cwsvJudo/homepage/redesign2018/markdownExperiment/wkParticipo/addEvent.php

<?php
	require_once('../local/db.php.inc');
	require_once('../local/wkParticipoConf.php.inc');
	$message = array();
	if(!empty($_POST)){
		if( empty($_POST['f']['wkId']) || empty($_POST['f']['meldefrist']) || empty($_POST['f']['datum']) ){
			$message['error'] = 'Es wurden nicht alle Felder ausgefüllt.';
		}
		else{
			$mysqli = @new mysqli($db_server, $db_user, $db_password, $db_name);
			if ($mysqli->connect_error) {
				$message['error'] = 'Datenbankverbindung fehlgeschlagen: ' . $mysqli->connect_error;
			}
			$query = sprintf(
				"INSERT INTO wkParticipo_Events (wkId, datum, meldefrist)
				SELECT * FROM (SELECT '%s', '%s', '%s') as new_event
				WHERE NOT EXISTS (
					SELECT wkId FROM wkParticipo_Events WHERE wkId = '%s'
				) LIMIT 1;",
				$mysqli->real_escape_string($_POST['f']['wkId']),
				$mysqli->real_escape_string($_POST['f']['datum']),
				$mysqli->real_escape_string($_POST['f']['meldefrist']),
				$mysqli->real_escape_string($_POST['f']['wkId'])
			);
//			echo $query;// die();
			$result = $mysqli->query($query);
//			echo $result; die();
			if ($mysqli->affected_rows == 1) {
				$message['success'] = 'Neues Event zu wkId = ' . htmlspecialchars($_POST['f']['wkId']) . ' angelegt!';
				header('Location: http://' . $_SERVER['HTTP_HOST'] . $wkParticipoConf['rootDir'] . '/index.php');
			} else {
				$message['error'] = 'Event zu wkId = ' . $_POST['f']['wkId'] . ' bereits erstellt!.';
			}
			$mysqli->close();
		}
	} else {
		$message['notice'] = 'Übermitteln Sie das ausgefüllte Formular um ein neues Event zu erstellen.';
	}
?><!DOCTYPE html>
<html>
	<head>
		<meta charset="utf-8" />
		<title>loginsystem - register.php</title>
	</head>
	<body>
		<form action="./addEvent.php" method="post">
<?php if (isset($message['error'])): ?>
			<fieldset class="error"><legend>Fehler</legend><?php echo $message['error'] ?></fieldset>
<?php endif;
	if (isset($message['success'])): ?>
			<fieldset class="success"><legend>Erfolg</legend><?php echo $message['success'] ?></fieldset>
<?php endif;
	if (isset($message['notice'])): ?>
			<fieldset class="notice"><legend>Hinweis</legend><?php echo $message['notice'] ?></fieldset>
<?php endif; ?>
			<fieldset>
				<legend>Benutzerdaten</legend>
				<div><label for="wkId">wkId</label> <input type="text" name="f[wkId]" id="wkId"<?php echo isset($_POST['f']['wkId']) ? ' value="' . htmlspecialchars($_POST['f']['wkId']) . '"' : '' ?> /></div>
				<div><label for="datum">datum</label> <input type="text" name="f[datum]" id="datum" <?php echo isset($_POST['f']['datum']) ? ' value="' . htmlspecialchars($_POST['f']['datum']) . '"' : '' ?> /></div>
				<div><label for="meldefrist">meldefrist</label> <input type="text" name="f[meldefrist]" id="meldefrist" <?php echo isset($_POST['f']['meldefrist']) ? ' value="' . htmlspecialchars($_POST['f']['meldefrist']) . '"' : '' ?> /></div>
			</fieldset>
			<fieldset>
				<div><input type="submit" name="submit" value="Erstellen" /></div>
			</fieldset>
		</form>
	</body>
</html>