<?php // configuration require "../includes/directory_functions.php"; if ($_SERVER["REQUEST_METHOD"] == "POST") { if (edit_person($_POST['id'], $_POST['name'], $_POST['house'], $_POST['age']) == false) { apologize("There was an error editing the person"); } redirect('/'); } else { // verify input if (empty($_GET['id'])) { apologize("You must enter a user ID"); } // attempt to get the requested user $person = get_person($_GET['id']); if ($person == false) { apologize("There is no user with the ID: " . $_GET['id']); } // render edit person form render("people/edit.php", ["person" => $person]); }
<?php require_once realpath($_SERVER['DOCUMENT_ROOT']) . '/includes/init_member.inc.php'; require_once realpath($_SERVER['DOCUMENT_ROOT']) . '/includes/init_trigger.inc.php'; if (isset($_POST['pid']) && isset($_POST['fullname']) && isset($_POST['dob'])) { edit_person($_POST['pid'], $_POST['fullname'], $_POST['dob']); }
} elseif ($_GET['project_id']) { $project_id = $_REQUEST['project_id']; require_once 'edit_project.php'; } elseif ($_POST['action'] == 'edit_project') { $project_id = $_REQUEST['project_id']; $new_name = $_POST['project_name']; $new_url = $_POST['project_url']; $new_parked = $_POST['parked']; edit_project($project_id, $new_name, $new_url, $new_parked); } elseif ($_GET['person_id']) { $person_id = $_REQUEST['person_id']; require_once 'edit_person.php'; } elseif ($_POST['action'] == 'add_person') { $person_name = $_REQUEST['person_name']; $person_long_name = $_REQUEST['person_long_name']; $person_role = $_REQUEST['person_role']; add_person($person_name, $person_long_name, $person_role); } elseif ($_POST['action'] == 'edit_person') { $person_id = $_REQUEST['person_id']; $new_name = $_POST['person_name']; $new_long_name = $_POST['person_long_name']; $new_role = $_POST['person_role']; edit_person($person_id, $new_name, $new_long_name, $new_role); } elseif ($_GET['action'] == 'list_latest_changes') { list_latest_changes(get_changes()); } else { require_once 'trac.php'; require_once 'display.php'; } /* close MySQL connection */ mysql_close();
<?php $id = htmlspecialchars($_GET["id"]); $fname = htmlspecialchars($_GET["fname"]); $lname = htmlspecialchars($_GET["lname"]); function edit_person($id, $fname, $lname) { include 'dbconnect.php'; $query = "UPDATE Person SET fname='" . $fname . "', lname='" . $lname . "' WHERE id=" . $id; $result = mysqli_query($connection, $query); if ($result) { echo "ok"; } else { echo "nicht ok"; } } edit_person($id, $fname, $lname);