-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsettingsU.php
182 lines (147 loc) · 5.77 KB
/
settingsU.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
<?php include('partials/headerSection.php');
ob_start();
?>
<div class="main">
<?php include('partials/sideMenuU.php')?>
<div class="mainContent">
<div class="topSection flex">
<div class="dashboardTitle">
<h1>Settings Page</h1>
</div>
<div class="userBox flex">
<a href="index.php">
<div class="adminImage">
<img src="./assets/images/pp.jpg" alt="Admin Image">
</div>
</a>
<div class="userName">
<span>Administrator</span>
<small><?php
if(isset($_SESSION['firstName'])){
echo $_SESSION['firstName'];
}
?></small>
</div>
<i class="uil uil-bell icon"></i>
</div>
</div>
<div class="body">
<div class="overViewDiv">
<div class="intro flex" >
<h3 class="title">Settings</h3>
<?php
if(isset($_SESSION['settings'])){
echo $_SESSION['settings'];
unset($_SESSION['settings']);
}
?>
<div class="addBtn">
<a href="dashboardU.php">
<span>Save Settings</span>
</a>
</div>
</div>
</div>
<?php
// Get the values from the database=========>
$fstName = $_SESSION['firstName'];
$sql = "SELECT * FROM admins WHERE first_name = '$fstName'";
$res = mysqli_query($conn, $sql);
if($res==TRUE){
$count = mysqli_num_rows($res);
if($count==1){
while($row = mysqli_fetch_assoc($res)){
$fName = $row['first_name'];
$sName = $row['second_name'];
$eID = $row['atp_id'];
$role = $row['admin_role'];
$password = $row['admin_pswrd'];
}
}
else{
header('location:' .SITEURL. 'settingsU.php');
exit();
}
}
?>
<div class="mainItems">
<div class="addCaseContainer flex">
<div class="rowsDiv">
<form action="" method="POST">
<div class="row">
<label for="firstName">First Name <small>Click to change</small></label>
<input type="text" name="firstName" id="firstName" value="<?php echo $fName;?>">
</div>
<div class="row">
<label for="secondName">Second Name <small>Click to change</small></label>
<input type="text" name="secondName" id="secondName" value="<?php echo $sName;?>">
</div>
<div class="row">
<label for="id">Employee ID No. <small>Click to change</small></label>
<input type="text" name="id" id="id" >
<input type="hidden" name="targetID" value="<?php echo $eID;?>">
</div>
<div class="row">
<label for="currentPassword">Current Password <small>Click to change</small></label>
<input type="password" name="currentPassword" id="currentPassword" >
<input type="hidden" name="currPassword" value="<?php echo $password;?>">
</div>
</div>
<div class="rowsDiv">
<div class="row">
<label for="newPassword">New Password <small>Click to change</small></label>
<input type="password" name="newPassword" id="newPassword" >
</div>
<!-- <div class="row">
<label for="confirmPassword">confirm Password <small>Click to change</small></label>
<input type="password" name="confirmPassword" id="confirmPassword" placeholder="kubrom.1">
</div> -->
<div class="row">
<input type="hidden" name="targetAdmin" value="<?php echo $fstName; ?>">
<input type="submit" name="submit" id="submitBtn" value="Update">
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
<?php include('partials/footer.php')?>
<?php
if(isset($_POST['submit'])){
// get the input and assign them to variables
$targetAdmin = $_POST['targetAdmin'];
$currPassword = $_POST['currPassword'];
$firstName = $_POST['firstName'];
$secName = $_POST['secondName'];
$targetID = $_POST['targetID'];
$empID = $_POST['id'];
$currentPassword = $_POST['currentPassword'];
$newPassword = $_POST['newPassword'];
if($currPassword == $currentPassword && $targetID == $empID){
$sql = "UPDATE admins SET
first_name = '$firstName',
second_name = '$secName',
atp_id = '$empID',
admin_pswrd = '$newPassword'
WHERE first_name = '$fstName'";
$res = mysqli_query($conn,$sql);
if($res == TRUE){
$_SESSION['settings'] = '<span class="success">Updates successful!</span>';
header('location:' .SITEURL. 'settingsU.php');
exit();
}
else{
$_SESSION['settings'] = '<span class="fail">Something wrong!</span>';
header('location:' .SITEURL. 'settingsU.php');
exit();
}
}
else{
$_SESSION['settings'] = '<span class="fail">Either Emp ID or Current Password is wrong!</span>';
header('location:' .SITEURL. 'settingsU.php');
exit();
}
}
?>