Geek Answers Handbook

How to edit user information by administrator

I am developing my first simple site using PHP. Now I work on the admin page, and I want him to add, delete users and edit personal information about existing users. I added and removed. Now I want to develop editing users. First of all, I want him to select a user from the list, then automatically extract information about the user after selecting from the list, and then edit his information. So how can I do this?

My code is:

<?php ob_start(); $host="localhost"; // Host name $username="root"; // Mysql username $password="13524"; // Mysql password $db_name="sharingi_db"; // Database name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); ?> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <script language="javascript"> function reload(form){ var val=form.username.options[form.username.options.selectedIndex].value; self.location='editUser2.php?username=' + val ; } </script> </head> <body> <div id="content_main" class="admin_student_height"> <!-- Here starts the first form --> <form method="get"> <h3>Choose A User</h3> <br /> select name="username" onchange="reload(this.form)"> <option> <?php if(isset($_GET['username'])) echo "{$_GET['username']}"; else echo "Select one"; ?> </option> <?php if(isset($_GET['username'])){ $exceptcc = $_GET['username']; $sql = "SELECT username FROM user WHERE user.username NOT IN ('$exceptcc')"; } else $sql = "SELECT username FROM user"; $result = mysql_query($sql); while($row = mysql_fetch_array($result)){ echo "<option value={$row['username']}>{$row['username']}</option>"; } ?> </select><br /><br /> <h3>User Information</h3> <br /> <?php $thecc = $_GET['username']; $sql = "SELECT Firstname FROM user WHERE Username=$thecc"; $result = mysql_query($sql); while($row = mysql_fetch_array($result)){ echo "{$row['Firstname']}>{$row['Firstname']}}"; } ?> <br /><br /> </form> <br /> </div> </div> </body>
+4
source share
4 answers

I am working on an online ticketing system and have come across this situation. I solved the problem as follows:

  • When the page is loaded, determine if they have administrator rights or throw them off the page.
  • Make a SQL query to get a list of users, either displayed in a list or in a drop-down list.
  • As soon as the User for editing has been selected, execute another request and load each element in the field; I used the same form to add new users, but php created the form and inserted the current values ​​for this user in the fields.
  • When this form is submitted (and the sender is verified), I have a php script, look at the username and specify it for the where clause in the sql update statement

If you want me to post an example of what I did, I can do it.

+3
source

You are only an echo of user information.

Instead, you need to put information in a form that will allow editing.

 <?php if ($_POST['submit']) { $username = $_POST['username']; //if you want to update mysql_query("UPDATE users SET username = '$username', password = '$password'"); //if you want to delete mysql_query("DELETE FROM users WHERE username = '$username'"); } ?> <? //show all users $user_query = mysql_query("SELECT * FROM users"); while($row = mysql_fetch_array($user_query)) { echo $row['username'] . ' ' . $row['first_name'] . ' ' . $row['last_name']; //and so on.. depending on your table fields } ?> <form method="POST"> Username: <input name="name" value="<?echo $row['username'?>"/> <input type="submit" name="submit"/> </form>
+1
source
  • Upload data to your form and add an action like "save_user.php" to it
  • On this page save_user.php get data from $ _POST, $ _POST ["firstName"] where firstName is the name of your text field where you downloaded data from db
  • write query "update tbl_users set FirstName = '$ firstName', Email = '$ email' and execute this query, because you start, this may be enough, but remember that such a query can be used for SQL Injection, which means that you can write an SQL query in the "firstname" text box and do some things, for example, delete all data or get passwords, emails, etc.

When you get this, use the parameters in your MySQL query to avoid SQL injection. But you can handle it.

0
source

if you want to automatically extract user information from the drop-down list (without clicking the "Submit" button), you need to use AJAX. Here is a link to a very good example of how to use ajax with php and mysql http://www.w3schools.com/php/php_ajax_database.asp

0
source

More articles:


All Articles