ajoutcontact.php 3.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116
  1. <html>
  2. <head>
  3. <title>Ajouter un contact</title>
  4. <link href="custom.css" rel="stylesheet">
  5. <meta name="viewport" content="width=device-width">
  6. </head>
  7. <body>
  8. <h1>Ajouter un contact</h1>
  9. <?php
  10. session_start();
  11. if (!isset($_SESSION['loggedin'])) {
  12. header("Location: login.php");
  13. exit;
  14. } else {
  15. $prenom = $_SESSION['first_name'];
  16. $nom = $_SESSION['last_name'];
  17. $profession = $_SESSION['profession'];
  18. $idsession = $_SESSION['ID'];
  19. }
  20. include_once 'class/sqlconnect.php';
  21. try {
  22. $conn = new PDO("mysql:host=$host;dbname=$dbname", $dbusername, $dbpassword);
  23. $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  24. $stmt = $conn->prepare("SELECT ID FROM users WHERE username = :username");
  25. $stmt->bindParam(':username', $_SESSION['username']);
  26. $stmt->execute();
  27. $result = $stmt->fetch(PDO::FETCH_ASSOC);
  28. $idsession = $result['ID'];
  29. } catch (PDOException $e) {
  30. echo "Error: " . $e->getMessage();
  31. }
  32. $conn = null;
  33. include 'class/sqlconnect.php';
  34. if(isset($_POST['submit'])){
  35. $prenom = $_POST['Prenom'];
  36. $nom = $_POST['Nom'];
  37. $poste = $_POST['Poste'];
  38. $poste = htmlentities($poste);
  39. $poste = str_replace("'", "\'", $poste);
  40. $mobile = $_POST['Mobile'];
  41. $entreprise = $_POST['IDEntreprise'];
  42. $mail = $_POST['Mail'];
  43. $sql = "INSERT INTO Contact (Prenom, Nom, Poste, Mobile, IDEntreprise, IDUser, Mail) VALUES ('$prenom', '$nom', '$poste', '$mobile', '$entreprise', '$idsession', '$mail')";
  44. mysqli_query($conn, $sql);
  45. }
  46. ?>
  47. <a href="index.php">Revenir à l'accueil</a><br><br>
  48. <form method="post" action="">
  49. <table>
  50. <tr>
  51. <td>
  52. <label for="Prenom">Prénom :</label>
  53. </td>
  54. <td>
  55. <input type="text" name="Prenom" required>
  56. </td>
  57. </tr>
  58. <tr>
  59. <td>
  60. <label for="Nom">Nom :</label>
  61. </td>
  62. <td>
  63. <input type="text" name="Nom" required>
  64. </td>
  65. </tr>
  66. <tr>
  67. <td>
  68. <label for="Poste">Poste occupé :</label>
  69. </td>
  70. <td>
  71. <input type="text" name="Poste" >
  72. </td>
  73. </tr>
  74. <tr>
  75. <td>
  76. <label for="Mobile">Numéro de mobile (format 0102030405) :</label>
  77. </td>
  78. <td>
  79. <input type="text" name="Mobile" pattern="0[0-9]{9}" >
  80. </td>
  81. </tr>
  82. <tr>
  83. <td>
  84. <label for="Mail">Adresse e-mail :</label>
  85. </td>
  86. <td>
  87. <input type="email" name="Mail" >
  88. </td>
  89. </tr>
  90. <tr>
  91. <td>
  92. <label for="Entreprise">Entreprise :</label>
  93. </td>
  94. <td>
  95. <select name="IDEntreprise">
  96. <?php
  97. $sql = "SELECT ID, NomSociete FROM Entreprise WHERE UserID =" . $idsession . ";";
  98. $result = mysqli_query($conn, $sql);
  99. while($row = mysqli_fetch_assoc($result)){
  100. echo "<option value='" . $row['ID'] . "'>" . $row['NomSociete'] . "</option>";
  101. }
  102. ?>
  103. </select>
  104. </td>
  105. </tr>
  106. </table>
  107. <br>
  108. <input type="submit" name="submit" value="Ajouter">
  109. </form>
  110. </body>
  111. </html>