-
Notifications
You must be signed in to change notification settings - Fork 117
Expand file tree
/
Copy pathdetails.php
More file actions
75 lines (59 loc) · 2.56 KB
/
Copy pathdetails.php
File metadata and controls
75 lines (59 loc) · 2.56 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
<?php
include("_includes/config.inc");
include("_includes/dbconnect.inc");
include("_includes/functions.inc");
// check logged in
if (isset($_SESSION['id'])) {
echo template("templates/partials/header.php");
echo template("templates/partials/nav.php");
// if the form has been submitted
if (isset($_POST['submit'])) {
// build an sql statment to update the student details
$sql = "update student set firstname ='" . $_POST['txtfirstname'] . "',";
$sql .= "lastname ='" . $_POST['txtlastname'] . "',";
$sql .= "house ='" . $_POST['txthouse'] . "',";
$sql .= "town ='" . $_POST['txttown'] . "',";
$sql .= "county ='" . $_POST['txtcounty'] . "',";
$sql .= "country ='" . $_POST['txtcountry'] . "',";
$sql .= "postcode ='" . $_POST['txtpostcode'] . "' ";
$sql .= "where studentid = '" . $_SESSION['id'] . "';";
$result = mysqli_query($conn,$sql);
$data['content'] = "<p>Your details have been updated</p>";
}
else {
// Build a SQL statment to return the student record with the id that
// matches that of the session variable.
$sql = "select * from student where studentid='". $_SESSION['id'] . "';";
$result = mysqli_query($conn,$sql);
$row = mysqli_fetch_array($result);
// using <<<EOD notation to allow building of a multi-line string
// see http://stackoverflow.com/questions/6924193/what-is-the-use-of-eod-in-php for info
// also http://stackoverflow.com/questions/8280360/formatting-an-array-value-inside-a-heredoc
$data['content'] = <<<EOD
<h2>My Details</h2>
<form name="frmdetails" action="" method="post">
First Name :
<input name="txtfirstname" type="text" value="{$row['firstname']}" /><br/>
Surname :
<input name="txtlastname" type="text" value="{$row['lastname']}" /><br/>
Number and Street :
<input name="txthouse" type="text" value="{$row['house']}" /><br/>
Town :
<input name="txttown" type="text" value="{$row['town']}" /><br/>
County :
<input name="txtcounty" type="text" value="{$row['county']}" /><br/>
Country :
<input name="txtcountry" type="text" value="{$row['country']}" /><br/>
Postcode :
<input name="txtpostcode" type="text" value="{$row['postcode']}" /><br/>
<input type="submit" value="Save" name="submit"/>
</form>
EOD;
}
// render the template
echo template("templates/default.php", $data);
} else {
header("Location: index.php");
}
echo template("templates/partials/footer.php");
?>