1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42
| if ( isset($_POST['login']) and isset ($_POST['mdp']) )
{
mysql_select_db($database_connection, $connection);
//$query_rsut = sprintf("SELECT * FROM utilisateurs WHERE login = '%s'", $colname_rsut);
$query_rsut ="SELECT * FROM utilisateurs WHERE login = '".$_POST['login']."' and mdp='".$_POST['mdp']."' ";
$rsut = mysql_query($query_rsut, $connection) or die(mysql_error());
$row_rsut = mysql_fetch_assoc($rsut);
$totalRows_rsut = mysql_num_rows($rsut);
}
if ($totalRows_rsut>0)
{
$message = 'Ce utilisateur existe déjà. Modiffication impossible.';
//AppelPage('ajoutclient.php');
}
else
{
$editFormAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
$editFormAction .= "?" . $HTTP_SERVER_VARS['QUERY_STRING'];
}
if ((isset($HTTP_POST_VARS["MM_update"])) && ($HTTP_POST_VARS["MM_update"] == "form1")) {
$updateSQL = sprintf("UPDATE utilisateurs SET login=%s, mdp=%s WHERE NumUtil=%s",
GetSQLValueString($HTTP_POST_VARS['login'], "text"),
GetSQLValueString($HTTP_POST_VARS['mdp'], "text"),
GetSQLValueString($HTTP_POST_VARS['NumUtil'], "int"));
mysql_select_db($database_connection, $connection);
$Result1 = mysql_query($updateSQL, $connection) or die(mysql_error());
$updateGoTo = "gererutilisateur.php";
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
$updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
$updateGoTo .= $HTTP_SERVER_VARS['QUERY_STRING'];
}
header(sprintf("Location: %s", $updateGoTo));
}
} |
Partager