2022-12-30 03:25:40 +00:00
|
|
|
<?php
|
|
|
|
include "partials/header.php";
|
2023-03-07 01:23:47 +00:00
|
|
|
if(!isset($_SESSION['user_is_admin'])){
|
|
|
|
header("location: " . ROOT_URL . "logout.php");
|
|
|
|
//destroy all sessions and redirect user to login page
|
|
|
|
session_destroy();
|
|
|
|
}
|
|
|
|
|
|
|
|
if(isset($_GET['id'])){
|
|
|
|
$id = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
|
2024-03-29 06:07:20 +00:00
|
|
|
$query = "SELECT firstname,lastname,is_admin FROM users WHERE id='$id'";
|
2023-03-07 01:23:47 +00:00
|
|
|
$result = mysqli_query($connection, $query);
|
|
|
|
$user = mysqli_fetch_assoc($result);
|
|
|
|
}else{
|
|
|
|
header('location: ' . ROOT_URL . 'admin/manage-users.php');
|
|
|
|
}
|
2022-12-30 03:25:40 +00:00
|
|
|
?>
|
|
|
|
|
|
|
|
<section class="form__section">
|
|
|
|
<div class="container form__section-container">
|
|
|
|
<h2>Edit User</h2>
|
|
|
|
|
2023-03-07 01:23:47 +00:00
|
|
|
<form action="<?=ROOT_URL?>admin/edit-user-logic.php" enctype="multipart/form-data" method ="POST">
|
|
|
|
<input type="hidden" value="<?=$id?>" name='id'>
|
|
|
|
<input type="text" name ="firstname" value="<?= $user['firstname'] ?>" placeholder="First Name">
|
|
|
|
<input type="text" name ="lastname" value="<?= $user['lastname'] ?>" placeholder="Last Name">
|
2024-03-29 07:51:14 +00:00
|
|
|
<select name="userrole">
|
|
|
|
<option value="0">Author</option>
|
|
|
|
<option <?= $user['is_admin'] ? 'selected' : '' ?> value="1">Admin</option>
|
|
|
|
</select>
|
2023-03-07 01:23:47 +00:00
|
|
|
<button type="submit" name="submit" class="btn">Update User</button>
|
2022-12-30 03:25:40 +00:00
|
|
|
</form>
|
|
|
|
</div>
|
|
|
|
</section>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<?php
|
|
|
|
include "../partials/footer.php";
|
|
|
|
?>
|