Location: PHPKode > projects > AWebNews > editac.php
<?php
session_start();
// This script was developed by Adam M. B. from aWeb Labs
// Visit us at http://www.labs.aweb.com.au
// for forum problems, bugs, or ideas email hide@address.com
// thanks for trying out or using this news script

// connect to database and pull up info
include "config.php";
$user123=$_POST['Username'];
$db = mysql_connect($db_host,$db_user,$db_pass); 
mysql_select_db ($db_name) or die ("Cannot connect to database"); 
//Get the data
$query = "SELECT id, username, password FROM users WHERE username='$user123'"; 
 
$result = mysql_query($query); 
/* Here we fetch the result as an array */ 
while($r=mysql_fetch_array($result)) 
{ 
/* This bit sets our data from each row as variables, to make it easier to display */ 
$id=$r["id"]; 
$_Username=$r["username"]; 
$_Password=$r["password"]; 


// If the form was submitted
if ($_POST['Submitted'] == "True") {

    // If the username and password match up, then continue...
    if ($_POST['Username'] == $_Username && $_POST['Password'] == $_Password) {

        // Username and password matched, set them as logged in and set the
        // Username to a session variable.
        $_SESSION['Logged_In'] = "486689";
        $_SESSION['Username'] = $_Username;
    }
}
} 
// If they are NOT logged in then show the form to login...
if ($_SESSION['Logged_In'] != "486689") {

    echo "<META HTTP-EQUIV=\"refresh\" content=\"0; URL=login.php?page=" . $_SERVER['PHP_SELF'] . "\">";

} else {
include "style.php";
include "header.php";
?>
<div align="center">
<div class="subnav-box">
<a href="changep.php">Change Password</a>
&nbsp;|&nbsp;
<a href="editac.php">Edit Information</a>
&nbsp;|&nbsp;
<a href="feedback.php">Feedback</a>
&nbsp;|&nbsp;
<a href="<?=$_SERVER['PHP_SELF'];?>?mode=logout">Logout</a>
</div>
<div class="bluein-box3"><b>Edit Account Details:</b>
<div align="center">
<br>

<?
$a=$_GET['a'];
if ($a == "") {
$query = "SELECT id, username, emailadd, fullname FROM users WHERE username='$_SESSION[Username]'"; 
 
$result = mysql_query($query); 
/* Here we fetch the result as an array */ 
while($r=mysql_fetch_array($result)) 
{ 
/* This bit sets our data from each row as variables, to make it easier to display */ 
$id=$r["id"]; 
$username=$r["username"]; 
$emailadd=$r["emailadd"]; 
$fullname=$r["fullname"]; 
// display it all
?>
<div align="center"><br>
<form method="post" name="edit" action="editac.php?a=edit">
Full Name:<br><input type="text" name="fullname" value="<?=$fullname;?>"><br><br>
E-mail Address:<br><input type="text" name="emailadd" value="<?=$emailadd;?>"><br><br>

<input type="submit" value="Change Details">
</form>
</div>
<?
} 
echo "<br>";
} else { }
if ($a =="edit") {
$query = "UPDATE users SET fullname='$_POST[fullname]', emailadd ='$_POST[emailadd]' WHERE username = '$_SESSION[Username]'"; 
$result = mysql_query($query); 
echo "Account ";
$query = "UPDATE news SET author='$_POST[fullname]', eauthor='$_POST[emailadd]'"; 
$result = mysql_query($query); 
echo "Updated";
echo '<meta http-equiv="refresh" content="1;url=accounts.php">'; 
} else { }
?>
</div></div></div>

<?

include "footer.php";
// If they want to logout then
if ($_GET['mode'] == "logout") {
    // Start the session
    session_start();

    // Put all the session variables into an array
    $_SESSION = array();

    // and finally remove all the session variables
    session_destroy();

    // Redirect to show results..
    echo "<META HTTP-EQUIV=\"refresh\" content=\"0; URL=" . $_SERVER['PHP_SELF'] . "\">";
}
}
mysql_close($db); 
?> 
Return current item: AWebNews