add-track.php 2.77 KB
Newer Older
Sorrel Harriet's avatar
Sorrel Harriet committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
<?php

$content = "<h1>Add a track</h1>";

// define a variable with path to the script which will process form
// ->	$_SERVER["PHP_SELF"] is a path to the current script (index.php)
$action = $_SERVER["PHP_SELF"]."?page=add-track";

// fetch the albums so that we have access to their names and prices
$sql = "SELECT upc, title 
        FROM Album
	    ORDER BY title";

$result = mysqli_query($link, $sql);

// check query returned a result
if ($result === false) {
    echo mysqli_error($link);
} else {
    $options = "";
    // create an option for each artist
    while ($row = mysqli_fetch_assoc($result)) {
        $options .= "<option value='".$row['upc']."'>";
        $options .= $row['title'];
        $options .= "</option>";
    }
}

// define the form HTML (would ideally be in a template)
$form_html = "<form action='".$action."' method='POST'>
				<fieldset>
					<label for='t_name'>Name:</label>
					<input type='text' name='t_name' required>
				</fieldset>
                <fieldset>
                    <label for='t_number'>Track number:</label>
					<input type='number' name='t_number' min='1' max='25'>
                </fieldset>
                <fieldset>
                    <label for='a_upc'>Album:</label>
                    <select name='a_upc' required>
						<option value='' disabled selected>Select an album</option>

                        ".$options."
                    </select>
                </fieldset>
                <button type='submit'>Submit</button>
              </form>";

// append form HTML to content string
$content .= $form_html;

// ------- START form processing code... -------


// define variables and set to empty values
$title = $artist_id = $price = $year = $genre = "";

// check if there was a POST request
if ($_SERVER["REQUEST_METHOD"] == "POST") {
	// validate the form data
	$a_upc = mysqli_real_escape_string($link, clean_input($_POST["a_upc"]));
	$t_name =  mysqli_real_escape_string($link, clean_input($_POST["t_name"]));
	$t_number =  mysqli_real_escape_string($link, clean_input($_POST["t_number"]));

	// define the insertion query
	$sql = sprintf("INSERT INTO Track (album_upc, name, track_number)
		VALUES ('%s', '%s', %d)", $a_upc, $t_name, $t_number);

	// run the query to insert the data
	$result = mysqli_query($link, $sql);

	// check if the query went ok
	if ($result === false) {
		// handle specific errors based on mysli error number code
		// (in order to output more useful message to user!)
		$errno = mysqli_errno($link);
		switch ($errno) {
			case 1062 : // case for duplicate entry
				$content .= "There is already a track with that name or number.";
				break;
			default :
				echo mysqli_error($link);
		}
				
	} else {
		$content .= "Track successfully added.";
	}

    }

    // ------- END form processing code... -------

?>