So I am attempting to create a modal which will edit the user (selected) from a displayed table.
I've tried 2 different types of submits to get this process to work, but firstly my PHP code.. (Yes Ik, sanitize variables, it will be added shortly)
if ($_POST['edituser']) {
$uid = strip_tags($_POST['edituser']);
if (isset($_POST['email'])) {
$newemail = $_POST['email'];
mysqli_query($con, "UPDATE `users` SET `email` = '$newemail' WHERE `uid` = '$uid'") or die(mysqli_error($con));
}
if (isset($_POST['usergroup'])) {
$newusergroup = $_POST['usergroup'];
mysqli_query($con, "UPDATE `users` SET `usergroup` = '$newusergroup' WHERE `uid` = '$uid'") or die(mysqli_error($con));
}
if (isset($_POST['paypal'])) {
$newpaypal = $_POST['paypal'];
mysqli_query($con, "UPDATE `users` SET `paypal` = '$newpaypal' WHERE `uid` = '$uid'") or die(mysqli_error($con));
}
if (isset($_POST['avatarlink'])) {
$newavatarlink = $_POST['avatarlink'];
mysqli_query($con, "UPDATE `users` SET `avatarlink` = '$newavatarlink' WHERE `uid` = '$uid'") or die(mysqli_error($con));
}
if (isset($_POST['job'])) {
$newjob = $_POST['job'];
mysqli_query($con, "UPDATE `users` SET `job` = '$newjob' WHERE `uid` = '$uid'") or die(mysqli_error($con));
}
if (isset($_POST['aboutme'])) {
$aboutme = $_POST['aboutme'];
mysqli_query($con, "UPDATE `users` SET `aboutme` = '$newaboutme' WHERE `uid` = '$uid'") or die(mysqli_error($con));
}
header("Location: /staff/users?success=true");
die();
}
Now these are the two types of submit methods I tried...
1 -
<?php
$ug = $userRow['usergroup'];
$result = mysqli_query($con, "SELECT * FROM `users`") or die(mysqli_error($con));
while ($row = mysqli_fetch_array($result)) {
echo '
<div id="editUser'.$row['uid'].'" class="modal fade" role="dialog">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal">×</button>
<h4 class="modal-title">Edit User</h4>
</div>
<form method="POST" action="users">
<div class="modal-body">
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="username" class="control-label">Username</label>
<input type="text" class="form-control" readonly="" id="username" value="'.$row['username'].'" disabled>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="email" class="control-label">Email</label>
<input type="text" class="form-control" name="email" id="email" value="'.$row['email'].'">
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="usergroup" class="control-label">Usergroup</label>';
if ($ug == "Owner" || $ug == "Manager") {
echo '<select name="usergroup" class="form-control">
<option value="'.$row['usergroup'].'" selected="selected" disabled>'.$row['usergroup'].'</option>
<option value="Client">Client</option>
<option value="Freelancer">Freelancer</option>
<option value="Moderator">Moderator</option>
<option value="Manager">Manager</option>
<option value="Owner" disabled>Owner</option>
</select>';
} else {
echo '<input type="text" class="form-control" readonly="" id="usergroup" value="'.$row['usergroup'].'" disabled>';
}echo '
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="paypal" class="control-label">PayPal</label>';
if ($ug == "Owner" || $ug == "Manager") {
echo '<input type="text" class="form-control" name="paypal" id="paypal" value="'.$row['paypal'].'">';
} else {
echo '<input type="text" class="form-control" readonly="" id="paypal" value="'.$row['paypal'].'" disabled>';
}echo '
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="joindate" class="control-label">Join Date</label>
<input type="text" class="form-control" readonly="" id="joindate" value="'.$row['joindate'].'" disabled>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="joinip" class="control-label">Join IP</label>
<input type="text" class="form-control" readonly="" id="joinip" value="'.$row['joinip'].'" disabled>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="avatarlink" class="control-label">Avatar Link</label>
<input type="text" class="form-control" name="avatarlink" id="avatarlink" value="'.$row['avatarlink'].'">
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="job" class="control-label">Job / Skills</label>
<input type="text" class="form-control" name="job" id="job" value="'.$row['job'].'">
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="aboutme" class="control-label">About</label>
<input type="text" class="form-control" name="aboutme" id="aboutme" value="'.$row['aboutme'].'">
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="portfolio_link" class="control-label">Portfolio</label>
<input type="text" class="form-control" name="portfolio_link" id="portfolio_link" value="'.$row['portfolio_link'].'">
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="tos" class="control-label">Accepted TOS</label>
<input type="text" class="form-control" readonly="" id="tos" value="'.$row['tos_accepted'].'" disabled>
</div>
</div>
</div>
</div>
<div class="modal-footer">
<button class="btn btn-danger btn-block" name="edituser">Edit User</button>
</div>
</form>
</div>
</div>
</div>
'; }
?>
Using this method (above), nothing happens... page just refreshes.
2
<?php
$ug = $userRow['usergroup'];
$result = mysqli_query($con, "SELECT * FROM `users`") or die(mysqli_error($con));
while ($row = mysqli_fetch_array($result)) {
echo '
<div id="editUser'.$row['uid'].'" class="modal fade" role="dialog">
<div class="modal-dialog">
<!-- Modal content-->
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal">×</button>
<h4 class="modal-title">Edit User</h4>
</div>
<form method="POST" action="users">
<div class="modal-body">
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="username" class="control-label">Username</label>
<input type="text" class="form-control" readonly="" id="username" value="'.$row['username'].'" disabled>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="email" class="control-label">Email</label>
<input type="text" class="form-control" name="email" id="email" value="'.$row['email'].'">
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="usergroup" class="control-label">Usergroup</label>';
if ($ug == "Owner" || $ug == "Manager") {
echo '<select name="usergroup" class="form-control">
<option value="'.$row['usergroup'].'" selected="selected" disabled>'.$row['usergroup'].'</option>
<option value="Client">Client</option>
<option value="Freelancer">Freelancer</option>
<option value="Moderator">Moderator</option>
<option value="Manager">Manager</option>
<option value="Owner" disabled>Owner</option>
</select>';
} else {
echo '<input type="text" class="form-control" readonly="" id="usergroup" value="'.$row['usergroup'].'" disabled>';
}echo '
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="paypal" class="control-label">PayPal</label>';
if ($ug == "Owner" || $ug == "Manager") {
echo '<input type="text" class="form-control" name="paypal" id="paypal" value="'.$row['paypal'].'">';
} else {
echo '<input type="text" class="form-control" readonly="" id="paypal" value="'.$row['paypal'].'" disabled>';
}echo '
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="joindate" class="control-label">Join Date</label>
<input type="text" class="form-control" readonly="" id="joindate" value="'.$row['joindate'].'" disabled>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="joinip" class="control-label">Join IP</label>
<input type="text" class="form-control" readonly="" id="joinip" value="'.$row['joinip'].'" disabled>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="avatarlink" class="control-label">Avatar Link</label>
<input type="text" class="form-control" name="avatarlink" id="avatarlink" value="'.$row['avatarlink'].'">
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="job" class="control-label">Job / Skills</label>
<input type="text" class="form-control" name="job" id="job" value="'.$row['job'].'">
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="aboutme" class="control-label">About</label>
<input type="text" class="form-control" name="aboutme" id="aboutme" value="'.$row['aboutme'].'">
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="portfolio_link" class="control-label">Portfolio</label>
<input type="text" class="form-control" name="portfolio_link" id="portfolio_link" value="'.$row['portfolio_link'].'">
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="tos" class="control-label">Accepted TOS</label>
<input type="text" class="form-control" readonly="" id="tos" value="'.$row['tos_accepted'].'" disabled>
</div>
</div>
</div>
</div>
<div class="modal-footer">
<input type="submit" name="edituser" class="btn btn-danger btn-block" value="Edit User">
</div>
</form>
</div>
</div>
</div>
'; }
?>
When attempting this method (above), the page, and the notification display.. but nothing updates from the database.
Thanks for any help :)
