<?php
session_start();
include_once "../DataAccess/dbConnect.php";
$db = dbConnect::getUserConnection();
if (!isset($_SESSION['myusername'])) {
header("location:main_login.php");
}
if ($_SESSION['admin'] == 0 && $_SESSION['allaccess'] == 0) {
header("location:main_login.php");
}
$userid = mysqli_real_escape_string($db, $_POST['update']);
$query = "SELECT * FROM Users WHERE User_ID = '{$userid}'";
$result = mysqli_query($db, $query);
while ($row = mysqli_fetch_assoc($result)) {
$first_name = $row['first_name'];
$last_name = $row['last_name'];
$user_name = $row['user_name'];
$password = $row['password'];
$salt = $row['salt'];
}
$query = "SELECT * FROM Privileges WHERE Users_User_ID = '{$userid}'";
$result = mysqli_query($db, $query);
while ($row = mysqli_fetch_assoc($result)) {
$administrator = $row['Administrator'];
$editor = $row['Editor'];
$author = $row['Author'];
}
?>
<html>
<head>
