-
Notifications
You must be signed in to change notification settings - Fork 0
/
edit_user.php
106 lines (92 loc) · 3.85 KB
/
edit_user.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
<?php
session_start();
include 'db.php';
if (isset($_POST['id'])) {
$id = $_POST['id'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email = $_POST['email'];
// Use prepared statements to prevent SQL injection
$stmt = $conn->prepare("UPDATE users SET firstname=?, lastname=?, email=? WHERE id=?");
$stmt->bind_param("sssi", $firstname, $lastname, $email, $id);
$stmt->execute();
header("Location: dashboard.php");
$stmt->close();
}
if (isset($_GET['id'])) {
$id = $_GET['id'];
// Use prepared statements for the SELECT query
$stmt = $conn->prepare("SELECT * FROM users WHERE id=?");
$stmt->bind_param("i", $id);
$stmt->execute();
$result = $stmt->get_result();
if ($result->num_rows > 0) {
$row = $result->fetch_assoc();
$id = $row['id'];
$firstname = $row['firstname'];
$lastname = $row['lastname'];
$email = $row['email'];
}
$stmt->close();
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
<title>Update User</title>
</head>
<body>
<!-- Logout Button -->
<nav class="navbar navbar-expand-sm navbar-dark bg-dark">
<div class="container-fluid">
<a class="navbar-brand" href="#">Update User</a>
<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav" aria-controls="navbarNav" aria-expanded="false" aria-label="Toggle navigation">
<span class="navbar-toggler-icon"></span>
</button>
<div class="collapse navbar-collapse" id="navbarNav">
<ul class="navbar-nav ms-auto">
<li class="nav-item">
<form action="logout.php" method="post" class="d-flex">
<button type="submit" class="btn btn-danger">Logout</button>
</form>
</li>
</ul>
</div>
</div>
</nav>
<!-- Add New User -->
<div class="container mt-5">
<div class="row justify-content-center">
<div class="col-md-6">
<div class="card">
<div class="card-header">
<h4>Update User</h4>
</div>
<div class="card-body">
<form action="" method="post" id="myForm">
<input type="hidden" name="id" value="<?php echo $id; ?>">
<div class="form-group">
<label for="firstname">Firstname</label>
<input type="text" class="form-control" id="firstname" name="firstname" value="<?php echo $firstname ?>" required>
</div>
<div class="form-group">
<label for="lastname">Lastname</label>
<input type="text" class="form-control" id="lastname" name="lastname" value="<?php echo $lastname ?>" required>
</div>
<div class="form-group mb-2">
<label for="email">Email</label>
<input type="email" class="form-control" id="email" name="email" value="<?php echo $email ?>" required>
</div>
<button type="submit" class="btn btn-primary">Update</button>
</form>
</div>
</div>
</div>
</div>
</div>
</body>
</html>