I have folders and pages /admin/add/index.php, /admin/edit/index.php & /admin/view/index.php which all are requiring page /admin/php.php which has all of my php code for each, I’m getting fail to open stream errors. Should I be seperating them with <? ?> or is doing what I’m doing not possible or the best approach?
My admin/php.php file:
<?php
FOR ADD CONTACT PAGE
require ("../../dbandpassword.php");
$ID = $_POST['ID'];
$firstname = mysqli_real_escape_string($con,$_POST['firstname']);
$lastname = mysqli_real_escape_string($con,$_POST['lastname']);
$sql = "INSERT INTO table (firstname, lastname) VALUES ('$firstname', '$lastname')";
mysqli_query($con,$sql) or die ("Error: ".mysqli_error($con));
header("location: http://www.mydomain.com/admin/edit/?ID=".mysqli_insert_id($con));
exit;
}
FOR EDIT CONTACT PAGE
require ("../../dbandpassword.php");
$ID = $_POST['ID'];
$firstname = mysqli_real_escape_string($con,$_POST['firstname']);
$lastname = mysqli_real_escape_string($con,$_POST['lastname']);
$sql = "UPDATE table SET `firstname` = '$firstname', `lasttname` = '$lastname' WHERE `table`.`ID` = '$ID' LIMIT 1";
mysqli_query($con,$sql) or die ("Error: ".mysqli_error($con));
FOR VIEW CONTACT PAGE
require ("../../dbandpassword.php");
$ID = $_GET['ID'];
$sql = "SELECT * FROM table WHERE ID='$ID' limit 1" or die ('Error: ' .mysqli_error());
$query = mysqli_query($con,$sql) or die ('Error: ' .mysqli_error($con));
$row = mysqli_fetch_array($query);
$space = (!empty($row['firstname']) && !empty($row['lastname'])) ? ' ' : '';
$name = $row['firstname'].$space.$row['lastname'];
mysqli_query($con,$sql) or die ("Error: ".mysqli_error($con));
FOR VIEW ALL CONTACTS PAGE
require ("../dbandpassword.php");
$ID=$_GET['ID'];
$query = "SELECT * FROM table WHERE firstname IN ('Bob','Joe') AND lastname = 'Smith' ORDER BY date DESC";
$result=mysqli_query($con,$query);
while ($row = mysqli_fetch_array($result)) {
$space = (!empty($row['firstname']) && !empty($row['lastname'])) ? ' ' : '';
$name = $row['firstname'].$space.$row['lastname'];
mysqli_query($con,$query) or die ("Error: ".mysqli_error($con));
}
?>
Its better to create a php file and then create separate function for each of the action like