournisseurs SET nom = ?, adresse = ?, tel = ?, fax = ?, mail = ?, www = ?, contact = ?, descr = ? WHERE id = ?;';
$stmt = $pdo->prepare($sql);
$status = $stmt->execute(array($name, $address, $tel, $fax, $email, $www, $contact, $description, $id_supplier));
$err_msg = '';
if (!$status)
$err_msg = $stmt->errorInfo()[2];
return $err_msg;
}
// ---------------------------------------------------------------------
// Team
// ---------------------------------------------------------------------
......
supplier-update.php
View file @ 05aaa7a2
......@@ -52,44 +52,35 @@ if (!empty($erreur)) {
if ($pdo = connect_db()) {
//recupere les anciennes caracteristiques
$supplier = get_supplier_all_by_id($pdo, $id_supplier);
$supplier_registered = get_supplier_all_by_id($pdo, $id_supplier);
//modification fournisseur
//on construit la demande
$querry = "UPDATE LOW_PRIORITY fournisseurs SET ";
if ($nom != $supplier['nom'])
//modif du nom
$querry.= "nom='$nom',";
if ($adresse != $supplier['adresse'])
//modif de l' adresse
$querry .= "adresse='$adresse',";
if ($tel != $supplier['tel'])
//modif du tel
$querry.="tel='$tel',";
if ($fax != $supplier['fax'])
//modif du fax
$querry.="fax='$fax',";
if ($mail != $supplier['mail'])
//modif du mail
$querry.="mail='$mail',";
if ($www != $supplier['www'])
//modif de l'url
$querry .= "www='$www',";
if ($contact != $supplier['contact'])
//modif des contacts
$querry .= "contact='$contact',";
if ($descr != $supplier['descr'])
//modif de la descr
$querry .= "descr='$descr',";
// supprime la derniere virgule
$querry[strlen($querry)-1]=' ';
//ajoute la clause
$querry .= " WHERE id = '$id_supplier'";
if ($logged_level >= 3)
$stmt = $pdo->prepare($querry);
$stmt->execute();
$modif = 0;
if (($nom != $supplier_registered['nom'])
|| ($adresse != $supplier_registered['adresse'])
|| ($tel != $supplier_registered['tel'])
|| ($fax != $supplier_registered['fax'])
|| ($mail != $supplier_registered['mail'])
|| ($www != $supplier_registered['www'])
|| ($contact != $supplier_registered['contact'])
|| ($descr != $supplier_registered['descr']))
$modif = 1;
if ($modif != 0) {
$err_msg = set_supplier_update($pdo, $id_supplier, $nom, $adresse, $tel, $fax, $mail, $www, $contact, $descr)
if ($err_msg != '' && $logged_level > 3) {
echo 'Erreur : '. $err_msg.'<br>';
echo '<br><br><a href="supplier-list.php?highlight='.$id_supplier.'#item'.$id_supplier.'">Suite</a><br><br>\n';
pied_page();
exit();
}
} // end if modif
else {
echo 'Aucune modification &agrave; faire';
echo '<br><br><a href="supplier-list.php?highlight='.$id_supplier.'#item'.$id_supplier.'">Suite</a><br><br>\n';
pied_page();
exit();
}
} // end if connect
redirect('supplier-list.php?highlight='.$id_supplier.'#item'.$id_supplier);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment