<?php session_start(); include_once "../DataAccess/dbConnect.php"; $db = dbConnect::getUserConnection(); if (!isset($_SESSION['myusername'])) { header("location:main_login.php"); } if ($_SESSION['admin'] == 0 && $_SESSION['allaccess'] == 0) { header("location:main_login.php"); } $userid = mysqli_real_escape_string($db, $_POST['update']); $query = "SELECT * FROM Users WHERE User_ID = '{$userid}'"; $result = mysqli_query($db, $query); while ($row = mysqli_fetch_assoc($result)) { $first_name = $row['first_name']; $last_name = $row['last_name']; $user_name = $row['user_name']; $password = $row['password']; $salt = $row['salt']; } $query = "SELECT * FROM Privileges WHERE Users_User_ID = '{$userid}'"; $result = mysqli_query($db, $query); while ($row = mysqli_fetch_assoc($result)) { $administrator = $row['Administrator']; $editor = $row['Editor']; $author = $row['Author']; } ?> <html> <head>