-
Notifications
You must be signed in to change notification settings - Fork 0
/
users_edit.php
111 lines (81 loc) · 3.71 KB
/
users_edit.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
<?php
include('includes/config.php');
include('includes/database.php');
include('includes/functions.php');
secure();
include('includes/header.php');
if (isset($_POST['username'])) {
if ($stm = $connect->prepare('UPDATE users set username = ?,email = ? , active = ? WHERE id = ?')) {
$stm->bind_param('sssi', $_POST['username'], $_POST['email'], $_POST['active'], $_GET['id']);
$stm->execute();
$stm->close();
if (isset($_POST['password'])) {
if ($stm = $connect->prepare('UPDATE users set password = ? WHERE id = ?')) {
$hashed = SHA1($_POST['password']);
$stm->bind_param('si', $hashed, $_GET['id']);
$stm->execute();
$stm->close();
} else {
echo 'Could not prepare password update statement!';
}
}
set_message("A user " . $_GET['id'] . " has beed updated");
header('Location: users.php');
die();
} else {
echo 'Could not prepare user update statement!';
}
}
if (isset($_GET['id'])) {
if ($stm = $connect->prepare('SELECT * from users WHERE id = ?')) {
$stm->bind_param('i', $_GET['id']);
$stm->execute();
$result = $stm->get_result();
$user = $result->fetch_assoc();
if ($user) {
?>
<div class="container mt-5">
<div class="row justify-content-center">
<div class="col-md-6">
<h1 class="display-2">Edit user</h1>
<form method="post">
<!-- Username input -->
<div class="form-outline mb-4">
<input type="text" id="username" name="username" class="form-control active" value="<?php echo $user['username'] ?>" />
<label class="form-label" for="username">Username</label>
</div>
<!-- Email input -->
<div class="form-outline mb-4">
<input type="email" id="email" name="email" class="form-control active" value="<?php echo $user['email'] ?>" />
<label class="form-label" for="email">Email address</label>
</div>
<!-- Password input -->
<div class="form-outline mb-4">
<input type="password" id="password" name="password" class="form-control" />
<label class="form-label" for="password">Password</label>
</div>
<!-- Active select -->
<div class="form-outline mb-4">
<select name="active" class="form-select" id="active">
<option <?php echo ($user['active']) ? "selected" : ""; ?> value="1">Active</option>
<option <?php echo ($user['active']) ? "" : "selected"; ?> value="0">Inactive</option>
</select>
</div>
<!-- Submit button -->
<button type="submit" class="btn btn-primary btn-block">Update user</button>
</form>
</div>
</div>
</div>
<?php
}
$stm->close();
} else {
echo 'Could not prepare statement!';
}
} else {
echo "No user selected";
die();
}
include('includes/footer.php');
?>