Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <div class='content'>
- <div class='contenttop'>
- <div class='contenttoptext'>
- Edit a user:
- </div>
- </div>
- <div class='contentmid'><br />
- <div class='contenttitle'>
- Edit a user:
- </div>
- <div class='contentlinetitle'>
- </div>
- <div class='contenttext'>
- <?php
- include('db.php');
- //als die gene is ingelogd//
- if(isset($_SESSION['id'])){
- $query2 = mysql_query("SELECT * FROM users WHERE id = '".mysql_real_escape_string($_SESSION['id'])."'");
- $row2 = mysql_fetch_assoc($query2);
- if($row2['admin'] == 1){
- if(isset($_POST['submit'])){
- if(empty($_POST['email'])){
- $errors = "You didn't fill in an E-Mail.";
- }
- if(empty($_POST['password'])){
- if(isset($errors) == false){
- mysql_query ("UPDATE users SET
- email = '". mysql_real_escape_string($_POST['email']) ."',
- name = '". mysql_real_escape_string($_POST['name']) ."',
- age = '". mysql_real_escape_string($_POST['age']) ."',
- country = '". mysql_real_escape_string($_POST['country']) ."',
- tag= '". mysql_real_escape_string($_POST['tag']) ."',
- admin = '". $_POST['admin'] ."'
- WHERE ID = '".mysql_real_escape_string($_SESSION['id'])."'");
- $error = "The user his profile is updated.". $_POST['admin'];
- }
- }
- else{
- if(isset($errors) == false){
- mysql_query ("UPDATE users SET
- password = '". md5($_POST['password']) ."',
- email = '". mysql_real_escape_string($_POST['email']) ."',
- name = '". mysql_real_escape_string($_POST['name']) ."',
- age = '". mysql_real_escape_string($_POST['age']) ."',
- country = '". mysql_real_escape_string($_POST['country']) ."',
- tag= '". mysql_real_escape_string($_POST['tag']) ."',
- admin = '". $_POST['admin'] ."'
- WHERE ID = '".mysql_real_escape_string($_SESSION['id'])."'");
- $error = "The user his profile is updated.". $_POST['admin'];
- }
- }
- }
- echo "<form action='' method='post'><table>";
- $query = "SELECT * FROM users WHERE id = '". mysql_real_escape_string($_GET['id']) ."'";
- $result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
- while($row = mysql_fetch_assoc($result)){
- echo "
- <tr><td width='150' colspan='2'>User settings:</td></tr>
- <tr><td>Username:</td><td><input type='text' name='username' value='". $row['username'] ."' READONLY /></td></tr>
- <tr><td>Password:</td><td><input type='password' name='password' value=''/></td></tr>
- <tr><td>Verify Password:</td><td><input type='password' name='password2' value=''/></td></tr>
- <tr><td>E-Mail:</td><td><input type='text' name='email' value='". $row['email'] ."'/></td></tr>
- <tr><td colspan='2'>About yourself:</td></tr>
- <tr><td>Name:</td><td><input type='text' name='name' value='". $row['name'] ."'/></td></tr>
- <tr><td>Age:</td><td><input type='text' name='age' value='". $row['age'] ."'/></td></tr>
- <tr><td>Country:</td><td><input type='text' name='country' value='". $row['country'] ."'/></td></tr>
- <tr><td>Avatar:</td><td>coming later</td></tr>
- <tr><td>Admin:</td><td>Yes<input type='radio' name='admin' value='1'/></td></tr>
- <tr><td></td><td>No<input type='radio' name='admin' value='0' CHECKED /></td></tr>
- <tr><td colspan='2'>Gaming:</td></tr>
- <tr><td>Clan-Tag:</td><td><input type='text' name='tag' value='". $row['tag'] ."'/></td></tr>
- <tr><td><input type='submit' name='submit' value='Edit user'/></td></tr>
- ";
- }
- echo "</table></form>";
- if(isset($errors)){
- echo $errors;
- }
- if(isset($error)){
- echo $error;
- }
- }
- //als hij geen admin is//
- else {
- echo "You are not an admin, leave!";
- }
- }
- //als hij niet is ingelogd//
- else{
- echo "You are not logged in!";
- }
- ?>
- </div>
- <div class='contentlinebottom'>
- </div><br />
- </div>
- </div>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
