1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
| if ( isset($_POST['login']) and isset ($_POST['mdp']) )
{
mysql_select_db($database_connection, $connection);
//$query_rsut = sprintf("SELECT * FROM utilisateurs WHERE login = '%s'", $colname_rsut);
$query_rsut ="SELECT * FROM utilisateurs WHERE login = '".$_POST['login']."' and mdp='".$_POST['mdp']."' ";
$rsut = mysql_query($query_rsut, $connection) or die(mysql_error());
$row_rsut = mysql_fetch_assoc($rsut);
$totalRows_rsut = mysql_num_rows($rsut);
}
if ($totalRows_rsut>0)
{
$message = 'Ce utilisateur existe déjà. Modiffication impossible.';
//AppelPage('ajoutclient.php');
}
else
{
$editFormAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
$editFormAction .= "?" . $HTTP_SERVER_VARS['QUERY_STRING'];
}
if ((isset($HTTP_POST_VARS["MM_update"])) && ($HTTP_POST_VARS["MM_update"] == "form1")) {
$updateSQL = sprintf("UPDATE utilisateurs SET login=%s, mdp=%s WHERE NumUtil=%s",
GetSQLValueString($HTTP_POST_VARS['login'], "text"),
GetSQLValueString($HTTP_POST_VARS['mdp'], "text"),
GetSQLValueString($HTTP_POST_VARS['NumUtil'], "int"));
mysql_select_db($database_connection, $connection);
$Result1 = mysql_query($updateSQL, $connection) or die(mysql_error());
$updateGoTo = "gererutilisateur.php";
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
$updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
$updateGoTo .= $HTTP_SERVER_VARS['QUERY_STRING'];
}
header(sprintf("Location: %s", $updateGoTo));
}
} |
Contrôler les modification apportées
Répondre avec citation
Partager