001.<?php require_once('../Connections/MyConnec.php'); ?>
002.<?php
003.if (!function_exists("GetSQLValueString")) {
004.function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
005.{
006. if (PHP_VERSION < 6) {
007. $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
008. }
009.
010. $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
011.
012. switch ($theType) {
013. case "text":
014. $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
015. break;
016. case "long":
017. case "int":
018. $theValue = ($theValue != "") ? intval($theValue) : "NULL";
019. break;
020. case "double":
021. $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
022. break;
023. case "date":
024. $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
025. break;
026. case "defined":
027. $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
028. break;
029. }
030. return $theValue;
031.}
032.}
033.$editFormAction = $_SERVER['PHP_SELF'];
034.if (isset($_SERVER['QUERY_STRING'])) {
035. $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
036.}
037.
038.if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form2")) {
039. $updateSQL = sprintf("UPDATE subject SET Sub_id=%s, Sub_name=%s, group_id=%s",
040. GetSQLValueString($_POST['Sub_id'], "text"),
041. GetSQLValueString($_POST['Sub_name'], "text"),
042. GetSQLValueString($_POST['group_id'], "text"));
043.
044. mysql_select_db($database_MyConnec, $MyConnec);
045. $Result1 = mysql_query($updateSQL, $MyConnec) or die(mysql_error());
046.
047. $updateGoTo = "subject.php";
048. if (isset($_SERVER['QUERY_STRING'])) {
049. $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
050. $updateGoTo .= $_SERVER['QUERY_STRING'];
051. }
052. header(sprintf("Location: %s", $updateGoTo));
053.}
054.
055.if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form2")) {
056. $updateSQL = sprintf("UPDATE subject SET Sub_id=%s, St_User=%s, Sub_name=%s, group_id=%s",
057. GetSQLValueString($_POST['Sub_id'], "text"),
058. GetSQLValueString($_POST['St_User'], "text"),
059. GetSQLValueString($_POST['Sub_name'], "text"));
060.
061.
062. mysql_select_db($database_MyConnec, $MyConnec);
063. $Result1 = mysql_query($updateSQL, $MyConnec) or die(mysql_error());
064.
065. $updateGoTo = "subject.php";
066. if (isset($_SERVER['QUERY_STRING'])) {
067. $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
068. $updateGoTo .= $_SERVER['QUERY_STRING'];
069. }
070. header(sprintf("Location: %s", $updateGoTo));
071.}
072.
073.$colname_Recordset1 = "-1";
074.if (isset($_GET['Sub_id'])) {
075. $colname_Recordset1 = $_GET['Sub_id'];
076.}
077.mysql_select_db($database_MyConnec, $MyConnec);
078.$query_Recordset1 = sprintf("SELECT * FROM subject WHERE Sub_id = %s", GetSQLValueString($colname_Recordset1, "int"));
079.$Recordset1 = mysql_query($query_Recordset1, $MyConnec) or die(mysql_error());
080.$row_Recordset1 = mysql_fetch_assoc($Recordset1);
081.$totalRows_Recordset1 = mysql_num_rows($Recordset1);
082.?>
085.<head>
086.<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
087.<title>Untitled Document</title>
088.<meta name="viewport" content="width=device-width, initial-scale=1">
092.
093.</head>
094.
095.<body>
096.<nav class="navbar navbar-inverse">
097. <div class="container-fluid">
098. <div class="navbar-header">
099. <a class="navbar-brand" href="for_admin.php">รายชื่อวิชา</a>
100. </div>
101. <ul class="nav navbar-nav">
102. <li class="active"><a href="for_admin.php">Home</a></li>
103. <li><a href="Student_Information.php">ผู้ใช้งาน</a></li>
104. <li><a href="subject.php">รายวิชา</a></li>
105. <li><a href="report.php">ออกรายงาน</a></li>
106. </ul>
107. <ul class="nav navbar-nav navbar-right">
108. <li><a href="index.php"><span class="glyphicon glyphicon-log-in"></span> Logout</a></li>
109. </ul>
110. </div>
111.</nav>
112.<p> </p>
113.<div class="row">
114. <div class="col-sm-4"></div>
115. <div class="row">
116. <div class="col-xs-4">
117. </div>
118.</div>
119.</div>
120.<form action="<?php echo $editFormAction; ?>" method="post" name="form2" id="form2">
121. <table align="center">
122. <tr valign="baseline">
123. <td nowrap="nowrap" align="right">ลำดับ ::</td>
124. <td><input type="text" name="Sub_id" class="form-control" value="<?php echo htmlentities($row_Recordset1['Sub_id'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
125. </tr>
126. <tr valign="baseline">
127. <td nowrap="nowrap" align="right">ชื่อวิชา ::</td>
128. <td><input type="text" name="Sub_name" class="form-control" value="<?php echo htmlentities($row_Recordset1['Sub_name'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
129. </tr>
130. <tr valign="baseline">
131. <td nowrap="nowrap" align="right">ระดับสมรรถนะ ::</td>
132. <td><input type="text" name="group_id" class="form-control" value="<?php echo htmlentities($row_Recordset1['group_id'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
133. </tr>
134. <tr valign="baseline">
135. <td nowrap="nowrap" align="right"> </td>
136. <td><br><div align="center">
137. <input type="submit" class="btn btn-success" value="ตกลง" />
138. </div></td>
139. </tr>
140. </table>
141. <input type="hidden" name="MM_update" value="form2" />
142. <input type="hidden" name="Sub_id" value="<?php echo $row_Recordset1['Sub_id']; ?>" />
143.</form>
144.<p> </p>
145.</body>
146.</html>
147.<?php
148.mysql_free_result($Recordset1);
149.?>
