117 lines
3.0 KiB
PHP
117 lines
3.0 KiB
PHP
|
<html>
|
||
|
|
<head>
|
||
|
|
<title>Ajouter un contact</title>
|
||
|
|
<link href="custom.css" rel="stylesheet">
|
||
|
|
<meta name="viewport" content="width=device-width">
|
||
|
|
</head>
|
||
|
|
<body>
|
||
|
|
<h1>Ajouter un contact</h1>
|
||
|
|
<?php
|
||
|
|
session_start();
|
||
|
|
|
||
|
|
if (!isset($_SESSION['loggedin'])) {
|
||
|
|
header("Location: login.php");
|
||
|
|
exit;
|
||
|
|
} else {
|
||
|
|
$prenom = $_SESSION['first_name'];
|
||
|
|
$nom = $_SESSION['last_name'];
|
||
|
|
$profession = $_SESSION['profession'];
|
||
|
|
$idsession = $_SESSION['ID'];
|
||
|
|
}
|
||
|
|
include_once 'class/sqlconnect.php';
|
||
|
|
try {
|
||
|
|
$conn = new PDO("mysql:host=$host;dbname=$dbname", $dbusername, $dbpassword);
|
||
|
|
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||
|
|
$stmt = $conn->prepare("SELECT ID FROM users WHERE username = :username");
|
||
|
|
$stmt->bindParam(':username', $_SESSION['username']);
|
||
|
|
$stmt->execute();
|
||
|
|
|
||
|
|
$result = $stmt->fetch(PDO::FETCH_ASSOC);
|
||
|
|
$idsession = $result['ID'];
|
||
|
|
|
||
|
|
} catch (PDOException $e) {
|
||
|
|
echo "Error: " . $e->getMessage();
|
||
|
|
}
|
||
|
|
$conn = null;
|
||
|
|
include 'class/sqlconnect.php';
|
||
|
|
|
||
|
|
if(isset($_POST['submit'])){
|
||
|
|
$prenom = $_POST['Prenom'];
|
||
|
|
$nom = $_POST['Nom'];
|
||
|
|
$poste = $_POST['Poste'];
|
||
|
|
$poste = htmlentities($poste);
|
||
|
|
$poste = str_replace("'", "\'", $poste);
|
||
|
|
$mobile = $_POST['Mobile'];
|
||
|
|
$entreprise = $_POST['IDEntreprise'];
|
||
|
|
$mail = $_POST['Mail'];
|
||
|
|
|
||
|
|
$sql = "INSERT INTO Contact (Prenom, Nom, Poste, Mobile, IDEntreprise, IDUser, Mail) VALUES ('$prenom', '$nom', '$poste', '$mobile', '$entreprise', '$idsession', '$mail')";
|
||
|
|
mysqli_query($conn, $sql);
|
||
|
|
}
|
||
|
|
?>
|
||
|
|
<a href="index.php">Revenir à l'accueil</a><br><br>
|
||
|
|
<form method="post" action="">
|
||
|
|
<table>
|
||
|
|
<tr>
|
||
|
|
<td>
|
||
|
|
<label for="Prenom">Prénom :</label>
|
||
|
|
</td>
|
||
|
|
<td>
|
||
|
|
<input type="text" name="Prenom" required>
|
||
|
|
</td>
|
||
|
|
</tr>
|
||
|
|
<tr>
|
||
|
|
<td>
|
||
|
|
<label for="Nom">Nom :</label>
|
||
|
|
</td>
|
||
|
|
<td>
|
||
|
|
<input type="text" name="Nom" required>
|
||
|
|
</td>
|
||
|
|
</tr>
|
||
|
|
<tr>
|
||
|
|
<td>
|
||
|
|
<label for="Poste">Poste occupé :</label>
|
||
|
|
</td>
|
||
|
|
<td>
|
||
|
|
<input type="text" name="Poste" >
|
||
|
|
</td>
|
||
|
|
</tr>
|
||
|
|
<tr>
|
||
|
|
<td>
|
||
|
|
<label for="Mobile">Numéro de mobile (format 0102030405) :</label>
|
||
|
|
</td>
|
||
|
|
<td>
|
||
|
|
<input type="text" name="Mobile" pattern="0[0-9]{9}" >
|
||
|
|
</td>
|
||
|
|
</tr>
|
||
|
|
<tr>
|
||
|
|
<td>
|
||
|
|
<label for="Mail">Adresse e-mail :</label>
|
||
|
|
</td>
|
||
|
|
<td>
|
||
|
|
<input type="email" name="Mail" >
|
||
|
|
</td>
|
||
|
|
</tr>
|
||
|
|
<tr>
|
||
|
|
<td>
|
||
|
|
<label for="Entreprise">Entreprise :</label>
|
||
|
|
</td>
|
||
|
|
<td>
|
||
|
|
<select name="IDEntreprise">
|
||
|
|
<?php
|
||
|
|
$sql = "SELECT ID, NomSociete FROM Entreprise WHERE UserID =" . $idsession . ";";
|
||
|
|
$result = mysqli_query($conn, $sql);
|
||
|
|
while($row = mysqli_fetch_assoc($result)){
|
||
|
|
echo "<option value='" . $row['ID'] . "'>" . $row['NomSociete'] . "</option>";
|
||
|
|
}
|
||
|
|
?>
|
||
|
|
</select>
|
||
|
|
</td>
|
||
|
|
</tr>
|
||
|
|
</table>
|
||
|
|
<br>
|
||
|
|
<input type="submit" name="submit" value="Ajouter">
|
||
|
|
</form>
|
||
|
|
</body>
|
||
|
|
</html>
|