.
**/
try{
if(isset($_GET['list'])){
$filter="WHERE id<>0";
$filter_array=array();
if(isset($_POST['filter'])){
if(isset($_POST['f_search'])){
$filter.=" and (name_1 LIKE ? or name_2 LIKE ?)";
array_push($filter_array, "%".$_POST['f_search']."%", "%".$_POST['f_search']."%");
}
}
$sql=$db->prepare("SELECT id, name_1, name_2 FROM subjects ".$filter." ORDER BY name_1 ASC, name_2 ASC");
$sql->execute($filter_array);
//print list
echo "
".$lang['id']." |
".$lang['name_1']." |
".$lang['name_2']." |
".($_SESSION['accesslevel']>=3?"".$lang['tools']." | ":"")."
";
while($row=$sql->fetch(PDO::FETCH_ASSOC)){
echo "
".$row['id']." |
".$row['name_1']." |
".$row['name_2']." |
".($_SESSION['accesslevel']>=3?"
| ":"")."
";
}
}
if(isset($_POST['new'])){
$sql=$db->prepare("SELECT count(id) AS count FROM subjects WHERE name_1=:name_1 or name_2=:name_2");
$sql->execute(array(":name_1"=>$_POST['name_1'], ":name_2" =>$_POST['name_2']));
$res=$sql->fetch(PDO::FETCH_ASSOC);
if($res['count']>0){
functions::setError(7);
}
else{
$sql=$db->prepare("INSERT INTO subjects (name_1, name_2) VALUES (:name_1, :name_2)");
$sql->execute(array(":name_1"=>$_POST['name_1'], ":name_2"=>$_POST['name_2']));
$res=$sql->rowCount();
if($res>0){
functions::setMessage(3);
}
else{
functions::setError(4);
}
}
}
if(isset($_POST['delete'])){
$sql=$db->prepare("DELETE FROM subjects WHERE id=:id");
$sql->execute(array(":id"=>$_POST['delete']));
$res=$sql->rowCount();
if($res>0){
functions::setMessage(4);
}
else{
functions::setError(4);
}
}
if(isset($_GET['getdata'])){
$sql=$db->prepare("SELECT COUNT(id) AS count, id, name_1, name_2 FROM subjects WHERE id=:id");
$sql->execute(array(":id"=>$_GET['getdata']));
$res=$sql->fetch(PDO::FETCH_ASSOC);
if($res['count']<1){
functions::setError(6);
}
else{
echo json_encode($res);
}
}
if(isset($_POST['edit'])){
$sql=$db->prepare("SELECT COUNT(id) AS count FROM subjects WHERE id=:id");
$sql->execute(array(":id"=>$_POST['edit']));
$res=$sql->fetch(PDO::FETCH_ASSOC);
if($res['count']<1){
functions::setError(6);
}
else{
$sql=$db->prepare("UPDATE subjects SET name_1=:name_1, name_2=:name_2 WHERE id=:id");
$sql->execute(array(":name_1"=>$_POST['name_1'], ":name_2"=>$_POST['name_2'], ":id"=>$_POST['edit']));
$res=$sql->rowCount();
if($res>0){
functions::setMessage(5);
}
else{
functions::setError(4);
}
}
}
}
catch(Exception $e){
functions::setError(500);
error_log($e);
}