<?php
include_once('inc/connection.php');
include_once('inc/funtions.php') ;
session_start();
?>
<?php
$errors = array();
$first_name = '';
$last_name = '';
$email = '';
$password = '';
$user_id ='';
// modify user section
if (isset($_GET['user_id'])) {
//getting user info
$user_id = mysqli_real_escape_string ($connection, $_GET['user_id'] );
// select user from data base using user id (prepare query)
$query = "SELECT * FROM user WHERE id = {$user_id} LIMIT 1 ";
$result_set = mysqli_query($connection, $query);
if ($result_set) {
if (mysqli_num_rows($result_set) == 1) {
# user found...
$result = mysqli_fetch_assoc($result_set);
$first_name = $result['first_name'];
$last_name = $result['last_name'];
$email = $result['email'];
}
}
}
//this section is is from form
if (isset($_POST['submit'])) {
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$email = $_POST['email'];
$user_id =$_POST['user_id'];
$req_fields =array('user_id','first_name', 'last_name', 'email', );
foreach ($req_fields as $field) {
# code...
if (empty(trim($_POST[$field]))) {
$errors[] = $field. ' is required';
# code...
}
}
// checking max lenth
$max_len_fi =array('first_name' => 100, 'last_name' =>100, 'email' => 100);
foreach ($max_len_fi as $field => $max_len) {
# code...
if (strlen(trim($_POST[$field])) > $max_len) {
$errors[] = $field. ' must be less than ' . $max_len . ' charactors';
# code...
}
//checking email address
if(!is_email($_POST['email'])) {
$errors[] = 'email address is invaild';
}
}
//checking email address already exit
$email= mysqli_real_escape_string($connection, $_POST['email']);
$query= "SELECT * FROM user WHERE email = '{$email}' AND id={user_id} LIMIT 1";
$result_set = mysqli_query($connection, $query);
if ($result_set) {
if (mysqli_num_rows($result_set) ==1) {
$errors[]= 'email address already exit';
# code...
}
# code...
}
if (empty($errors)) {
// on erros found adding new rocrd
$first_name= mysqli_real_escape_string($connection, $_POST['first_name']);
$last_name= mysqli_real_escape_string($connection, $_POST['last_name']);
//// MODIFY USER QUERY
$query = "UPDATE user SET ";
$query .= "first_name = '{$first_name}', ";
$query .= "last_name = '{$last_name}', ";
$query .= "email = '{$email}' ";
$query .= "WHERE id = {$user_id} LIMIT 1";
if ($connection->query($query) === TRUE) {
header('location: users.php');}
else {
echo "Error: " . $query . "<br>" . $connection->error;
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Users</title>
<link rel="stylesheet" href="css/style.css">
</head>
<body>
<header>
<div class="app-name">
<h2> ss company </h2>
</div>
<div class="name">
well come | <a href="logout.php"> logout </a>
</div>
</header>
<div class= "os">
<form action ="modify-user.php" method="post">
<input type="hidden" name="user_id" value="<?php echo $user_id; ?>">
<div class="details">
<h1> modify user </h1>
</div>
<?php if (!empty($errors)) {
echo 'this is errors' . '<br>';
foreach ($errors as $error) {
echo $error . '<br>';
# code...
}
# code...
} ?>
<p>
<label> First name </label>
<input type"text" name="first_name" <?php echo 'value="' .$first_name . '"';?> >
</p>
<p>
<label> Last name </label>
<input type"text" name="last_name" <?php echo 'value="' .$last_name . '"';?>>
</p>
<p>
<label> email </label>
<input type"text" name="email" <?php echo 'value="' .$email . '"';?>>
</p>
<p>
<label> password </label>
<span>***********</span> | <a href="change-password.php?user_id=<?php echo $user_id;?>"> Change passowrd</a>
</p>
<p>
<button type="submit" name="submit"> Sabmit </button>
</p>
</form>
</div>
</body>
</html>
Comments
Post a Comment