Edit a User'; // Check for a valid user ID, through GET or POST: if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // From view_users.php $id = $_GET['id']; } elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission. $id = $_POST['id']; } else { // No valid ID, kill the script. echo '

This page has been accessed in error.

'; include ('includes/footer.html'); exit(); } require_once ('../mysqli_connect.php'); // Check if the form has been submitted: if (isset($_POST['submitted'])) { $errors = array(); // Check for a first name: if (empty($_POST['first_name'])) { $errors[] = 'You forgot to enter your first name.'; } else { $fn = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); } // Check for a last name: if (empty($_POST['last_name'])) { $errors[] = 'You forgot to enter your last name.'; } else { $ln = mysqli_real_escape_string($dbc, trim($_POST['last_name'])); } // Check for an email address: if (empty($_POST['email'])) { $errors[] = 'You forgot to enter your email address.'; } else { $e = mysqli_real_escape_string($dbc, trim($_POST['email'])); } if (empty($errors)) { // If everything's OK. // Test for unique email address: $q = "SELECT user_id FROM users WHERE email='$e' AND user_id != $id"; $r = @mysqli_query($dbc, $q); if (mysqli_num_rows($r) == 0) { // Make the query: $q = "UPDATE users SET first_name='$fn', last_name='$ln', email='$e' WHERE user_id=$id LIMIT 1"; $r = @mysqli_query ($dbc, $q); if (mysqli_affected_rows($dbc) == 1) { // If it ran OK. // Print a message: echo '

The user has been edited.

'; } else { // If it did not run OK. echo '

The user could not be edited due to a system error. We apologize for any inconvenience.

'; // Public message. echo '

' . mysqli_error($dbc) . '
Query: ' . $q . '

'; // Debugging message. } } else { // Already registered. echo '

The email address has already been registered.

'; } } else { // Report the errors. echo '

The following error(s) occurred:
'; foreach ($errors as $msg) { // Print each error. echo " - $msg
\n"; } echo '

Please try again.

'; } // End of if (empty($errors)) IF. } // End of submit conditional. // Always show the form... // Retrieve the user's information: $q = "SELECT first_name, last_name, email FROM users WHERE user_id=$id"; $r = @mysqli_query ($dbc, $q); if (mysqli_num_rows($r) == 1) { // Valid user ID, show the form. // Get the user's information: $row = mysqli_fetch_array ($r, MYSQLI_NUM); // Create the form: echo ''; } else { // Not a valid user ID. echo '

This page has been accessed in error.

'; } mysqli_close($dbc); include ('includes/footer.html'); ?>