I'm trying to make a form that allows the user to change AND add some values to their session user.
I have not made the login, it was one of my old friends. He didn't comment the code very well, and commenting is useful for me that is relative new to php and SQL.
How do I UPDATE user values from $_SESSION?
index.php code:
<?php
include('template.php');
$role = array("1"=> "admin.php", "2"=> "useradmin.php", "3"=> "user.php"); //Visar vilken sida varje roll skall skickas vid inlogg.
if(isset($_POST['email']))
{
$query = <<<END
SELECT email, password, userID, fname, company, tel, role FROM user
WHERE email = '{$_POST['email']}'
AND password = '{$_POST['password']}'
END;
$res = $mysqli->query($query);
if ($res->num_rows > 0)
{
$row = $res->fetch_object();
$_SESSION["email"] = $row->email;
$_SESSION["fname"] = $row->fname;
$_SESSION["tel"] = $row->tel;
$_SESSION["company"] = $row->company;
$query2 = <<<END
SELECT role FROM user
WHERE role = '{$row->role}'
END;
$res2 = $mysqli->query($query2) or die ($mysqli->error);
$row2 = $res2->fetch_object();
header("Location: ".$role[$row2->role]);
}
else
{
echo "Fel email eller lösenord.";
}
}
settings.php code with HTML File:
<?php
include('template.php');
$content = <<<END
<div class="row">
<div class="container">
<div class="jumbotron">
<div class="container">
<h2> Användarinställningar för <strong>{$_SESSION['fname']}</strong></h2>
<form action="" metod="POST">
<ul class="usersettings">
<li> Förnamn: <br>
<input type="text" name="fname" value="{$_SESSION['fname']}">
</li>
<li> Email: <br>
<input type="text" name="email" value="{$_SESSION['email']}">
</li>
<li> Telefonnummer: <br>
<input type="text" name="tel" value="{$_SESSION['tel']}">
</li>
<li> Företag: <br>
<input type="text" name="company" value="{$_SESSION['company']}">
</li>
<li>
<input id="sparaknapp" type="submit" value="Spara">
</li>
</ul>
</form>
</div><!-- Stänger jumbotronen -->
</div><!-- Stänger container -->
</div><!-- Stänger row -->
END;
echo $navigation_user;
echo $header;
echo $content;
?>
registration.php code:
if(isset($_POST['email']))
{
function genRandomString($length = 10) {
$characters = "0123456789abcdefghijklmnopqrstuvwxyz";
$string = '”';
for ($p = 0; $p < $length; $p++) {
$string .= $characters[mt_rand(0, strlen($characters))];
}
return $string;
}
$password= genRandomString();
$licenseID= genRandomString();
$query = <<<END
INSERT INTO user(email, company, courseID, antal, password, licenseID)
VALUES('{$_POST['email']}','{$_POST['company']}','{$_POST['courseID']}', '{$_POST['antal']}', '$password','$licenseID');
END;
$mysqli->query($query);
echo 'Nya licenser har lagts till i databasen';
}
$content = <<<END
<div class="row">
<div class="container">
<div class="jumbotronadmin">
<div class="jumbotron">
<div class="container">
<h2>Generera Licenser</h2>
<form action="admin.php" method="post">
<div class="form-group">
<input type="text" class="form-control" aria-describedby="basic-addon1" name="company" placeholder="Företag">
</div>
<div class="form-group">
<input type="text" class="form-control" aria-describedby="basic-addon1" name="email" placeholder="Email">
</div>
<div class="form-group">
<input type="text" class="form-control" aria-describedby="basic-addon1" name="antal" placeholder="Antal licenser">
</div>
<div class="form-group">
<div class="checkbox">
<label>
<input type="checkbox" aria-describedby="basic-addon1" name="courseID">Webbutbildningen i Allmän brandskyddskunskap
</label>
</div>
<div class="checkbox">
<label>
<input type="checkbox" aria-describedby="basic-addon1" name="role">Skapa en ny administrativ användare
</label>
</div>
</div>
<input type="submit" class="btn btn-default" value="Beställ">
</form>
The admin on the page adds new users, and not the users, thus some values are NULL.
