if (isset($_POST['delete'])) {
- $query = sprintf("DELETE FROM stempel WHERE oid = %s",
+ $query = sprintf("DELETE FROM stempel WHERE oid = %d",
$_POST['oid']);
$sth = pg_exec ($dbh, $query);
echo('<p><strong>Deleted.</strong></p>');
} else {
- $query = sprintf("UPDATE stempel SET time=%d, task='%s' WHERE oid = %s",
+ $query = sprintf("UPDATE stempel SET time=%d, start='%s', stop='%s', task='%s', status=%d WHERE oid = %d",
hour2min($_POST['time']),
+ pg_escape_string($dbh, $_POST['start']),
+ pg_escape_string($dbh, $_POST['stop']),
pg_escape_string($dbh, $_POST['task']),
+ $_POST['status'],
$_POST['oid']);
$sth = pg_exec ($dbh, $query);
?>
-<p>Return to <a href="index.php">Index</a></p>
+<p>Return to <a href="index.php">Index</a>, <a href="edit.php?id=<?=$_POST['oid']?>">edit page</a></p>
</page>