You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
63 lines
1.9 KiB
63 lines
1.9 KiB
<?php
|
|
|
|
/**
|
|
* Use an HTML form to create a new entry in the
|
|
* users table.
|
|
*
|
|
*/
|
|
|
|
require "../config.php";
|
|
require "../common.php";
|
|
|
|
if (isset($_POST['submit'])) {
|
|
if (!hash_equals($_SESSION['csrf'], $_POST['csrf'])) die();
|
|
|
|
try {
|
|
$connection = new PDO($dsn, $username, $password, $options);
|
|
|
|
$nuevo_coche = array(
|
|
"marca" => $_POST['marca'],
|
|
"modelo" => $_POST['modelo'],
|
|
"matricula" => $_POST['matricula']
|
|
);
|
|
|
|
$sql = sprintf(
|
|
"INSERT INTO %s (%s) values (%s)",
|
|
"vehiculos",
|
|
implode(", ", array_keys($nuevo_coche)),
|
|
":" . implode(", :", array_keys($nuevo_coche))
|
|
);
|
|
|
|
$statement = $connection->prepare($sql);
|
|
$statement->execute($nuevo_coche);
|
|
} catch(PDOException $error) {
|
|
echo $sql . "<br>" . $error->getMessage();
|
|
}
|
|
}
|
|
?>
|
|
<?php require "../templates/header.php"; ?>
|
|
|
|
<?php if (isset($_POST['submit']) && $statement) : ?>
|
|
<blockquote><?php echo escape($_POST['marca']); ?> successfully added.</blockquote>
|
|
<?php endif; ?>
|
|
<section class="principal">
|
|
<div class="container">
|
|
<section>
|
|
<h2>Añadir vehículo</h2>
|
|
|
|
<form method="post" class="formulario">
|
|
<input name="csrf" type="hidden" value="<?php echo escape($_SESSION['csrf']); ?>">
|
|
<p><label for="marca">Marca</label></p>
|
|
<p><input type="text" name="marca" id="marca" required></p>
|
|
<p><label for="modelo">Modelo</label></p>
|
|
<p><input type="text" name="modelo" id="modelo" required></p>
|
|
<p><label for="matricula">Matricula</label></p>
|
|
<p><input type="text" name="matricula" id="matricula" required></p>
|
|
<br>
|
|
<p><input type="submit" name="submit" value="Crear" class="primary"></p>
|
|
</form>
|
|
</section>
|
|
</div>
|
|
</section>
|
|
|
|
<?php require "../templates/footer.php"; ?>
|