I am learning from a tutorial on how to make a register and login system using PDO OOP in php. I have finished the tutorial and finally got everything working. My question is how do I let someone who is already logged on update another user. Is there a different way to know the error than what I have done. Please look at the code below. (This is not the entire code just relevant parts. If you need or want more please tell me and I will edit the post.)
Also the error I'm outputting is 'There was a problem updating.' from the user class.
Thanks in advance for all the help.
This is the Form
try {
$user->update(array(
'group' => Input::get('group')
),'username',Input::get('username'));
Session::flash('home','Your grup has been updated');
Redirect::to('index.php');
} catch(Exception $e) {
die($e->getMessage());
}
<h3>1: Standard User</h3>
<h3>2: Administrator</h3>
<h3>3: Moderator</h3>
<h3>4: Admin/Mod</h3>
<form action="" method="post" autocomplete="off">
<label for="group">Change Group to</label>
<input type="number" name="group" id="group">
<label for="username">for this username</label>
<input type="text" name="username" id="username">
<input type="submit" value="Change Group">
<input type="hidden" name="token" value="<?php echo Token::generate(); ?>">
</form>
Here is the method within the user class
public function update($fields = array(), $chosenfield = 'id', $id= null) {
if(!$id && $this->isLoggedIn()) {
$id = $this->data()->id;
}
if(!$this->_db->update('users', $chosenfield, $id, $fields)) {
throw new Exception('There was a problem updating.');
}
}
Here are the two methods that will show whats going on from the DB class.
public function query($sql, $params = array()) {
$this->_error = false;
if($this->_query = $this->_pdo->prepare($sql)){
$x = 1;
if(count($params)){
foreach($params as $param){
$this->_query->bindValue($x, $param);
$x++;
}
}
if($this->_query->execute()){
$this->_results = $this->_query->fetchAll(PDO::FETCH_OBJ);
$this->_count = $this->_query->rowCount();
} else {
$this->_error = true;
}
}
return $this;
}
public function update($table, $chosenfield, $id, $fields){
$set = '';
$x = 1;
foreach($fields as $name => $value){
$set .="{$name} = ?";
if($x < count($fields)){
$set .= ', ';
}
$x++;
}
$sql = "UPDATE {$table} SET {$set} WHERE {$chosenfield} = {$id}";
if(!$this->query($sql, $fields)->error()){
return true;
}
return false;
}