I am working on a project and one part of it is a form through which an admin can create many subadmins. On this form there are four checkboxes which are checked by admin to set different permissions for the subadmin. However this form is editable means when the admin wants to edit some info of a subadmin similar kind of form opens with values filled in respective fields which are fetched from database. So the admin fills in info like: Name, Email, Password, Permissions (4 check boxes)
Later if admin wants to edit the subadmin info he selects that subadmin from a list of subadmins and the same form opens with same fields but values in fields filled which is from db. So it is like: Name: ABC, Email: abc@def.com, Password: 1234, Permissions (1 or 2 or 3 or 4 checkboxes checked)
Now what I want is when admin clicks update button that subadmin's info gets updated along with checkboxes. So while updating info the admin can remove or give new permissions to the subadmin. For example if previously subadmin had only three permissions then on updation admin can give or remove permissions and that subadmin can have 1 or 2 or 4 permissions given to him (from 3 previously) by the admin. I have written code for this but what is happening is on updation three new rows are created in the database table. So if that subadmin has 1,2,3 permission associated with him in the table then on updation 1,2,3 are created again and again on eah successive updation. Here is my logic for this: 1. Get all permissions from db table and permissions coming in via form. 2. If permissions from form equals permissions from db table, do nothing. 3. If permissions from db table is not equal to permissions from form then delete db table permissions which are not in form permissions. 4. If permissions from form is not equal to permissions from database table then add permissions which are coming from form to db table. and my code for this is below:
$subadmin_permission = $_POST['subadmin_permission']; // permissions from form collected as an array
$query_select = "SELECT permission_name FROM ftv_subadmins_permissions WHERE subadmin_id='$subadmin_id'";
$result_select = mysql_query($query_select);
$all_permissions['all_permissions'] = array();
while($row = mysql_fetch_array($result_select))
{
$all_permissions['all_permissions'][] = $row['permission_name']; // permissions from database collected as an array
}
if(empty($subadmin_permission))
{
}
else
{
$query = "UPDATE ftv_subadmins_login_info SET subadmin_name='$subadmin_name', subadmin_mobile='$subadmin_mobile', ".
"subadmin_email='$subadmin_email', subadmin_address='$subadmin_address', subadmin_city='$subadmin_city', ".
"subadmin_state='$subadmin_state', subadmin_country='$subadmin_country' WHERE subadmin_id='$subadmin_id'";
$result = mysql_query($query);
if($result)
{
foreach($all_permissions['all_permissions'] as $value)
{
if(in_array($value, $subadmin_permission))
{
}
if(in_array($value, $subadmin_permission) != TRUE)
{
foreach($all_permissions['all_permissions'] as $value)
{
$query_permission_delete = "DELETE FROM ftv_subadmins_permissions WHERE permission_name='$value' AND subadmin_id='$subadmin_id'";
$result_permission_delete = mysql_query($query_permission_delete);
if($result_permission_add)
{
$msg = "<span style='color:green; font-weight:bold;'>Sub-admin details has been updated</span>";
}
else
{
$msg = "<span style='color:red; font-weight:bold;'>Sub-admin details could not be updated</span>";
}
}
}
}
foreach($subadmin_permission as $value)
{
if(in_array($value, $all_permissions['all_permissions']) != TRUE)
{
foreach($subadmin_permission as $value)
{
$query_permission_add = "INSERT INTO ftv_subadmins_permissions(subadmin_id, permission_name, permission_value, permission_creation_date)" .
"VALUES('$subadmin_id', '$value', 'Y', NOW())";
$result_permission_add = mysql_query($query_permission_add);
}
}
}
}
