49 lines
1.1 KiB
PHP
49 lines
1.1 KiB
PHP
<?php
|
|
//create_cat.php
|
|
include 'connect.php';
|
|
include 'header.php';
|
|
|
|
echo '<h2>Create a category</h2>';
|
|
if($_SESSION['signedIn'] == false | $_SESSION['userLevel'] != 1 )
|
|
{
|
|
//the user is not an admin
|
|
echo 'Sorry, you do not have sufficient rights to access this page.';
|
|
}
|
|
else
|
|
{
|
|
//the user has admin rights
|
|
if($_SERVER['REQUEST_METHOD'] != 'POST')
|
|
{
|
|
//the form hasn't been posted yet, display it
|
|
echo '<form method="post" action="">
|
|
<label for="catName">Name: </label></br>
|
|
<input type="text" name="catName" /><br /></br>
|
|
<label for="catDescr">Description: </label><br />
|
|
<textarea name="catDescr" /></textarea><br /><br />
|
|
<input type="submit" value="Add category" />
|
|
</form>';
|
|
}
|
|
else
|
|
{
|
|
//the form has been posted, so save it
|
|
$sql = "INSERT INTO categories(catName, catDescr)
|
|
VALUES(?, ?)";
|
|
|
|
$stmt = $conn->prepare($sql);
|
|
$stmt->bind_param('ss', $_POST['catName'], $_POST['catDescr']);
|
|
|
|
if(!$stmt->execute())
|
|
{
|
|
//something went wrong, display the error
|
|
echo 'Error' . $conn->error;
|
|
}
|
|
else
|
|
{
|
|
echo 'New category succesfully added. Go <a href"index.php">Home</a>.';
|
|
}
|
|
}
|
|
}
|
|
|
|
include 'footer.php';
|
|
?>
|