Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include ("../scripts/connect_to_mysql.php");
- $error_msg = '<font color="#FF0000">*IF YOU DO NOT WISH TO CHANGE THE PASSWORD, PLEASE LEAVE THE FIELD BLANK.</font>';
- $member = $_GET['pid'] ;
- $setupquery = "SELECT * FROM members WHERE member_id='$member'";
- $userlist = mysqli_query($myconnection, $setupquery) or die (mysqli_error());
- $row = mysqli_fetch_array($userlist);
- $startalias = $row["alias"];
- $startusername = $row["username"];
- $startpermissions = $row["permission_level"];
- if ($_POST['delete'] == true)
- {
- $member = mysqli_real_escape_string($myconnection,$_POST['pid']);
- $query = "DELETE FROM members WHERE member_id='$member'";
- $register = mysqli_query($myconnection, $query);
- if ($register) { header("LOCATION: indexnew.php"); exit; }
- }
- if (isset($_POST['save']))
- {
- $member = mysqli_real_escape_string($myconnection,$_POST['pid']);
- //grab data from fields
- $alias = mysqli_real_escape_string($myconnection,$_POST['alias']);
- $username = mysqli_real_escape_string($myconnection,$_POST['username']);
- $password = mysqli_real_escape_string($myconnection,$_POST['password']);
- $permissions = mysqli_real_escape_string($myconnection,$_POST['permissions']);
- $date = mysqli_real_escape_string($myconnection,date('F j, Y, g:i a'));
- if ($alias && $username && $password && $permissions)
- {
- if(strlen($alias)>25 || strlen($username)>25)
- {
- $error_msg = '<font color="#FF0000">*Alias and username cannot contain more than 25 characters.</font>';
- }
- else
- {
- if(strlen($password)>25 || strlen($password)<6)
- {
- $error_msg = '<font color="#FF0000">*A password must contain between 6 and 25 characters.</font>';
- }
- else
- {
- if($permissions == "High" || $permissions == "Medium" || $permissions == "Low")
- {
- $encrypted_password = md5($password);
- $query = "UPDATE members SET alias='$alias', username='$username', password='$encrypted_password', permission_level='$permissions', date_updated='$date' WHERE member_id='$member'";
- $register = mysqli_query($myconnection, $query);
- if ($register) { header("LOCATION: indexnew.php"); exit; }
- }
- else
- {
- $error_msg = '<font color="#FF0000">*Permission level must be of one of the preset values.</font>';
- }
- }
- }
- }
- else if($alias && $username && $permissions && empty($password))
- {
- if(strlen($alias)>25 || strlen($username)>25)
- {
- $error_msg = '<font color="#FF0000">*Alias and username cannot contain more than 25 characters.</font>';
- }
- else
- {
- if($permissions == "High" || $permissions == "Medium" || $permissions == "Low")
- {
- $encrypted_password = md5($password);
- $query = "UPDATE members SET alias='$alias', username='$username', permission_level='$permissions', date_updated='$date' WHERE member_id='$member'";
- $register = mysqli_query($myconnection, $query);
- if ($register) { header("LOCATION: indexnew.php"); exit; }
- }
- else
- {
- $error_msg = '<font color="#FF0000">*Permission level must be of one of the preset values.</font>';
- }
- }
- }
- else
- {
- $error_msg = '<font color="#FF0000">*Please fill in all required fields.</font>';
- }
- }
- include ("adminheader.php");
- ?>
- <div id="block_content_full">
- <div class="large-content-top">
- <h4>EDIT USER</h4>
- <h5>Edit User Details...</h5>
- </div> <!--end large content top-->
- <div class="large-content-middle">
- <p>
- <form method="post" action="<?php echo htmlentities($_SERVER['PHP_SELF']); ?>">
- <fieldset>
- <legend>Edit User</legend>
- <p>
- <input name="pid" type="hidden" value="<?php echo $_GET['pid']; ?>" />
- <span class="label">
- <label for="alias">Alias:</label>
- </span>
- <input type="text" id="alias" name="alias" value="<?php echo $startalias; ?>" maxlength="25" />
- </p>
- <p>
- <span class="label">
- <label for="username">Username:</label>
- </span>
- <input type="text" id="username" name="username" value="<?php echo $startusername; ?>" maxlength="25" />
- </p>
- <p>
- <span class="label">
- <label for="password">Password:</label>
- </span>
- <input type="password" id="password" name="password" maxlength="25" />
- </p>
- <p>
- <span class="label">
- <label for="permissions">Permission Level:</label>
- </span>
- <select id="permissions" name="permissions">
- <?php if ($startpermissions == "Low")
- {
- echo '
- <option value="Low">Low</option>
- <option value="Medium">Medium</option>
- <option value="High">High</option> ';
- }
- else if ($startpermissions == "Medium")
- { echo'
- <option value="Medium">Medium</option>
- <option value="Low">Low</option>
- <option value="High">High</option>';
- }
- else
- { echo '
- <option value="High">High</option>
- <option value="Low">Low</option>
- <option value="Medium">Medium</option>';
- }?>
- </select>
- </p>
- </fieldset><br/>
- <?php if(!empty($error_msg)): echo $error_msg; endif; ?><br /><br />
- <span class="center">
- <input type="button" name="cancel" value="Cancel" onclick="if(confirm('Are you sure want to cancel?')){ document.location.href = 'indexnew.php'; } " />
- <input type="submit" name="save" value="Update User">
- <input type="button" class="delete" name="delete" value="Delete User" onClick="window.location.href='edit_user.php?pid=<?php echo $member; ?>&delete=true'" />
- </span>
- </form>
- </p>
- </div> <!--end large content middle-->
- <div class="large-content-bottom">
- </div> <!--end large content bottom-->
- </div> <!--end content-->
- <script type="text/javascript">
- $(document).ready(function() {
- $('.delete').click(function(){
- var answer = confirm('Are you sure you wish to delete this user?');
- return answer // answer is a boolean
- });
- });
- </script>
- <?php include("adminfooter.php");?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement