OK, here's the logic behind it:
1) The page loads. It just the page with the update form. The user fills in the new details and posts this data (by submitting the form) to itself by reloading the page.
2) So, we have the page loading again. Unless you check to see whether or not the form was submitted, then you're just gonna keep going round in circles. Therefore in that same page you need to check if the form was submitted, using my advice above.
So it might look like this:
PHP Code:
<HTML>
<HEAD>
<TITLE>Update user</TITLE>
</HEAD>
<BODY>
<?
//include ("login.php" );
include ("include/db.php" );
$server = "$host";
$mysql_user = "$user";
$mysql_password = "$pass";
$database = "$db";
$userid = $_GET['userid']; // assuming you're sending the userid in the adress. Like: updateuser.php?id=23
// Connecting to mysql
$link = mysql_connect($server, $mysql_user, $mysql_password)
or die("Could not connect to mysql!<br />mysql error: " . mysql_error());
// Selecting databse
mysql_select_db ($database, $link)
or die("Could not select db!<br />mysql error: " . mysql_error());
// we check to see if the form got submitted by seeing if the value of UPDATE (the name of the button) is set
if(isset($_POST["update"])) {
// yes it is, therefore do an update
$update=mysql_query("UPDATE user SET password='$_POST[password]' WHERE userid = $userid");
if (!$update) { echo "Couldn't update" . mysql_error(); } else { echo "Update successful!"; }
} else { // the form hasn't yet been submitted, so we need to display the form
// The query. You need to change this to reflect your tablename and columnames.
$sql = "SELECT userid, password, webspace, userlevel FROM user WHERE userid=$userid";
//Retrieving data from database
$result = mysql_query($sql)
or die ("Invalid query!<br />mysql error: " . mysql_error());
if(empty($result))
{
echo "Didn't find any user with that userid!";
} elseif(mysql_num_rows($result)>1) {
echo "Duplicate users with that userid!";
} else {
// Userlevels
$levels = array(1=>'Basic', 'Normal', 'Extra', 'Reseller', 'Admin');
// Printing out the form
echo "<form method=\"post\" action=\"updateuser.php?userid=test\">\n";
echo "<table>\n";
// Fetching the result into an associative array
$row = mysql_fetch_array($result);
echo "<tr><td>username</td><td>$userid</td></tr>\n";
echo "<tr><td>password</td><td><input type=\"text\" name=\"password\" value=\"" . $row['password'] . "\"></td></tr>\n";
echo "<tr><td><select size=\"1\" name=\"D1\">\n";
foreach ($levels as $key => $value)
{
if ($key == $row['userlevel']) {
echo "<option selected=\"selected\" value=\"$key\">$value</option>\n";
} else {
echo "<option value=\"$key\">$value</option>\n";
}
}
echo "</td></tr>\n";
echo "<tr><td>\n<input type=\"submit\" name=\"update\" value=\"update\"></td></tr>\n\n";
echo "</form>\n";
}
}
?>
Those are the basics. No idea if that will work because I just did it quickly. You will have to change your update to allow whatever fields to be changed. Also don't forget you may have problems if they are trying to change their password/username etc. if you are using sessions.
Matt
but i have a problem:
Bookmarks