jrtechs
/
jrtechs-Club-Panda
mirror of https://github.com/jrtechs/Club-Panda.git
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
Simple website with some JavaScript games.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
3.3 MiB
 
 
 
 
 
 
Tree: b5768bd866
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b5768bd866'
${ noResults }
jrtechs-Club-Panda/user/editUser.php

102 lines
3.5 KiB
Raw Blame History

<?php
if($admin)
{
$errors = array();
if(isset($_POST['edit_user']))
{
$i_username = mysqli_real_escape_string($dbc, trim($_POST['edit_user_username']));
$i_first = mysqli_real_escape_string($dbc, trim($_POST['edit_user_first']));
$i_last = mysqli_real_escape_string($dbc, trim($_POST['edit_user_last']));
$i_password = mysqli_real_escape_string($dbc, trim($_POST['edit_user_pass']));
$i_admin = mysqli_real_escape_string($dbc, trim($_POST['edit_user_admin']));
$passcom = $i_password . $i_first;
$passcom = SHA1($passcom);
if($i_admin)
{
$admin_temp = "true";
}
else
{
$admin_temp = "false";
}
$q = "select user_id from users where user_name ='$i_username'";
$r = mysqli_query($dbc, $q);
while($row = mysqli_fetch_array($r))
{
$q = "update users set first_name ='$i_first' where user_id='" . $row['user_id'] . "'";
$r2 = mysqli_query($dbc, $q);
$q = "update users set last_name ='$i_last' where user_id='" . $row['user_id'] . "'";
$r2 = mysqli_query($dbc, $q);
$q = "update users set pass ='$passcom' where user_id='" . $row['user_id'] . "'";
$r2 = mysqli_query($dbc, $q);
//echo $q;
$q = "update users set admin =$admin_temp where user_id='" . $row['user_id'] . "'";
$r2 = mysqli_query($dbc, $q);
//echo $q;
}
header("Location: admin.php");
}
echo '<h1 class="w3-text-teal"><center>Edit User</center></h1>';
echo '<form action="admin.php" method ="post" class="w3-container w3-card-4">';
$q = "select user_name from users";
$r = mysqli_query($dbc, $q);
echo '<select class="w3-select" name ="edit_user_username">';
while($row = mysqli_fetch_array($r))
{
echo '<option value="' . $row['user_name'] . '">';
echo $row['user_name'] . '</option>';
}
echo '</select>';
echo '<div class="w3-group">
<input class="w3-input" type="text" name="edit_user_first" required>
<label class="w3-label w3-validate">First Name</label>
</div>
<div class="w3-group">
<input class="w3-input" type="text" name="edit_user_last" required>
<label class="w3-label w3-validate">Last Name</label>
</div>
<div class="w3-group">
<input class="w3-input" type="password" name="edit_user_pass" maxlength="20" required>
<label class="w3-label w3-validate">Password</label>
</div>
<input class="w3-check" type="checkbox" name="edit_user_admin">
<label class="w3-validate">Admin<label>
<p><input type="submit" name="Submit" value="Edit User" class="w3-padding-16 w3-hover-dark-grey w3-btn-block w3-center-align" /></p>
<input type="hidden" name="edit_user" value="TRUE" />
</form>';
foreach($errors as $msg)
{
echo " - $msg<br />";
}
}
?>