Paul
Reputation: 3368
Carrying over a user's information to a new page and then editing it
I am outputting all of my user's into a table on a page I have called admincustomers.php. I am then attempting to select EDIT on a specific users record. I then route that to a page called editusers.php. I then want all of that specific users information to be outputted on that page. I am not displaying all of the user information I have in my table on admincustomers.php. So when the edit page loads I want to get all of that users information so I have the ability to edit it.
The issue I am having is I am not quite sure how I can carry over the customers ID and get the information to the next page.
admincustomers.php page
$con = mysqli_connect("localhost","root","","bfb");
$q = mysqli_query($con,"SELECT * FROM users");
?>
<table class="tableproduct">
<tr>
<th class="thproduct">ID</th>
<th class="thproduct">First Name</th>
<th class="thproduct">Last Name</th>
<th class="thproduct">Email</th>
<th class="thproduct">Username</th>
<th class="thproduct">Group</th>
<th class="thproduct"></th>
<th class="thproduct"></th>
</tr>
<?php
if(isset($_POST['id']) && is_numeric($_POST['id'])) {
mysqli_query($con, "DELETE FROM users WHERE id = ". $_POST['id'] ."")
or die("Could not DELETE: " . mysqli_error($con));
"Your product was successfully deleted.";
} else {Session::flash('adminusers', 'User was successfully deleted.');
}
while($row = mysqli_fetch_assoc($q)) :
?>
<form method="POST" action="admincustomers.php">
<tr>
<td class="tdproduct"><?php echo $row['id']; ?> </td>
<td class="tdproduct"><?php echo $row['firstname']; ?> </td>
<td class="tdproduct"><?php echo $row['lastname']; ?> </td>
<td class="tdproduct"><?php echo $row['email']; ?> </td>
<td class="tdproduct"><?php echo $row['username']; ?> </td>
<td class="tdproduct"><?php echo $row['group']; ?> </td>
<td class="tdproduct"><a href='edituser.php?id=<?php echo $row['id']; ?>'>EDIT</a></td>
<input type="hidden" name="id" value="<? echo $row['id']; ?>"/>
<td class="tdproduct"><input name="delete" type="submit" value="DELETE "/></td>
</tr>
</form>
<?php
endwhile;
//Delete message
if(Session::exists('adminusers')) {
echo '<p>' . Session::flash('adminusers') . '</p>';
}
?>
</table>
editusers.php page
I'm trying to escape the users data, but I only get my user information escaped onto the page.
<?php
$_GET['id'];
?>
<form action="" method="post">
<div class="field">
<label for="firstname">First name</label>
<input type="text" name="firstname" class="inputbar" value="<?php echo escape($user->data()->firstname); ?>" required>
</div>
<div class="field">
<label for="lastname">Last name</label>
<input type="text" class="inputbar" name="lastname" value="<?php echo escape($user->data()->lastname); ?>" required>
</div>
<div class="field">
<label for="email">Email</label>
<input type="email" class="inputbaremail" name="email" value="<?php echo escape($user->data()->email); ?>" required>
</div>
<div class="field">
<label for="username">Username</label>
<input type="text" class="inputbar" name="username" value="<?php echo escape($user->data()->username); ?>" required>
</div>
<input type="hidden" name="token" value="<?php echo Token::generate(); ?>">
<label for="signinButton">
<input type="submit" id="signinButton" value="Update">
</label>
</form>
What am I doing wrong and how can I go about fixing this issue?
UPDATE:
$user variable
public function __construct($user = null) {
$this->_db = DB::getInstance();
$this->_sessionName = Config::get('session/session_name');
$this->_cookieName = Config::get('remember/cookie_name');
if(!$user) {
if(Session::exists($this->_sessionName)) {
$user = Session::get($this->_sessionName);
if($this->find($user)) {
$this->_isLoggedIn = true;
} else {
// process Logout
}
}
} else {
$this->find($user);
}
}
Upvotes: 0
Views: 52
Answers (1)
Barmar
Reputation: 781726
In the editusers.php script, look up the user in $_GET['id'] and use that information, not $user.
<?php
$con = mysqli_connect("localhost","root","","bfb");
$stmt = $con->prepare("SELECT firstname, lastname, email, username FROM users WHERE id = ?");
$stmt->bind_param("i", $_GET['id']);
$stmt->execute();
$stmt->bind_result($firstname, $lastname, $email, $username);
$stmt->store_result();
if ($stmt->fetch()) { ?>
<form action="" method="post">
<div class="field">
<label for="firstname">First name</label>
<input type="text" name="firstname" class="inputbar" value="<?php echo htmlentities($firstname); ?>" required>
</div>
<div class="field">
<label for="lastname">Last name</label>
<input type="text" class="inputbar" name="lastname" value="<?php echo htmlentities($lastname); ?>" required>
</div>
<div class="field">
<label for="email">Email</label>
<input type="email" class="inputbaremail" name="email" value="<?php echo htmlentities($email); ?>" required>
</div>
<div class="field">
<label for="username">Username</label>
<input type="text" class="inputbar" name="username" value="<?php echo htmlentities($username); ?>" required>
</div>
<input type="hidden" name="token" value="<?php echo Token::generate(); ?>">
<label for="signinButton">
<input type="submit" id="signinButton" value="Update">
</label>
</form>
<?php } else { ?>
<div>
User <?php echo htmlentities($_GET['id']); ?> not found.
<?
}
Upvotes: 1
Related Questions
- Pass form data to another page with php
- Sending user data over part 2
- Carry over users details to a new page
- Storing User Input and using it through multiple pages
- Transfer Mysql info from a page to another page
- make a form action to another page without losing the information
- Sending form data to one page, then another?
- Including form data in another page
- Make a form in php that saves information a user gives, and plugs it into a another printable page
- Passing Information Between PHP Pages