commit jun 24

php/update-user.php

@@ -0,0 +1,46 @@
+<?php
+require 'connect.inc.php';
+
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    // Retrieve data from the form
+    $name = mysqli_real_escape_string($con, $_POST['name']);
+    $surname = mysqli_real_escape_string($con, $_POST['surname']);
+    $email = mysqli_real_escape_string($con, $_POST['email']);
+    $password = mysqli_real_escape_string($con, $_POST['password']);
+    $password_again = mysqli_real_escape_string($con, $_POST['password_again']);
+    $city = mysqli_real_escape_string($con, $_POST['city']);
+    $birth_day = mysqli_real_escape_string($con, $_POST['birth_day']);
+    $birth_month = mysqli_real_escape_string($con, $_POST['birth_month']);
+    $birth_year = mysqli_real_escape_string($con, $_POST['birth_year']);
+    $admin = mysqli_real_escape_string($con, $_POST['admin']);
+
+    // Hash the password if it was provided
+    if (!empty($password) && $password == $password_again) {    
+        $password_hashed = md5($password);
+        $password_update = "password = '$password_hashed',";
+    } else {
+        $password_update = "";
+    }
+
+    $query = "UPDATE `globaly_accounts` SET 
+                name = '$name',
+                surname = '$surname',
+                email = '$email',
+                $password_update
+                city = '$city',
+                birth_day = '$birth_day',
+                birth_month = '$birth_month',
+                birth_year = '$birth_year',
+                admin = '$admin'
+              WHERE email = '$email'";
+
+    if (mysqli_query($con, $query)) {
+        echo '<script type="text/javascript">
+        alert("You have successfully edit the user!");
+        window.location.href = "../admin_panel.php";
+        </script>';
+    } else {
+        echo "Error updating user information: " . mysqli_error($con);
+    }
+}
+?>