-
Notifications
You must be signed in to change notification settings - Fork 0
/
edit_admin.php
74 lines (63 loc) · 2.24 KB
/
edit_admin.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
<?php
require_once("static/includes/sessions.php");
require_once("static/includes/functions.php");
if(!isset($_SESSION["username"])){
redirect_to('index.php');
}
require_once("static/includes/dbsetup.php");
require_once("static/includes/validation_functions.php");
if(isset($_POST['submit'])){
$id = $_SESSION["ID"];
$username = $_POST["username"];
$username = mysqli_real_escape_string($conn,$username);
//UPDATE subjects SET menu_name = 'rashtreeyam',position = 1,visible = 1 WHERE id = 1;
$query = "UPDATE admins SET username = '".$username."' WHERE ID = ".$id." LIMIT 1";
$result = mysqli_query($conn,$query);
if($result && mysqli_affected_rows($conn) >= 0){
redirect_to("manage_admins.php");
} else{ // CHECk - FAILED
$message = "Username already in use. Try Something Unique";
}
}
if(isset($_GET["admin"])){
$selected_admin_id = $_GET["admin"];
if(!is_numeric($selected_admin_id)){
redirect_to("manage_admins.php");
}
$selected_admin_id = mysqli_real_escape_string($conn,$selected_admin_id);
$query = "SELECT * FROM admins WHERE ID = {$selected_admin_id} LIMIT 1";
$result = mysqli_query($conn,$query);
if( (!$result) || mysqli_num_rows($result) < 1){
redirect_to("manage_admins.php");
}
$a = mysqli_fetch_assoc($result);
$_SESSION["ID"] = $a["ID"];
} else{
redirect_to("manage_admins.php");
}
include "static/includes/layouts/open.php";
?>
<div class="main">
<p> Edit Admin Details:</p>
<div class="page row teal lighten-5">
<?php
if(!empty($message)){
echo "<div class='message red-text'>".htmlentities($message)."</div><br><br>";
}
?>
<form action="edit_admin.php?admin=<?php echo urlencode($a["ID"])?>" method="post">
<div class="col s4">
<div class="input-field">
<input type="text" name="username" value="<?php echo htmlentities($a["username"]);?>" />
<label for="menu_name">Username</label>
</div>
<button type="submit" class="btn" name="submit">Confirm Edit</button>
</div>
</form>
</div>
<a href="manage_admins.php">Cancel and go back</a>
</div>
<?php
include "static/includes/layouts/close.php";
?>