ESH/save_hazard_risk_assessment_form.php

<?php
include('includes/config/config.php'); // Include your database connection script
include('includes/auth/auth.php'); // Include authentication script
include('includes/functions.php'); // Include common functions

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    // Start session and get the logged-in user ID
    session_start();
    $modified_by = $_SESSION['user_name'];

    // Get the posted data and escape special characters to prevent SQL injection
    $ref_id = mysqli_real_escape_string($conn, $_POST['ref_id']);
    $activity_situation = mysqli_real_escape_string($conn, $_POST['activity_situation']);
    $hazard_identified = mysqli_real_escape_string($conn, $_POST['hazard_identified']);
    $hazard_category = mysqli_real_escape_string($conn, $_POST['hazard_category']);
    $activity_type = mysqli_real_escape_string($conn, $_POST['activity_type']);
    $hazard_condition = mysqli_real_escape_string($conn, $_POST['hazard_condition']);
    $risk_exposure = mysqli_real_escape_string($conn, $_POST['risk_exposure']);
    $date_time = mysqli_real_escape_string($conn, $_POST['date_time']);
    $department = mysqli_real_escape_string($conn, $_POST['department']);
    $location = mysqli_real_escape_string($conn, $_POST['location']);
    $identified_by = mysqli_real_escape_string($conn, $_POST['identified_by']);
    $remarks = mysqli_real_escape_string($conn, $_POST['remarks']);
    $status = mysqli_real_escape_string($conn, $_POST['status']);
    $reviewed_by = mysqli_real_escape_string($conn, $_POST['reviewed_by']);
    $reviewed_date_time = mysqli_real_escape_string($conn, $_POST['reviewed_date_time']);
    $reviewed_remarks = mysqli_real_escape_string($conn, $_POST['reviewed_remarks']);
    $severity = mysqli_real_escape_string($conn, $_POST['severity']);
    $occurrence = mysqli_real_escape_string($conn, $_POST['occurrence']);
    $calculate_SO = mysqli_real_escape_string($conn, $_POST['calculate_SO']);
    $legal = mysqli_real_escape_string($conn, $_POST['legal']);
    $acceptable = mysqli_real_escape_string($conn, $_POST['acceptable']);
    $significant = mysqli_real_escape_string($conn, $_POST['significant']);
    $target_date = mysqli_real_escape_string($conn, $_POST['target_date']);
    $risk_control_measures = mysqli_real_escape_string($conn, $_POST['risk_control_measures']);

    // Update data in the hazard_observation table
    $sql = "UPDATE hazard_observation SET
        activity_situation = '$activity_situation', 
        hazard_identified = '$hazard_identified', 
        hazard_category = '$hazard_category', 
        activity_type = '$activity_type', 
        hazard_condition = '$hazard_condition', 
        risk_exposure = '$risk_exposure', 
        date_time = '$date_time', 
        department = '$department', 
        location = '$location', 
        identified_by = '$identified_by', 
        remarks = '$remarks', 
        modified_by = '$modified_by', 
        status = '$status',
        reviewed_by = '$reviewed_by', 
        reviewed_date_time = '$reviewed_date_time', 
        reviewed_remarks = '$reviewed_remarks',
        severity = '$severity',
        occurrence = '$occurrence',
        calculate_SO = '$calculate_SO',
        legal = '$legal',
        acceptable = '$acceptable',
        significant = '$significant',
        target_date = '$target_date',
        risk_control_measures = '$risk_control_measures'
    WHERE ref_id = '$ref_id'";

    if (mysqli_query($conn, $sql)) {
        echo "Hazard Updated Successfully";
    } else {
        echo "Error: " . $sql . "<br>" . mysqli_error($conn);
    }

    mysqli_close($conn);
} else {
    echo "Invalid request method.";
}
?>
first commit 2024-10-23 18:28:06 +05:30			`<?php`
			`include('includes/config/config.php'); // Include your database connection script`
			`include('includes/auth/auth.php'); // Include authentication script`
			`include('includes/functions.php'); // Include common functions`

			`if ($_SERVER['REQUEST_METHOD'] == 'POST') {`
			`// Start session and get the logged-in user ID`
			`session_start();`
			`$modified_by = $_SESSION['user_name'];`

			`// Get the posted data and escape special characters to prevent SQL injection`
			`$ref_id = mysqli_real_escape_string($conn, $_POST['ref_id']);`
			`$activity_situation = mysqli_real_escape_string($conn, $_POST['activity_situation']);`
			`$hazard_identified = mysqli_real_escape_string($conn, $_POST['hazard_identified']);`
			`$hazard_category = mysqli_real_escape_string($conn, $_POST['hazard_category']);`
			`$activity_type = mysqli_real_escape_string($conn, $_POST['activity_type']);`
			`$hazard_condition = mysqli_real_escape_string($conn, $_POST['hazard_condition']);`
			`$risk_exposure = mysqli_real_escape_string($conn, $_POST['risk_exposure']);`
			`$date_time = mysqli_real_escape_string($conn, $_POST['date_time']);`
			`$department = mysqli_real_escape_string($conn, $_POST['department']);`
			`$location = mysqli_real_escape_string($conn, $_POST['location']);`
			`$identified_by = mysqli_real_escape_string($conn, $_POST['identified_by']);`
			`$remarks = mysqli_real_escape_string($conn, $_POST['remarks']);`
			`$status = mysqli_real_escape_string($conn, $_POST['status']);`
			`$reviewed_by = mysqli_real_escape_string($conn, $_POST['reviewed_by']);`
			`$reviewed_date_time = mysqli_real_escape_string($conn, $_POST['reviewed_date_time']);`
			`$reviewed_remarks = mysqli_real_escape_string($conn, $_POST['reviewed_remarks']);`
			`$severity = mysqli_real_escape_string($conn, $_POST['severity']);`
			`$occurrence = mysqli_real_escape_string($conn, $_POST['occurrence']);`
			`$calculate_SO = mysqli_real_escape_string($conn, $_POST['calculate_SO']);`
			`$legal = mysqli_real_escape_string($conn, $_POST['legal']);`
			`$acceptable = mysqli_real_escape_string($conn, $_POST['acceptable']);`
			`$significant = mysqli_real_escape_string($conn, $_POST['significant']);`
			`$target_date = mysqli_real_escape_string($conn, $_POST['target_date']);`
			`$risk_control_measures = mysqli_real_escape_string($conn, $_POST['risk_control_measures']);`

			`// Update data in the hazard_observation table`
			`$sql = "UPDATE hazard_observation SET`
			`activity_situation = '$activity_situation',`
			`hazard_identified = '$hazard_identified',`
			`hazard_category = '$hazard_category',`
			`activity_type = '$activity_type',`
			`hazard_condition = '$hazard_condition',`
			`risk_exposure = '$risk_exposure',`
			`date_time = '$date_time',`
			`department = '$department',`
			`location = '$location',`
			`identified_by = '$identified_by',`
			`remarks = '$remarks',`
			`modified_by = '$modified_by',`
			`status = '$status',`
			`reviewed_by = '$reviewed_by',`
			`reviewed_date_time = '$reviewed_date_time',`
			`reviewed_remarks = '$reviewed_remarks',`
			`severity = '$severity',`
			`occurrence = '$occurrence',`
			`calculate_SO = '$calculate_SO',`
			`legal = '$legal',`
			`acceptable = '$acceptable',`
			`significant = '$significant',`
			`target_date = '$target_date',`
			`risk_control_measures = '$risk_control_measures'`
			`WHERE ref_id = '$ref_id'";`

			`if (mysqli_query($conn, $sql)) {`
			`echo "Hazard Updated Successfully";`
			`} else {`
			`echo "Error: " . $sql . "<br>" . mysqli_error($conn);`
			`}`

			`mysqli_close($conn);`
			`} else {`
			`echo "Invalid request method.";`
			`}`
			`?>`