<?php
include 'core/init.php';
admin_protect();
include 'includes/overall/header.php';
?>
<center><h1>Welcome to Admin Page Modify User</h1></center>
<?php
if (isset($_GET['success']) === true && empty($_GET['success']) === true) {
echo 'Your Details have been updated! <br> <br>';
echo "<a href=admin.php>Back to Admin Page</a>";
} else {
if (empty($_POST) === false && empty($errors) === true) {
$update_data = array(
'first_name' => $_POST['first_name'],
'last_name' => $_POST['last_name'],
'gender' => $_POST['gender'],
'email' => $_POST['email'],
'dob_day' => $_POST['dob_day'],
'dob_month' => $_POST['dob_month'],
'dob_year' => $_POST['dob_year'],
'allow_email' => $allow_email = ($_POST['allow_email'] == 'on') ? 1 : 0
);
update_user($session_user_id, $update_data);
header('Location: admin_modify.php?success');
exit();
} else if (empty($errors) === false) {
echo output_errors($errors);
}
?>
<form action="" method="post">
<ul>
<li>
First Name* : <br> <input type="text" name="first_name" value="<?php echo $user_data['first_name'];?>">
</li>
<li>
Last Name : <br> <input type="text" name="last_name" value="<?php echo $user_data['last_name'];?>">
</li>
Gender*:<br>
<select name="gender" >
<option><?php echo $user_data['gender']; ?></option>
<option>Male</option>
<option>Female</option>
</select>
<li>
Email* : <br> <input type="text" name="email" value="<?php echo $user_data['email'];?>">
</li>
<li>
Date of Birth*:<br>
<select name="dob_day">
<option><?php echo $user_data['dob_day'];?></option>
<?php
loop_date();
?>
</select>
<select name="dob_month">
<option><?php echo $user_data['dob_month'];?></option>
<?php
loop_month();
?>
</select>
<select name="dob_year">
<option><?php echo $user_data['dob_year'];?></option>
<?php
loop_year();
?>
</select>
</li>
<li>
<input type="checkbox" name="allow_email" <?php if ($user_data['allow_email'] == 1) {echo 'checked="checked"';}?> >Would you like to receive email from us?
</li>
<li>
<input type="submit" value="Update">
</li>
</ul>
</form>
<?php
}
include 'includes/overall/footer.php'
?>
<?php include 'includes/overall/footer.php' ?>
I am encountering problems when I want to modify or delete a user using the admin account. The problem is that the current session of the admin account is being recognized when you what to modify or delete it. How can I solve this problem? Thank you for all your help. :)
The best way to acheive what you want to do is to use a hidden input field.
For example, if the user wants to modify the data of the user 48, make him go the page with a GET argument (modify_user.php?userId=48).
In the page, insert a hidden input field like that:
<input type="hidden" name="userId" value="<?php echo $_GET["userId"] ?>" />
This input is hidden, and the sole purpose of it is to transmit data to the process code.
When the form is submitted, you can access the data as usual ($_POST["userId"]).
Take input hidden field for user id and use it not the session when you want to modify/delete the user from admin account.
On the form:
<input type="hidden" name="user_id" value="<?php if(isset($user_data['id'])){ echo $user_data['id'];} ?>">
On backend php page:
if(isset($_REQUEST['user_id'])){
// modify/delete user
$user_id = $_REQUEST['user_id'];
}
Related
I would like to create an input box that is only readable and have the title of the book, is it possible that the input box can store a variable?
P.S The one I want to change is the id, now I successfully disabled the input box, but the output is $id instead of the variable that I use the $_GET method.
My code is as follow
<?php
include_once 'header.php';
$id = mysqli_real_escape_string($conn, $_GET['bookid']);
$title = mysqli_real_escape_string($conn, $_GET['title']);
?>
<section class="signup-form">
<h2>Pre-order</h2>
<div class="signup-form-form">
<form action="preorder.inc.php" method="post">
<input type="text" disabled="disabled" name="id" value= $id >
<input type="text" name="uid" placeholder="Username...">
<input type="text" name="BRO" placeholder="BookRegistrationCode...">
<button type="submit" name="submit">Pre-order</button>
</form>
</div>
<?php
// Error messages
if (isset($_GET["error"])) {
if ($_GET["error"] == "emptyinput") {
echo "<p>Fill in all fields!</p>";
}
else if ($_GET["error"] == "wronginfo") {
echo "<p>Wrong information!</p>";
}
else if ($_GET["error"] == "stmtfailed") {
echo "<p>Something went wrong!</p>";
}
else if ($_GET["error"] == "none") {
echo "<p>Success!</p>";
}
}
?>
</section>
Put <?php echo $var; ?> inside the value attribute.
<input type="text" value="<?php echo $var; ?>" />
EDIT
As per #arkascha's comment, you can use alternative php short tags:
<input type="text" value="<?= $var; ?>" />
As per the docs: https://www.php.net/manual/en/language.basic-syntax.phptags.php
I am trying to update a database record using a submit button, however the form that information is being taken from has itself been populated by another submit button.
The PHP is below:
if (isset($_POST['edit']))
{
$editUser = User::locate($_POST['userSelect']);
$setCompany = Company::findCompany();
$exCompanyId = $editUser->user_company_id;
$isAdmin = $editUser->user_admin;
$eUserFirstname = $editUser->user_firstname;
$eUserLastname = $editUser->user_lastname;
$eUserUsername = $editUser->user_username;
$eUserEmail = $editUser->user_email;
$eUserCompany = $editUser->user_company;
$adminArray = array("Yes","No");
if ($exCompanyId > NULL)
{
$exCompany = Company::locateId($exCompanyId);
$companyValue = $exCompany->company_name;
}
else
{
$companyValue = "";
}
if ($isAdmin > 0)
{
$userAdmin = $adminArray[0];
}
else
{
$userAdmin = $adminArray[1];
}
}
if (isset($_POST['confirm']))
{
$updateUserRecord = User::locate($eUserUsername);
$newCompanyValue = $_POST['setCompany'];
$isAdmin = $_POST['userAdmin'];
$newCompany = Company::locate($newCompanyValue);
$companyId = $newCompany->company_id;
$updateUserRecord->user_company_id = $companyId;
$updateUserRecord->user_admin = $isAdmin;
$editUser->updateUserAdmin();
$message = "You have successfully updated the user account";
echo "<script type='text/javascript'>alert('$message');</script>";
}
The HTML code is below:
<form action="" method="post">
<p>
<label>First Name:</label>
<label><?php echo $eUserFirstname ?></label>
</p>
<p>
<label>Last Name:</label>
<label><?php echo $eUserLastname ?></label>
</p>
<p>
<label>Username:</label>
<label><?php echo $eUserUsername ?></label>
</p>
<p>
<label>Email Address:</label>
<label><?php echo $eUserEmail ?></label>
</p>
<p>
<label>User Company:</label>
<label><?php echo $eUserCompany ?></label>
</p>
<p>
<label>Set Company:</label>
<select name="setCompany">
<option><?php echo $companyValue ?></option>
<?php
foreach ($setCompany as $srow)
{
?>
<option id="<?=
$srow->company_id
?>">
<?=
$srow->company_name
?>
</option>
<?php
}
?>
</select>
</p>
<p>
<label>Administrator:</label>
<select name="userAdmin">
<option><?php echo $userAdmin ?></option>
<?php
foreach ($adminArray as $arow)
{
?>
<option>
<?=
$arow
?>
</option>
<?php
}
?>
</select>
</p>
<input type="submit" name="cancel" value="Cancel">
<input type="submit" name="confirm" value="Confirm">
</br>
</form>
From my investigations so far the variables aren't transferring to the 2nd if statement, and I'm not sure how to make them available to it.
Store the first form's submission in hidden input fields alongside your echo statements. For example: <input type="hidden" name="field_name" value="<?php echo htmlspecialchars($field); ?>">
Or, alternatively, update the DB after first form posts.
I'm drawing data from a MySQL database that dynamically places a question with 4-5 radio button choices for the answer. These radio buttons all belong to the same group, $quest_name. The first pass of the while statement will create 4 radio buttons belonging to radio group "question_1".
It creates 30-40 of these questions on a page, each with 4 radio buttons. I want the user to fill in all there answers and the page to post back to itself with the users answers still selected and then display if they were correct or not (functionality I still have to add).
I'm trying to follow http://www.w3schools.com/php/php_form_complete.asp as an example, but use a dynamically created radio button name instead.
This is what I have thus far:
<form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>">
<?php
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
$quest_num = $row["id"];
$question = $row["question"];
$option_1 = $row["option_1"];
$option_2 = $row["option_2"];
$option_3 = $row["option_3"];
$option_4 = $row["option_4"];
$option_5 = $row["option_5"];
$answer = $row["answer"];
$quest_name = "question_" . $row["id"];
echo "(" . $quest_num . ") " . $question . "<br>";
?>
<label>
<input type="radio" name=<?php echo $quest_name ?>
<?php if (isset(echo $quest_name) && echo $quest_name == echo $option_1) echo "checked"; ?>
value=<?php echo $option_1 ?>><?php echo $option_1 ?>
</label>
<br>
<label>
<input type="radio" name=<?php echo $quest_name ?>
value=<?php echo $option_2 ?>><?php echo $option_2 ?>
</label>
<br>
<label>
<input type="radio" name=<?php echo $quest_name ?>
value=<?php echo $option_3 ?>><?php echo $option_3 ?>
</label>
<br>
<label>
<input type="radio" name=<?php echo $quest_name ?>
value=<?php echo $option_4 ?>><?php echo $option_4 ?>
</label>
<br>
<br>
<?php
}
} else {
echo "0 results";
}
$conn->close();
?>
<input type="submit">
</form>
The part causing me grief so far is:
<?php if (isset(echo $quest_name) && echo $quest_name == echo $option_1) echo "checked"; ?>
I have also tried:
<?php if (isset($quest_name) && $quest_name == $option_1) echo "checked"; ?>
and:
<?php echo (isset($quest_name) && $quest_name == $option_1) ? "checked" : ""; ?>
How do you post back to the same page what they've selected? Like in this case I'm trying to say if "question_1" is set and "question_1" is equal to "converter" (the first radio button option) then have it checked when submit button is clicked.
I'm not that good at web development, but I'm trying to create a website to help my fellow electrical technician classmates.
Thanks for any help.
EDIT :
Using this line of code fixed the issue:
<?php if(isset($_POST[$quest_name]) && $_POST[$quest_name]==$option_1) { echo 'checked="checked"'; } ?>
What you need is called Radio Group. In HTML layer it is created with same name for all and different values for each like this:
<p>
<label>
<input type="radio" name="RadioGroup1" value="Value1" id="RadioGroup1_0">
Radio</label>
<br>
<label>
<input type="radio" name="RadioGroup1" value="Value2" id="RadioGroup1_1">
Radio</label>
<br>
</p>
And when you want to get the user input in php layer you go like this:
<?php
//check if Radio Group 1 is set
if(isset($_POST['RadioGroup1'])) {
// print the value of Radio Group 1 choice
echo $_POST['RadioGroup1'];
}
?>
When you want to create a Selected Radio in HTML layer you go like this:
<input name="RadioGroup1" type="radio" id="RadioGroup1_1" value="radio" checked="checked">
So you have to check if user inputs the value of which radio like this:
<label>
<input type="radio" name="RadioGroup1" value="value1" id="RadioGroup1_0" <?php if(isset($_POST['RadioGroup1']) && $_POST['RadioGroup1']=='value1') { echo ' checked="checked"'; } ?>>
Radio</label>
<br>
<label>
<input type="radio" name="RadioGroup1" value="value2" id="RadioGroup1_1" <?php if(isset($_POST['RadioGroup1']) && $_POST['RadioGroup1']=='value2') { echo ' checked="checked"'; } ?> >
Radio</label>
You could use the following:
<input type="radio" name="<?php echo $quest_name ?>" value="<?php echo $option_1 ?>"
<?php if (isset($quest_name) && ($quest_name == $option_1)) echo "checked"; ?> />
I have implemented a functioning login and registration into a website template, but i am stuck on how to update other users details within the database using a form style basis?
For example is changing what group their in for the permissions, then a mod being able to give a 24 hour time out for chat/comments to standard users and so on.
Below is a very basic what i am talking about which iv done using the existing code just a different form, and its getting the username thats entered there that needs to be the 'id' for which row is edited?
I realise my code doesnt have what's needed but if anyone could point me in the right direction id much appreciate it.
<?php
require 'core/init.php';
include 'includes/overall/header.php';
if(!$user->hasPermission('admin')) {
Redirect::to ('index.php');
}
if(Input::exists()) {
if(Token::check(Input::get('token'))) {
$validate = new Validate();
$validation = $validate->check($_POST, array(
'username' => array(
'required' => true)
));
if($validation->passed()) {
try {
$user->update(array(
'grouptest' => Input::get('group')
));
} catch(Exception $e) {
die($e->getMessage());
}
Session::flash('home', 'Your Name has been updated succssfully!.');
Redirect::to('useraccount.php');
} else {
foreach($validate->errors() as $error) {
echo $error, '<br>';
}
}
}
}
?>
<form method="post" action="">
<label for="username">Change user:</label>
<input type="text" name="username" id="username" value=""/>
<label for="group"> to group:</label>
<select name="group" id="group">
<option value="1">Standard user</option>
<option value="2">Moderator</option>
<option value="3">Administrator</option>
</select>
<input type="submit" value="Update">
</form>
i sorted it thanks. here is the whole rewrite of the code just for this.
It is basic but made it on its own.
<?php
error_reporting(E_ALL);
require 'connect.php';
require 'security.php';
$records =array();
if(!empty($_POST)){
if(isset($_POST['username'], $_POST['perms'])){
$username = trim($_POST['username']);
$perms = trim($_POST['perms']);
if(!empty($username) && !empty($perms)){
$update = $db->query("UPDATE users2 SET perms = '$perms' WHERE username = '$username'");
if($update){
echo 'success';
header('location: updatedb.php');
die();
} else {
echo 'failed';
}
}
}
}
if($results = $db->query("SELECT * FROM users2")){
if($results->num_rows){
while($row = $results->fetch_object()){
$records[] = $row;
}
$results->free();
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>updatedb</title>
</head>
<div id="nav">
<ul>
<li>Add to DB Form</li>
<li>Give Admin to Admin</li>
<li>Update DB Form</li>
<li>Delete from DB form</li>
</ul>
</div>
<body>
<h3>update database</h3>
<?php
if(!count($records)){
echo 'no records';
}else{
?>
<table>
<thead>
<tr>
<th>Username</th>
<th>Permission level</th>
</tr>
</thead>
<tbody>
<?php
foreach ($records as $r){
?>
<tr>
<td><?php echo escape($r->username); ?></td>
<td><?php echo escape($r->perms); ?></td>
</tr>
<?php
}
?>
</tbody>
</table>
<?php
}
?>
<hr>
<form method="post" action="">
<label for="username">Username:</label>
<input type="text" name="username" id="username" value=""/>
<label for="perms">Role:</label>
<select name="perms" id="perms">
<option value="1">Standard user</option>
<option value="2">Moderator</option>
<option value="3">Administrator</option>
</select>
<input type="submit" value="Update">
<input type="hidden" name="token" value="<?php echo Token::generate(); ?>">
</form>
</body>
</html>
I have a login div with two input fields. Every input field will be checked for errors.
When I submit the data there are some problems. Here is the HTML:
<div class="small">
<?php if (!isset($errors['a'])):?>
<input type="text" id="a" name="a" value="<?php echo isset ($_POST['a'])? $_POST['a'] : 'Login'; ?>"/>
<?php endif;?>
<?php if (isset($errors['a'])):?>
<input class="log-error" type="text" id="a" name="a" value="<?php echo isset ($_POST['a'])? $_POST['a'] : 'Login'; ?>"/>
<?php endif;?>
</div>
<?php if (isset($errors['a'])):?>
<?php echo "<div id='errordiv'></div><div class='error'>";
echo $errors['a'][0];
echo "</div>";
endif;?>
<div class="small">
<?php if (!isset($errors['b'])):?>
<input type="text" id="b" name="b" value="<?php echo isset ($_POST['b'])? $_POST['b'] : 'Password'; ?>"/>
<?php endif;?>
<?php if (isset($errors['b'])):?>
<input class="log-error" type="text" id="b" name="b" value="<?php echo isset ($_POST['b'])? $_POST['b'] : 'Password'; ?>"/>
<?php endif;?>
</div>
<?php if ( ( isset($errors['b']) ) && (empty($errors['a'][0]) == true) ):?>
<?php echo "<div id='errordiv'></div><div class='error'>";
echo $errors['b'][0];
echo "</div>";
endif;?>
When submitting the data, it won't display both errors at the same time for the input class. It seems like the value-tag is causing this problem.
When I remove the value-tag from both input fields, it will display the error input class at the same time for both.
To me it seems like there is logic misunderstanding.
If you want to display both errors at the time - replace this line
<?php if ( ( isset($errors['b']) ) && (empty($errors['a'][0]) == true) ):?>
with this
<?php if (isset($errors['b'])):?>