31 lines
1.0 KiB
PHP
31 lines
1.0 KiB
PHP
<?php
|
|
require_once __DIR__ . '/../../connect.php';
|
|
|
|
// Get the data from the request
|
|
$name = filterRequest("name");
|
|
$education = filterRequest("education");
|
|
$site = filterRequest("site");
|
|
$phone = filterRequest("phone");
|
|
$status = filterRequest("status");
|
|
$id=filterRequest("id");
|
|
|
|
// Set the current timestamp for the 'created_at' field
|
|
$created_at = date("Y-m-d H:i:s");
|
|
|
|
// Prepare the SQL insert query using parameterized statements to avoid SQL injection
|
|
$sql = "INSERT INTO `employee` (`id`,`name`, `education`, `site`, `phone`, `created_at`, `status`)
|
|
VALUES (?,?, ?, ?, ?, ?, ?)";
|
|
|
|
// Prepare and execute the statement
|
|
$stmt = $con->prepare($sql);
|
|
$stmt->execute([$id, $name, $education, $site, $phone, $created_at, $status]);
|
|
|
|
// Check if the query successfully inserted the record
|
|
if ($stmt->rowCount() > 0) {
|
|
// If a row was inserted, print success
|
|
jsonSuccess($message = "Employee record added successfully");
|
|
} else {
|
|
// If no rows were inserted, print failure
|
|
jsonError($message = "Failed to add employee record");
|
|
}
|
|
?>
|