<?php
$editId = $_GET['editUser'];
echo($editId);
$statement = $LINK->prepare("SELECT * FROM CinePerson WHERE pk_person=?");
$statement->bind_param('i', $editId);
$statement->execute();
$result = $statement->get_result();
if ($result) {
$row = $result->fetch_assoc();
?>
<h2>Edit User</h2>
<form method="POST" action="">
<input type="hidden" name="film_id" value="<?= $editId ?>">
<label for="name">email:</label>
<input type="text" name="email" value="<?= htmlspecialchars($row['email']) ?>">
<br>
<label for="pw">password:</label>
<input type="password" name="password">
<br>
<label for="isActif">isActif?</label>
<input type="checkBox" name="actif" value="1" <?= $row['isActif'] ? 'checked' : '' ?>>
<br>
<label for="isAdmin">isAdmin?</label>
<input type="checkBox" name="admin" value="1" <?= $row['isAdmin'] ? 'checked' : '' ?>>
<br>
<label for="name">Name:</label>
<input type="text" name="name" value="<?= htmlspecialchars($row['name']) ?>">
<br>
<label for="name">Last Name:</label>
<input type="text" name="lastName" value="<?= htmlspecialchars($row['lastName']) ?>">
<br>
<button type="submit" name="update">Save Changes</button>
<a href="?extra"><button type="button">Cancel</button></a>
</form>
<?php
if(isset($_POST['update']))
{
$email=$_POST['email'];
$newPassword=$_POST['password'];
$actif=$_POST['actif'];
$admin=$_POST['admin'];
$name=$_POST['name'];
$lastName=$_POST['lastName'];
if($admin==NULL)
{
$admin=0;
}
if($actif==NULL)
{
$actif=0;
}
if(!empty($newPassword))
{
$hased=md5($newPassword);
$statement1 = $LINK->prepare("UPDATE CinePerson SET isActif=?, email = ?, password = ?, isAdmin=?, name=?,lastname=? WHERE pk_person = ?");
$statement1->bind_param('ississi',$actif,$email,$hased,$admin,$name,$lastName,$editId);
}else
{
$statement1 = $LINK->prepare("UPDATE CinePerson SET isActif=?, email = ?, isAdmin=?, name=?,lastname=? WHERE pk_person = ?");
$statement1->bind_param('isissi',$actif,$email,$admin,$name,$lastName,$editId);
}
$statement1->execute();
header('Location:?Users');
exit();
}
}
?>