-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathedit_admin.php
More file actions
80 lines (69 loc) · 2.34 KB
/
edit_admin.php
File metadata and controls
80 lines (69 loc) · 2.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
<?php
session_start();
require_once 'config/config.php';
require_once BASE_PATH . '/includes/auth_validate.php';
// Users class
require_once BASE_PATH . '/lib/Users/Users.php';
$users = new Users();
// User ID for which we are performing operation
$admin_user_id = filter_input(INPUT_GET, 'admin_user_id');
$operation = filter_input(INPUT_GET, 'operation', FILTER_SANITIZE_STRING);
($operation == 'edit') ? $edit = true : $edit = false;
// Serve POST request
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
// Sanitize input post if we want
$data_to_db = filter_input_array(INPUT_POST);
// Check whether the user name already exists
$db = getDbInstance();
$db->where('user_name', $data_to_db['user_name']);
$db->where('id', $admin_user_id, '!=');
//print_r($data_to_db['user_name']);die();
$row = $db->getOne('admin_accounts');
//print_r($data_to_db['user_name']);
//print_r($row); die();
if (!empty($row['user_name']))
{
$_SESSION['failure'] = 'Username already exists';
$query_string = http_build_query(array(
'admin_user_id' => $admin_user_id,
'operation' => $operation,
));
header('location: edit_admin.php?'.$query_string );
exit;
}
$admin_user_id = filter_input(INPUT_GET, 'admin_user_id', FILTER_VALIDATE_INT);
// Encrypting the password
$data_to_db['password'] = password_hash($data_to_db['password'], PASSWORD_DEFAULT);
// Reset db instance
$db = getDbInstance();
$db->where('id', $admin_user_id);
$stat = $db->update('admin_accounts', $data_to_db);
if ($stat)
{
$_SESSION['success'] = 'Admin user has been updated successfully';
} else {
$_SESSION['failure'] = 'Failed to update Admin user: ' . $db->getLastError();
}
header('location: admin_users.php');
exit;
}
// Select where clause
$db = getDbInstance();
$db->where('id', $admin_user_id);
$admin_account = $db->getOne("admin_accounts");
// Set values to $row
?>
<?php include BASE_PATH . '/includes/header.php'; ?>
<div id="page-wrapper">
<div class="row">
<div class="col-lg-12">
<h2 class="page-header"><?php echo (!$edit) ? 'Add' : 'Update'; ?> User</h2>
</div>
</div>
<?php include BASE_PATH . '/includes/flash_messages.php'; ?>
<form class="well form-horizontal" action="" method="post" id="contact_form" enctype="multipart/form-data">
<?php include BASE_PATH . '/forms/admin_users_form.php'; ?>
</form>
</div>
<?php include BASE_PATH . '/includes/footer.php'; ?>