112 lines
3.9 KiB
PHP
112 lines
3.9 KiB
PHP
<?php
|
|
declare(strict_types=1);
|
|
session_start();
|
|
require_once 'db/config.php';
|
|
|
|
// Security check: only administrators can access this page
|
|
if (!isset($_SESSION['role']) || $_SESSION['role'] !== 'administrator') {
|
|
header('Location: login.php');
|
|
exit;
|
|
}
|
|
|
|
$errors = [];
|
|
$horse = null;
|
|
$horse_id = $_GET['id'] ?? null;
|
|
|
|
if (!$horse_id) {
|
|
header('Location: admin_horses.php');
|
|
exit;
|
|
}
|
|
|
|
// Handle Update Horse
|
|
if (isset($_POST['action']) && $_POST['action'] === 'edit_horse') {
|
|
$name = $_POST['name'] ?? '';
|
|
$breed = $_POST['breed'] ?? '';
|
|
$description = $_POST['description'] ?? '';
|
|
$image_url = $_POST['image_url'] ?? '';
|
|
|
|
if (empty($name) || empty($breed)) {
|
|
$errors[] = 'Name and Breed are required.';
|
|
} else {
|
|
try {
|
|
$pdo = db();
|
|
$stmt = $pdo->prepare('UPDATE horses SET name = ?, breed = ?, description = ?, image_url = ? WHERE id = ?');
|
|
$stmt->execute([$name, $breed, $description, $image_url, $horse_id]);
|
|
header('Location: admin_horses.php?edited=true');
|
|
exit;
|
|
} catch (PDOException $e) {
|
|
$errors[] = 'Database error: ' . $e->getMessage();
|
|
}
|
|
}
|
|
}
|
|
|
|
// Fetch the horse
|
|
try {
|
|
$pdo = db();
|
|
$stmt = $pdo->prepare('SELECT * FROM horses WHERE id = ?');
|
|
$stmt->execute([$horse_id]);
|
|
$horse = $stmt->fetch();
|
|
if (!$horse) {
|
|
header('Location: admin_horses.php');
|
|
exit;
|
|
}
|
|
} catch (PDOException $e) {
|
|
$errors[] = 'Database error: ' . $e->getMessage();
|
|
}
|
|
|
|
?>
|
|
<!doctype html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="utf-8" />
|
|
<meta name="viewport" content="width=device-width, initial-scale=1" />
|
|
<title>Admin: Edit Horse</title>
|
|
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
|
|
</head>
|
|
<body>
|
|
<div class="container mt-5">
|
|
<div class="d-flex justify-content-between align-items-center mb-4">
|
|
<h1>Edit Horse: <?= htmlspecialchars($horse['name']) ?></h1>
|
|
<a href="admin_horses.php" class="btn btn-info">← Back to Manage Horses</a>
|
|
</div>
|
|
|
|
<?php if (!empty($errors)): ?>
|
|
<div class="alert alert-danger">
|
|
<?php foreach ($errors as $error): ?>
|
|
<p class="mb-0"><?= htmlspecialchars($error) ?></p>
|
|
<?php endforeach; ?>
|
|
</div>
|
|
<?php endif; ?>
|
|
|
|
<div class="card">
|
|
<div class="card-header">Edit Horse Details</div>
|
|
<div class="card-body">
|
|
<form action="edit_horse.php?id=<?= $horse_id ?>" method="post">
|
|
<input type="hidden" name="action" value="edit_horse">
|
|
<div class="form-row">
|
|
<div class="form-group col-md-6">
|
|
<label for="name">Name</label>
|
|
<input type="text" class="form-control" id="name" name="name" value="<?= htmlspecialchars($horse['name']) ?>" required>
|
|
</div>
|
|
<div class="form-group col-md-6">
|
|
<label for="breed">Breed</label>
|
|
<input type="text" class="form-control" id="breed" name="breed" value="<?= htmlspecialchars($horse['breed']) ?>" required>
|
|
</div>
|
|
</div>
|
|
<div class="form-group">
|
|
<label for="description">Description</label>
|
|
<textarea class="form-control" id="description" name="description" rows="3"><?= htmlspecialchars($horse['description']) ?></textarea>
|
|
</div>
|
|
<div class="form-group">
|
|
<label for="image_url">Image URL</label>
|
|
<input type="text" class="form-control" id="image_url" name="image_url" value="<?= htmlspecialchars($horse['image_url']) ?>">
|
|
</div>
|
|
<button type="submit" class="btn btn-primary">Update Horse</button>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
|
|
</div>
|
|
</body>
|
|
</html>
|