116 lines
4.0 KiB
PHP
116 lines
4.0 KiB
PHP
<?php
|
|
session_start();
|
|
require_once 'db/config.php';
|
|
|
|
// If the user is not logged in as admin, redirect to the login page.
|
|
if (!isset($_SESSION['user']) || $_SESSION['user'] !== 'admin') {
|
|
header('Location: login.php');
|
|
exit;
|
|
}
|
|
|
|
$attendee = null;
|
|
$message = '';
|
|
|
|
if (!isset($_GET['id']) && $_SERVER['REQUEST_METHOD'] !== 'POST') {
|
|
header('Location: admin.php');
|
|
exit;
|
|
}
|
|
|
|
$id = $_GET['id'] ?? $_POST['id'];
|
|
|
|
try {
|
|
$pdo = db();
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
|
|
// Update logic
|
|
$fields = ['first_name', 'last_name', 'email', 'company', 'how_did_you_hear', 'consented'];
|
|
$sql = 'UPDATE attendees SET ';
|
|
$params = [];
|
|
foreach ($fields as $field) {
|
|
if (isset($_POST[$field])) {
|
|
$sql .= "$field = ?, ";
|
|
$params[] = $_POST[$field];
|
|
}
|
|
}
|
|
$sql = rtrim($sql, ', ') . ' WHERE id = ?';
|
|
$params[] = $_POST['id'];
|
|
|
|
$stmt = $pdo->prepare($sql);
|
|
$stmt->execute($params);
|
|
header('Location: admin.php');
|
|
exit;
|
|
}
|
|
|
|
// Fetch logic
|
|
$stmt = $pdo->prepare('SELECT * FROM attendees WHERE id = ?');
|
|
$stmt->execute([$id]);
|
|
$attendee = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
|
|
if (!$attendee) {
|
|
header('Location: admin.php');
|
|
exit;
|
|
}
|
|
|
|
} catch (PDOException $e) {
|
|
die("Database error: " . $e->getMessage());
|
|
}
|
|
|
|
?>
|
|
<!DOCTYPE html>
|
|
<html lang="en">
|
|
<head>
|
|
<meta charset="UTF-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title>Edit Attendee</title>
|
|
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css" rel="stylesheet">
|
|
<style>
|
|
body {
|
|
background-color: #121212;
|
|
color: #e0e0e0;
|
|
}
|
|
.container {
|
|
max-width: 600px;
|
|
padding-top: 2rem;
|
|
}
|
|
h1 {
|
|
color: #ffd700;
|
|
}
|
|
</style>
|
|
</head>
|
|
<body>
|
|
<div class="container">
|
|
<h1 class="mb-4">Edit Attendee #<?= htmlspecialchars($attendee['id']) ?></h1>
|
|
<form method="POST">
|
|
<input type="hidden" name="id" value="<?= htmlspecialchars($attendee['id']) ?>">
|
|
<div class="mb-3">
|
|
<label for="first_name" class="form-label">First Name</label>
|
|
<input type="text" class="form-control" id="first_name" name="first_name" value="<?= htmlspecialchars($attendee['first_name']) ?>">
|
|
</div>
|
|
<div class="mb-3">
|
|
<label for="last_name" class="form-label">Last Name</label>
|
|
<input type="text" class="form-control" id="last_name" name="last_name" value="<?= htmlspecialchars($attendee['last_name']) ?>">
|
|
</div>
|
|
<div class="mb-3">
|
|
<label for="email" class="form-label">Email</label>
|
|
<input type="email" class="form-control" id="email" name="email" value="<?= htmlspecialchars($attendee['email']) ?>">
|
|
</div>
|
|
<div class="mb-3">
|
|
<label for="company" class="form-label">Company</label>
|
|
<input type="text" class="form-control" id="company" name="company" value="<?= htmlspecialchars($attendee['company']) ?>">
|
|
</div>
|
|
<div class="mb-3">
|
|
<label for="how_did_you_hear" class="form-label">How did you hear?</label>
|
|
<input type="text" class="form-control" id="how_did_you_hear" name="how_did_you_hear" value="<?= htmlspecialchars($attendee['how_did_you_hear']) ?>">
|
|
</div>
|
|
<div class="mb-3 form-check">
|
|
<input type="hidden" name="consented" value="0">
|
|
<input type="checkbox" class="form-check-input" id="consented" name="consented" value="1" <?= $attendee['consented'] ? 'checked' : '' ?>>
|
|
<label class="form-check-label" for="consented">Consented</label>
|
|
</div>
|
|
<button type="submit" class="btn btn-primary">Save Changes</button>
|
|
<a href="admin.php" class="btn btn-secondary">Cancel</a>
|
|
</form>
|
|
</div>
|
|
</body>
|
|
</html>
|