-
Notifications
You must be signed in to change notification settings - Fork 13
/
edit.php
122 lines (94 loc) · 1.81 KB
/
edit.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
<?php
function valid($uid,$uname)
{
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
<title>Edit Records</title>
</head>
<body>
<?php
if ($error != '')
{
echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>';
}
?>
<form action="" method="post">
<input type="hidden" name="uid" value="<?php echo $uid; ?>"/>
<table border="1">
<tr>
<td colspan="2"><b><font color='Red'>Edit Records </font></b></td>
</tr>
<tr>
<td width="179"><b><font color='#663300'>ID<em>*</em></font></b></td>
<td><label>
<input type="text" name="uid" value="<?php echo $uid; ?>" />
</label></td>
</tr>
<tr>
<td width="179"><b><font color='#663300'>uname<em>*</em></font></b></td>
<td><label>
<input type="text" name="uname" value="<?php echo $uname; ?>" />
</label></td>
</tr>
<tr align="Right">
<td colspan="2"><label>
<input type="submit" name="submit" value="Edit Records">
</label></td>
</tr>
</table>
</form>
</body>
</html>
<?php
}
include('config.php');
if (isset($_POST['submit']))
{
if (is_numeric($_POST['uid']))
{
$uid = $_POST['uid'];
$uname = mysql_real_escape_string(htmlspecialchars($_POST['uname']));
if ($uid == '' || $uname == '')
{
$error = 'ERROR: Please fill in all required fields!';
valid($uid, $uname);
}
else
{
mysql_query("UPDATE tb_user SET uid='$uid', uname='$uname' WHERE uid='$uid'")
or die(mysql_error());
header("Location: view.php");
}
}
else
{
echo 'Error! here';
}
}
else
{
if (isset($_GET['uid']) && is_numeric($_GET['uid']) && $_GET['uid'] > 0)
{
$uid = $_GET['uid'];
$result = mysql_query("SELECT * FROM tb_user WHERE uid=$uid")
or die(mysql_error());
$row = mysql_fetch_array($result);
if($row)
{
$uid = $row['uid'];
$uname = $row['uname'];
valid($uid, $uname);
}
else
{
echo "No results!";
}
}
else
{
echo 'Error last!';
}
}
?>