<?php config.php ?><?php $stmt = $conn->prepare("SELECT * FROM user where user_

1. <?php config.php ?>
2. <?php $stmt = $conn->prepare("SELECT * FROM user where user_id = :user_id");
3. $stmt->bindValue('user_id', $_GET['id']);
4. $stmt->execute();
5. while($user = $stmt->fetch(PDO::FETCH_OBJ)){
6. echo "form stuff to echo the fields value" ;
7. } ?>
8.  
9. if (isset($_POST['save'])) {
10. error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR);
11. $sql = $conn->prepare("UPDATE user SET username = :username, password = :password, firstname = :firstname, lastname =:lastname where user_id = :user_id");
12. $sql->bindParam(":user_id",$_POST["user_id"],PDO::PARAM_INT);
13. $sql->bindParam(":username",$_POST["username"],PDO::PARAM_STR);
14. $sql->bindParam(":password",$_POST["password"],PDO::PARAM_STR);
15. $sql->bindParam(":firstname",$_POST["firstname"],PDO::PARAM_STR);
16. $sql->bindParam(":lastname",$_POST["lastname"],PDO::PARAM_STR);
17. if($sql->execute()){
18. echo "Successfully updated ";
19. }
20. else {
21. echo "Not updated";
22. }
23. } ?>