<?php
header('Content-Type: text/html; charset=UTF-8');
?>
<?php
	include "fun.php";
	include "studentManage.php";
	$StudentName = @$_POST['xm'];		
	$Sex = @$_POST['xb'];					
	$Birthday = @$_POST['cssj'];			
	$tmp_file = @$_FILES["photo"]["tmp_name"];
	$handle = @fopen($tmp_file,'rb');		
	$Picture = @base64_encode(fread($handle, filesize($tmp_file)));	
	
	$s_sql = "select XM, KCS from XS where XM ='$StudentName'";		
	$s_result = $db->query(iconv('UTF-8', 'UTF-8', $s_sql));
	if(@$_POST["btn"] == '录入') {			
		if($s_result->rowCount() != 0)		
			echo "<script>alert('该用户已经存在！');location.href='studentManage.php';</script>";
		else {
			if(!$tmp_file) {				
				$insert_sql = "insert into XS values('$StudentName', $Sex, '$Birthday', 0, NULL, NULL)";
			}else {
				$insert_sql = "insert into XS values('$StudentName', $Sex, '$Birthday', 0, NULL, '$Picture')";
			}
			$insert_result = $db->query(iconv('UTF-8', 'UTF-8', $insert_sql));
			
			if($insert_result->rowCount() != 0) {
				$_SESSION['StuName'] = $StudentName;
				echo "<script>alert('添加成功！');location.href='studentManage.php';</script>";
			}else
				echo "<script>alert('添加失败，请检查输入信息！');location.href='studentManage.php';</script>";
		}
	}
	if(@$_POST["btn"] == '删除') {			
		if($s_result->rowCount() == 0)		
			echo "<script>alert('该用户不存在！');location.href='studentManage.php';</script>";
		else {								
			list($XM, $KCS) = $s_result->fetch(PDO::FETCH_NUM);
			if($KCS != 0)					
				echo "<script>alert('该用户有数据记录，不能删！');location.href='studentManage.php';</script>";
			else {							
				$del_sql = "delete from XS where XM ='$StudentName'";
				$del_affected = $db->exec(iconv('UTF-8', 'UTF-8', $del_sql));
				if($del_affected) {
					$_SESSION['StuName'] = 0;
					echo "<script>alert('删除成功！');location.href='studentManage.php';</script>";
				}
			}
		}
	}
	if(@$_POST["btn"] == '更新'){				
		$_SESSION['StuName'] = $StudentName;
		if(!$tmp_file)						
			$update_sql = "update XS set XB =$Sex, CSSJ ='$Birthday' where XM ='$StudentName'";
		else
			$update_sql = "update XS set XB =$Sex, CSSJ ='$Birthday', ZP='$Picture' where XM ='$StudentName'";
		$update_affected = $db->exec(iconv('UTF-8', 'UTF-8', $update_sql));
		if($update_affected)
			echo "<script>alert('更新成功！');location.href='studentManage.php';</script>";
		else
			echo "<script>alert('更新失败，请检查输入信息！');location.href='studentManage.php';</script>";
	}
	if(@$_POST["btn"] == '查询') {		  
		$_SESSION['StuName'] = $StudentName;
		$sql = "select XM, XB, CSSJ, KCS from XS where XM ='$StudentName'";
		$result = $db->query(iconv('UTF-8', 'UTF-8', $sql));
		if($result->rowCount() == 0)		
			echo "<script>alert('该用户不存在！');location.href='studentManage.php';</script>";
		else {
			list($XM, $XB, $CSSJ, $KCS) = $result->fetch(PDO::FETCH_NUM);
			$_SESSION['XM'] = iconv('UTF-8', 'UTF-8', $XM);
			$_SESSION['XB'] = $XB;
			$_SESSION['CSSJ'] = $CSSJ;
			$_SESSION['KCS'] = $KCS;
			echo "<script>location.href='studentManage.php';</script>";
		}
	}
?>