-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaddStaff.php
50 lines (41 loc) · 1.57 KB
/
addStaff.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
<?php
session_start();
require_once('Scripts/DBConnect.php');
require_once("Scripts/GeneralScripts.php");
checkLoginPermissions(2);
if($_SERVER['REQUEST_METHOD'] == "POST"){
$message;
// Get Posted Values
$Forename = $_POST['Forename'];
$Surname = $_POST['Surname'];
$Email = $_POST['Email'];
$Username = $_POST['Username'];
$Password = password_hash($_POST['Password'], PASSWORD_BCRYPT);
// Check if username already exists
$sqlUserCheck = " SELECT
s.Username
FROM tblstaff s
WHERE s.Username = '$Username'";
$result = mysqli_query($db, $sqlUserCheck);
if($result->num_rows == 0){
// If username unique, insert record
$sqlInsert = " INSERT INTO tblStaff (Forename, Surname, Email, Username, Password)
VALUES (
'$Forename',
'$Surname',
'$Email',
'$Username',
'$Password'
)";
mysqli_query($db, $sqlInsert);
$message = "Staff Member Added Successfully.";
}
else{
$message = "Error: Login Username already exists in the database";
}
header("location: viewstaff.php?UploadStatus=$message&SearchText=$Username");
}
else {
header("location: index.php");
}
?>