Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- EDIT.PHP
- Allows user to edit specific entry in database
- */
- // creates the edit record form
- // since this form is used multiple times in this file, I have made it a function that is easily reusable
- function renderForm($id, $username, $firstname, $surname, $email, $password, $error)
- {
- ?>
- <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
- <html>
- <head>
- <meta charset="utf-8">
- <meta http-equiv="X-UA-Compatible" content="IE=edge" />
- <meta name="viewport" content="width=device-width, initial-scale=1">
- <title>Admin User Delete Record</title>
- </head>
- <body>
- <?php
- // if there are any errors, display them
- if ($error != '')
- {
- echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>';
- }
- ?>
- <form action="" method="post">
- <input type="hidden" name="userid" value="<?php echo $id; ?>"/>
- <div>
- <p><strong>ID:</strong> <?php echo $id; ?></p>
- <strong>UserName: *</strong> <input type="text" name="username" value="<?php echo $username; ?>"/><br/>
- <strong>FirstName: *</strong> <input type="text" name="firstname" value="<?php echo $firstname; ?>"/><br/>
- <strong>SurName: *</strong> <input type="text" name="surname" value="<?php echo $surname; ?>"/><br/>
- <strong>Email: *</strong> <input type="text" name="email" value="<?php echo $email; ?>"/><br/>
- <strong>Password: *</strong> <input type="text" name="password" value="<?php echo $password; ?>"/><br/>
- <p>* Required</p>
- <input type="submit" name="submit" value="Delete">
- </div>
- </form>
- </body>
- </html>
- <?php
- }
- // connect to the database
- include('includes/connection.php');
- // check if the form has been submitted. If it has, process the form and save it to the database
- if (isset($_POST['submit']))
- {
- // confirm that the 'id' value is a valid integer before getting the form data
- if (is_numeric($_POST['userid']))
- {
- // get form data, making sure it is valid
- $id = $_POST['userid'];
- $username = mysql_real_escape_string(htmlspecialchars($_POST['username']));
- $firstname = mysql_real_escape_string(htmlspecialchars($_POST['firstname']));
- $surname = mysql_real_escape_string(htmlspecialchars($_POST['surname']));
- $email = mysql_real_escape_string(htmlspecialchars($_POST['email']));
- $password = mysql_real_escape_string(htmlspecialchars($_POST['password']));
- // check that firstname/lastname fields are both filled in
- if ($firstname == '' || $surname == '')
- {
- // generate error message
- $error = 'ERROR: Please fill in all required fields!';
- //error, display form
- renderForm($id, $username, $firstname, $surname, $email, $password, $error);
- }
- else
- {
- // save the data to the database
- mysql_query("DELETE FROM users WHERE userid='$id'")
- or die(mysql_error());
- // once saved, redirect back to the view page
- header("Location: admin-user-details.php");
- }
- }
- else
- {
- // if the 'id' isn't valid, display an error
- echo 'Error!';
- }
- }
- else
- // if the form hasn't been submitted, get the data from the db and display the form
- {
- // get the 'id' value from the URL (if it exists), making sure that it is valid (checing that it is numeric/larger than 0)
- if (isset($_GET['userid']) && is_numeric($_GET['userid']) && $_GET['userid'] > 0)
- {
- // query db
- $id = $_GET['userid'];
- $result = mysql_query("SELECT * FROM users WHERE userid=$id")
- or die(mysql_error());
- $row = mysql_fetch_array($result);
- // check that the 'id' matches up with a row in the databse
- if($row)
- {
- // get data from db
- $username = $row['username'];
- $firstname = $row['firstname'];
- $surname = $row['surname'];
- $email = $row['email'];
- $password = $row['password'];
- // show form
- renderForm($id, $username, $firstname, $surname, $email, $password, '');
- }
- else
- // if no match, display result
- {
- echo "No results!";
- }
- }
- else
- // if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error
- {
- echo 'Error!';
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement