eventmanager/controller.php

60 lines
2.0 KiB
PHP
Raw Normal View History

2021-03-27 17:14:05 +01:00
<?php
session_start();
if (!isset($_SESSION['zalogowany']))
{
header('Location: index.php');
exit();
}
$_SESSION['numevent'] = $_GET['info'];
ini_set("display_errors", 0);
require_once "dbconnect.php";
$polaczenie = mysqli_connect($host, $db_user, $db_password);
mysqli_query($polaczenie, "SET CHARSET utf8");
mysqli_query($polaczenie, "SET NAMES 'utf8' COLLATE 'utf8_polish_ci'");
mysqli_select_db($polaczenie, $db_name);
$query = "SELECT events.id_events, events.quantity FROM manager, events WHERE events.id_events = manager.id_events AND manager.id_events = '".$_SESSION['numevent']."'";
$rezultat = mysqli_query($polaczenie, $query);
$ile = mysqli_num_rows($rezultat);
require_once "dbconnect.php";
$polaczenie = @new mysqli($host, $db_user, $db_password, $db_name);
if ($polaczenie->connect_errno!=0)
{
echo "Error: ".$polaczenie->connect_errno;
}
else
{
#$login = $_SESSION['employeeID'];
$login = htmlentities($login, ENT_QUOTES, "UTF-8");
if ($rezultat = @$polaczenie->query(
sprintf("SELECT events.id_events, events.quantity FROM manager, events WHERE events.id_events = manager.id_events AND manager.id_events = '".$_SESSION['numevent']."' AND manager.employeeID='".$_SESSION['login']."'",
mysqli_real_escape_string($polaczenie,$login))))
{
$ilu_userow = $rezultat->num_rows;
if($ilu_userow>0)
{
$wiersz = $rezultat->fetch_assoc();
$_SESSION['controller'] = "true";
$rezultat->free_result();
header('Location: join_page_style.php');
}
else
{
$_SESSION['controller'] = "false";
//Osoby które nie sa w wydarzeniu
header('Location: join_page_style.php');
}
}
$polaczenie->close();
}
?>