AdminAccount.php
<?php
ob_start();
include 'connection.php';
$ses = $_SESSION['user_id'];
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
echo "<h3> User Account Information </h3>";
if (isset($_SESSION["user_id"] )) {
print "<table border=1 cellpadding='5' width = 100px height = 100px align='middle'>";
print "<th>username</ th>";
print "<th>Password</ th>";
print "<th>email</ th>";
print "<th>edit information</ th>";
print "<th>delete information</ th>";
$query = "SELECT * FROM Register";
$result = mysqli_query($connection, $query);
while ($row = mysqli_fetch_array($result)) {
echo " <tr>";
echo "<td>" . $row['username'] . "</td>";
echo "<td>" . $row['password'] . "</td>";
echo "<td>" . $row['email'] . "</td>";
echo " <form action= InfoActions.php method= 'post'>
<td><input type= 'submit' name = 'type' value= 'Edit'/></td>
<td><input type= 'submit' name = 'type' value= 'Delete'/></td>";
echo "</tr>";
//echo "<td><a href='EditInfo.php?id=" . $row['user_id'] . "'>Edit</a></td>";
}
echo "</table>";
}
if(isset($_POST['submit'])){
$query = ("UPDATE Register SET username = '$username' , password = '$password' , email = '$email' WHERE user_id='$ses'");
$result = mysqli_query($connection,$query);
header('location:ProtectedPage.php');
//Temporarily echo $query for debugging purposes
//run $query
}
InfoActions.php
<?php
session_start();
include 'connection.php';
$ses = $_SESSION['user_id'];
if (isset($_POST['type'])) {
$urls = array(
'Edit Information' => 'EditInfo.php',
'Delete' => 'DeleteInfo.php'
);
$url = $urls[$_POST['type']];
}
?>
I'll let you know now I copied the InfoActions.php code and changed it a bit but don't fully understand the (isset($_POST['type']), $url and $url = $urls[$_POST['type']];
bit!
EditInfo.php
<form method="post" action="AdminAccount.php">
<lable for ="Username" > Username: </lable> </br>
<input type="text" name="username" value=''/> </br>
<lable for ="Password" > Password: </lable> </br>
<input type="password" name="password" /> </br>
<lable for ="Email" > Email: </lable> </br>
<input type="email" name="email" /> </br>
<input type="submit" name="submit" value="submit" />
<input type="reset" value="clear" />
</form>
DeleteInfo.php
<?php
session_start();
$ses = $_SESSION['user_id'];
$query = "DELETE FROM Register WHERE user_id=$user_id'";
$result = mysql_query($query);
?>