28 lines
904 B
PHP
28 lines
904 B
PHP
<?php
|
|
require_once '../auth_helper.php';
|
|
require_login();
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['id'])) {
|
|
$candId = $_POST['id'];
|
|
$positionId = $_POST['position_id'];
|
|
$partyName = $_POST['party_name'];
|
|
$manifesto = $_POST['manifesto'];
|
|
$pdo = db();
|
|
|
|
try {
|
|
$stmt = $pdo->prepare("UPDATE candidates SET position_id = ?, party_name = ?, manifesto = ? WHERE id = ?");
|
|
$stmt->execute([$positionId, $partyName, $manifesto, $candId]);
|
|
|
|
$currentUser = get_user();
|
|
audit_log('candidate_updated', 'candidates', $candId, null, null, "Updated candidate ID $candId");
|
|
|
|
header("Location: ../candidate_management.php?success=candidate_updated");
|
|
exit;
|
|
} catch (PDOException $e) {
|
|
die("Error updating candidate: " . $e->getMessage());
|
|
}
|
|
} else {
|
|
header("Location: ../candidate_management.php");
|
|
exit;
|
|
}
|