k guys so I have a login script, then an admin page, only for admins ><. But on the admin page I want them to be able to change there information, like email, username, password, account type, by the way my data base has all of these things acc type username password email id. The acc type is accountype and it is an "Enum" and a is normal users and c is admin's. They need to have the C type to get in but when they update it, it says it all works. But it always makes the username to "0". Help please. Here are the two files
admin_page.php
<?php
//include the database info to connect
include ('update.php');
if (!isset($_SESSION['admin'])) {
echo 'You need to be logged in, and be an admin to view this page!';
die();
} else {
echo 'Welcome to the admin page, ';
echo $_SESSION['id'];
echo ', Feel free to edit, update or delete all of the users information';
}
?>
<html>
<head>
<title> Admin Page </title>
</head>
<body>
<br />
<a href="login_success.php"> Home Page </a><br />
<a href="logout.php"> Logout </a><br /><br />
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form action="update.php" method="post">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Edit User: <?php echo $_SESSION['id']; ?>'s information </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="username" type="text"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="password" type="password"></td>
</tr>
<tr>
<td width="78">Email</td>
<td width="6">:</td>
<td width="294"><input name="email" type="text"></td>
</tr>
<tr>
<td width="78">Account Type</td>
<td width="6">:</td>
<td width="294"><select name="accounttype">
<option value="a">Normal User</option>
<option value="c">Admin</option>
</td>
</select>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="submit" value="submit"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
</body>
</html>and update.php
<?php
session_start();
//database connect information
$host = 'localhost'; //mysql server domain
$user = 'grant'; //mysql username
$pass = 'root'; //mysql password
$db = 'login'; //mysql database name
$connect = @mysql_connect ($host,$user,$pass);
$select = @mysql_select_db($db,$connect);
//action for submit the button
if (isset ($_POST['submit'])) {
//gets information from the feilds username password and email
$username = $_POST['username'];
$password = $_POST['password'];
$email = $_POST['email'];
$accounttype = $_POST['accounttype'];
$updte = $_SESSION['id'];
$updtepass = $_SESSION['od'];
//checks to see empty username or password
if (!empty ($username) && !empty ($password) && !empty ($email) && !empty ($accounttype)) {
$sql = mysql_query("update members SET username='$username' and password='$password' and email='$email' and accounttype='$accounttype'
WHERE username='$updte' and password='$updtepass'");
echo 'User ';
echo $_SESSION['id'];
echo 's information was updated';
echo '<html><body><br /><a href="admin_page.php">Return to admin page</a></body></html>';
} else {
echo 'You are not aloud to change a users information like this';
}
}
?>Please help and tell me if you need any other of the files.
