diff --git a/wblibadmin.php b/wblibadmin.php
index 57983a1..4ba72ee 100644
--- a/wblibadmin.php
+++ b/wblibadmin.php
@@ -3,14 +3,15 @@
include 'config.php';
if (!isset($_SESSION['memno'])) {
header("location:wblogin.php");
- }
+ }
+ $auth = $_SESSION['memno'];
// $user = $conn->query("select * from Wbusers where MemNo = '{$_SESSION[('memno')]}';")->fetch_assoc();
//include 'config.php';
// $profiles = $conn->query("SELECT * FROM profiles WHERE memNo > 0 AND Active = 1 ORDER BY Name");
- $profiles = $conn->query(" SELECT OrderNumber, TO_CHAR(OrderDate, 'DD-MM-YYYY') Dt, Subject, Link FROM Resources ORDER BY OrderDate DESC ");
+ $profiles = $conn->query(" SELECT DocNo, OrderNumber, TO_CHAR(OrderDate, 'DD-MM-YYYY') Dt, Subject, Link FROM Resources ORDER BY DocNo DESC ");
?>
@@ -44,10 +45,62 @@
-
+//
-
Library & Resources
+
Library & Resources Admin
+
+query("select MemNo from AuthMatrix where BINARY MemNo = $auth and BINARY Page = $pageno ") ->num_rows == 1) {
+ $mysubmit = 1;
+ echo "You are authorized to perform this action.";
+ } else{
+ $mysubmit = 0;
+ echo "You are not authorized to perform this action.";
+ }
+ }
+}
+
+
+if ($_REQUEST['btn_submit']=="Create") {
+ //echo "a";
+ //echo $mysubmit;
+ if ($_SERVER['REQUEST_METHOD'] == "POST") {
+ //echo "b";
+ $mysubmit = $_POST['mysubmit'];
+ //echo $mysubmit;
+ if ($mysubmit == 1) {
+ $orderno = $_POST['orderno'];
+ $orderdt = $_POST['orderdt'];
+ $subject = $_POST['subject'];
+ $link = $_POST['link'];
+ $company = $_POST['company'];
+ $createorder = $conn->query("INSERT INTO Resources (OrderNumber, OrderDate, Subject, Link, Company) VALUES ('$orderno', '$orderdt', '$subject', '$link', '$company'); ");
+ echo "Success!! - Order Created";
+ //echo $mysubmit;
+ //echo $orderno;
+ //echo $orderdt;
+ //echo $subject;
+ //echo $link;
+ $mysubmit = 0;
+ //echo $mysubmit;
+ } else {
+ // $error = "Incorrect Credentials";
+ echo "You are not authorized to perform this action.";
+ }
+ }
+}
+
+?>
+
+
+
+
+ Doc No. |
Order No. |
Date |
Subject |
@@ -74,6 +184,7 @@
fetch_assoc()) { ?>
+ |
|
|
|
@@ -83,4 +194,4 @@
-