searls03 Posted March 11, 2011 Share Posted March 11, 2011 I need to know how to allow admin to essentially be "all users" in otherwords, edit everyones profile and not just their own. Tell me what codes would be helpful and i will send them on in. By the way, i do have a script that allows members to edit own profile. Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/ Share on other sites More sharing options...
Maq Posted March 11, 2011 Share Posted March 11, 2011 I need to know how to allow admin to essentially be "all users" in otherwords, edit everyones profile and not just their own. Tell me what codes would be helpful and i will send them on in. By the way, i do have a script that allows members to edit own profile. Post the current code you have (I know you have some ;P). Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186348 Share on other sites More sharing options...
searls03 Posted March 11, 2011 Author Share Posted March 11, 2011 do you want the one from the other thread or the my profile edit page? Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186354 Share on other sites More sharing options...
searls03 Posted March 11, 2011 Author Share Posted March 11, 2011 here code from other thread: <?php session_start(); // Must start session first thing /* Created By Adam Khoury @ [url=http://'http://www.flashbuilding.com/']www.flashbuilding.com[/url] -----------------------June 20, 2008----------------------- */ // Here we run a login check if (!isset($_SESSION['id'])) { echo 'Please <a href="login.php">log in</a> to access your account'; exit(); } //Connect to the database through our include include_once "connect_to_mysql.php"; // Place Session variable 'id' into local variable $id = $_SESSION['id']; // Query member data from the database and ready it for display $sql = mysql_query("SELECT * FROM members WHERE id='$id' limit 1"); while($row = mysql_fetch_array($sql)){ $id = $row['id']; } // Process the form if it is submitted if ($_POST['rank']) { $badges = $_POST['badges']; $rank = $_POST['rank']; $sql = mysql_query("UPDATE scoutinfo SET badges='$badges', rank='$rank', id='$id'"); printf("Records updated: %d\n", mysql_affected_rows()) ; exit(); } // close if post ?> and here edit profile: <?php session_start(); // Must start session first thing /* Created By Adam Khoury @ [url='http://www.flashbuilding.com/']www.flashbuilding.com[/url] -----------------------June 20, 2008----------------------- */ // Here we run a login check if (!isset($_SESSION['id'])) { echo 'Please <a href="login.php">log in</a> to access your account'; exit(); } //Connect to the database through our include include_once "connect_to_mysql.php"; // Place Session variable 'id' into local variable $id = $_SESSION['id']; // Process the form if it is submitted if ($_POST['username']) { $name = $_POST['name']; $phone = $_POST['phone']; $username = $_POST['username']; $address = $_POST['address']; $city = $_POST['city']; $state = $_POST['state']; $zip = $_POST['zip']; $cell = $_POST['cell']; $email = $_POST['email']; $rank = $_POST['rank']; $badges = $_POST['badges']; $sql = mysql_query("UPDATE members SET name='$name', phone='$phone', username='$username', address='$address', city='$city', state='$state', zip='$zip', cell='$cell', email='$email', rank='$rank', badges='$badges' WHERE id='$id'"); echo 'Your account info has been updated, visitors to your profile will now see the new info.<br /><br /> <meta HTTP-EQUIV="REFRESH" content="3; url=http://final.net46.net/myprofile.php">'; exit(); } // close if post ?> <?php // Query member data from the database and ready it for display $sql = mysql_query("SELECT * FROM members WHERE id='$id' LIMIT 1"); while($row = mysql_fetch_array($sql)){ $name = $row["name"]; $phone = $row["phone"]; $username = $row["username"]; $address = $row["address"]; $city = $row["city"]; $state = $row["state"]; $zip = $row["zip"]; $cell = $row["cell"]; $email = $row["email"]; $accounttype = $row["accounttype"]; $rank = $row["rank"]; $badges = $row["badges"]; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/template2.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <!-- InstanceBeginEditable name="doctitle" --> <title>Untitled Document</title> <!-- InstanceEndEditable --> <style type="text/css"> #apDiv1 { position:absolute; left:33px; top:320px; width:252px; height:48px; z-index:1; } #apDiv2 { position:absolute; left:33px; top:361px; width:254px; height:46px; z-index:2; } #apDiv3 { position:absolute; left:33px; top:525px; width:256px; height:43px; z-index:3; } #apDiv4 { position:absolute; left:33px; top:402px; width:250px; height:48px; z-index:4; } #apDiv5 { position:absolute; left:106px; top:616px; width:263px; height:255px; z-index:5; } #apDiv6 { position:absolute; left:323px; top:200px; width:898px; height:530px; z-index:5; } #apDiv7 { position:absolute; left:33px; top:443px; width:266px; height:42px; z-index:6; } #apDiv8 { position:absolute; left:111px; top:500px; width:125px; height:37px; z-index:7; } #apDiv8 strong { font-size: 24px; } #apDiv9 { position:absolute; left:33px; top:408px; width:267px; height:49px; z-index:8; } #apDiv10 { position:absolute; left:33px; top:449px; width:242px; height:23px; z-index:9; } #apDiv8 a { color: #000; } #apDiv11 { position:absolute; left:101px; top:490px; width:168px; height:42px; z-index:10; font-size: 24px; font-weight: bold; } #apDiv11 a { color: #000; } #apDiv12 { position:absolute; left:33px; top:210px; width:205px; height:135px; z-index:11; } #apDiv12 { text-align: center; } #apDiv13 { position:absolute; left:33px; top:320px; width:258px; height:47px; z-index:12; } #apDiv { position:absolute; left:33px; top:484px; width:225px; height:35px; z-index:11; } #apDiv14 { position:absolute; left:33px; top:566px; width:298px; height:51px; z-index:12; } #apDiv15 { position:absolute; left:101px; top:611px; width:168px; height:42px; z-index:10; font-size: 24px; font-weight: bold; } #apDiv5 a { font-size: 24px; color: #000; font-weight: bold; } </style> <script type="text/javascript"> function MM_swapImgRestore() { //v3.0 var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc; } function MM_preloadImages() { //v3.0 var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}} } function MM_findObj(n, d) { //v4.01 var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) { d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);} if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n]; for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document); if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImage() { //v3.0 var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } </script> <!-- InstanceBeginEditable name="head" --> <script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script> <link href="SpryAssets/SpryTabbedPanels.css" rel="stylesheet" type="text/css" /> <!-- InstanceEndEditable --> <!-- InstanceParam name="id" type="text" value="apDiv6" --> </head> <body onload="MM_preloadImages('button/myprofile2.png','button/pictures2.png','button/projects1.png','button/news2.png','button/eventmanager2.png','button/membermanager2.png','button/newsmanager2.png')"> <div id="apDiv2"><a href="register.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image3','','button/register2.png',1)"><img src="button/register1.png" name="Image3" width="235" height="50" border="0" id="Image3" /></a></div> <div id="apDiv4"><a href="projects.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image4','','button/projects2.png',1)"><img src="button/projects1.png" name="Image4" width="235" height="50" border="0" id="Image4" /></a></div> <div id="apDiv11"><?php if ($accounttype == "Scout") { echo '<a href="../logout.php">Logout</a>';} ?></div> <div id="apDiv12"><?php echo "$accounttype"; ?> <p><?php echo "$name"; ?></p> <p>Troop 78</p> </div> <div id="apDiv13"><a href="myprofile.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image5','','button/myprofile2.png',1)"><img src="button/myprofile1.png" name="Image5" width="235" height="50" border="0" id="Image5" /></a></div> <div id="apDiv5"><?php if ($accounttype == "Admin") { echo "<a href=\"../logout.php\">Logout</a>"; } ?></div> </a> </div> <div id="apDiv6"><!-- InstanceBeginEditable name="EditRegion3" --> <div id="TabbedPanels1" class="TabbedPanels"> <ul class="TabbedPanelsTabGroup"> <li class="TabbedPanelsTab" tabindex="0">My Info</li> <li class="TabbedPanelsTab" tabindex="0">Merit Badges</li> <li class="TabbedPanelsTab" tabindex="0">Scout Rank</li> </ul> <div class="TabbedPanelsContentGroup"> <div class="TabbedPanelsContent"><form action="myprofile.php" method="post" enctype="multipart/form-data" name="form" id="form" onsubmit="return validate_form ( );"> <table align="center" cellpadding="8" cellspacing="8"> <tr> <?php if ($accounttype == "Scout") { ?> <td><div align="right">Name:</div></td> <td><input name="name" type="text" disabled="disabled" id="name" value="<?php echo "$name"; ?>" size="30" maxlength="64" /></td> </tr><?php } ?> <tr> <td><div align="right">Name:</div></td> <td><input name="name" type="text" id="name" value="<?php echo "$name"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td>Phone Number:</td> <td><input name="phone" type="text" id="phone" value="<?php echo "$phone"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td><div align="right">Address:</div></td> <td><input name="address" type="text" id="address" value="<?php echo "$address"; ?>" size="30" maxlength="24" /></td> </tr> <tr> <td><div align="right">City:</div></td> <td><input name="city" type="text" id="city" value="<?php echo "$city"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td><div align="right">State:</div></td> <td><input name="state" type="text" id="state" value="<?php echo "$state"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td><div align="right">Zip Code:</div></td> <td><input name="zip" type="text" id="zip" value="<?php echo "$zip"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td><div align="right">Email:</div></td> <td><input name="email" type="text" id="email" value="<?php echo "$email"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td><div align="right">Cell Phone:</div></td> <td><input name="cell" type="text" id="cell" value="<?php echo "$cell"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td class="aaaaaaa">Username:</td> <td><label for="username"></label> <input name="username" type="text" id="username" value="<?php echo "$username"; ?>"/> </td> </tr> <tr> <td class="aaaaaaa"> </td> <td><label for="accounttype"></label> <input type="submit" name="submit" id="submit" value="Save" /></td> </tr> </table> </form> </div> <div class="TabbedPanelsContent"> <label for="badges"></label> <input name="badges" type="text" id="badges" value="<?php echo "$badges"; ?>" /> </div> <div class="TabbedPanelsContent"> <input name="badges2" type="text" id="badges2" value="<?php echo $rank; ?>" /> </div> </div> </div> <script type="text/javascript"> var TabbedPanels1 = new Spry.Widget.TabbedPanels("TabbedPanels1"); </script> <!-- InstanceEndEditable --></div> <div id="apDiv7"><a href="news.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image6','','button/news2.png',1)"><img src="button/news1.png" name="Image6" width="235" height="50" border="0" id="Image6" /></a></div> <div id="apDiv"> <?php if ($accounttype == "Admin") { echo "<a href=\"../search1.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image7','','../button/membermanager2.png',1)\"><img src=\"../button/membermanager1.png\" name=\"Image7\" width=\"235\" height=\"50\" border=\"0\" id=\"Image7\" /></a>"; } ?></div> <div id="apDiv3"><?php if ($accounttype == "Admin") { echo "<a href=\"../addevent.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image8','','../button/eventmanager2.png',1)\"><img src=\"../button/eventmanager1.png\" name=\"Image8\" width=\"235\" height=\"50\" border=\"0\" id=\"Image8\" /></a>"; } ?> </div> <div id="apDiv14"><?php if ($accounttype == "Admin") { echo "<a href=\"../addart.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image9','','../button/newsmanager2.png',1)\"><img src=\"../button/newsmanager1.png\" name=\"Image9\" width=\"234\" height=\"50\" border=\"0\" id=\"Image9\" /></a>"; } ?> </div> <img name="boyscout" src="buttons/boyscout.jpg" width="1180" height="700" border="0" id="boyscout" alt="" /> </body> <!-- InstanceEnd --></html> Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186367 Share on other sites More sharing options...
searls03 Posted March 11, 2011 Author Share Posted March 11, 2011 does this have something to do with a session id. I read somewhere else that it could Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186378 Share on other sites More sharing options...
PFMaBiSmAd Posted March 11, 2011 Share Posted March 11, 2011 You also need to define exactly what you want to happen at each step and what you want your user interface to be. For example, if the current visitor is logged in and is an admin, how do you want to let him pick between editing his own profile or picking one of the other user's profile to edit and how does he go about picking which user to edit? Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186391 Share on other sites More sharing options...
searls03 Posted March 11, 2011 Author Share Posted March 11, 2011 I have a member search file: <?php session_start(); // Must start session first thing /* Created By Adam Khoury @ www.flashbuilding.com -----------------------June 20, 2008----------------------- */ // Here we run a login check if (!isset($_SESSION['id'])) { echo 'Please <a href="login.php">log in</a> to access your account'; exit(); } //Connect to the database through our include include_once "connect_to_mysql.php"; // Place Session variable 'id' into local variable $id = $_SESSION['id']; ?> <?php // Query member data from the database and ready it for display $sql = mysql_query("SELECT * FROM members WHERE id='$id' LIMIT 1"); while($row = mysql_fetch_array($sql)){ $name = $row["name"]; $phone = $row["phone"]; $username = $row["username"]; $address = $row["address"]; $city = $row["city"]; $state = $row["state"]; $zip = $row["zip"]; $cell = $row["cell"]; $email = $row["email"]; $accounttype = $row["accounttype"]; $rank = $row["rank"]; $badges = $row["badges"]; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/template2.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <!-- InstanceBeginEditable name="doctitle" --> <title>Untitled Document</title> <!-- InstanceEndEditable --> <style type="text/css"> #apDiv1 { position:absolute; left:33px; top:320px; width:252px; height:48px; z-index:1; } #apDiv2 { position:absolute; left:33px; top:361px; width:254px; height:46px; z-index:2; } #apDiv3 { position:absolute; left:33px; top:525px; width:256px; height:43px; z-index:3; } #apDiv4 { position:absolute; left:33px; top:402px; width:250px; height:48px; z-index:4; } #apDiv5 { position:absolute; left:106px; top:616px; width:263px; height:255px; z-index:5; } #apDiv6 { position:absolute; left:323px; top:200px; width:898px; height:530px; z-index:5; } #apDiv7 { position:absolute; left:33px; top:443px; width:266px; height:42px; z-index:6; } #apDiv8 { position:absolute; left:111px; top:500px; width:125px; height:37px; z-index:7; } #apDiv8 strong { font-size: 24px; } #apDiv9 { position:absolute; left:33px; top:408px; width:267px; height:49px; z-index:8; } #apDiv10 { position:absolute; left:33px; top:449px; width:242px; height:23px; z-index:9; } #apDiv8 a { color: #000; } #apDiv11 { position:absolute; left:101px; top:490px; width:168px; height:42px; z-index:10; font-size: 24px; font-weight: bold; } #apDiv11 a { color: #000; } #apDiv12 { position:absolute; left:33px; top:210px; width:205px; height:135px; z-index:11; } #apDiv12 { text-align: center; } #apDiv13 { position:absolute; left:33px; top:320px; width:258px; height:47px; z-index:12; } #apDiv { position:absolute; left:33px; top:484px; width:225px; height:35px; z-index:11; } #apDiv14 { position:absolute; left:33px; top:566px; width:298px; height:51px; z-index:12; } #apDiv15 { position:absolute; left:101px; top:611px; width:168px; height:42px; z-index:10; font-size: 24px; font-weight: bold; } #apDiv5 a { font-size: 24px; color: #000; font-weight: bold; } </style> <script type="text/javascript"> function MM_swapImgRestore() { //v3.0 var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc; } function MM_preloadImages() { //v3.0 var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}} } function MM_findObj(n, d) { //v4.01 var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) { d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);} if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n]; for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document); if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImage() { //v3.0 var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } </script> <!-- InstanceBeginEditable name="head" --> <style type="text/css"> #apDiv8 { position:absolute; left:1074px; top:254px; width:139px; height:33px; z-index:7; } #apDiv9 { position:absolute; left:813px; top:225px; width:142px; height:65px; z-index:7; } </style> <!-- InstanceEndEditable --> <!-- InstanceParam name="id" type="text" value="apDiv6" --> </head> <body onload="MM_preloadImages('button/myprofile2.png','button/pictures2.png','button/projects1.png','button/news2.png','button/eventmanager2.png','button/membermanager2.png','button/newsmanager2.png')"> <div id="apDiv2"><a href="register.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image3','','button/register2.png',1)"><img src="button/register1.png" name="Image3" width="235" height="50" border="0" id="Image3" /></a></div> <div id="apDiv4"><a href="projects.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image4','','button/projects2.png',1)"><img src="button/projects1.png" name="Image4" width="235" height="50" border="0" id="Image4" /></a></div> <div id="apDiv11"><?php if ($accounttype == "Scout") { echo '<a href="../logout.php">Logout</a>';} ?></div> <div id="apDiv12"><?php echo "$accounttype"; ?> <p><?php echo "$name"; ?></p> <p>Troop 78</p> </div> <div id="apDiv13"><a href="myprofile.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image5','','button/myprofile2.png',1)"><img src="button/myprofile1.png" name="Image5" width="235" height="50" border="0" id="Image5" /></a></div> <div id="apDiv5"><?php if ($accounttype == "Admin") { echo "<a href=\"../logout.php\">Logout</a>"; } ?></div> </a> </div> <div id="apDiv6"><!-- InstanceBeginEditable name="EditRegion3" --> <div id="apDiv9"></div> <div id="apDiv8"></div> <style type="text/css"> table { background-color: #FCF; } th { width: 150px; text-align: left; } </style> <h1>Member Search</h1> <p><a href="join_form.php">New Member</a></p> <form method="post" action="search1.php"> <input type="hidden" name="submitted" value="true" ?/> <label>Search Category: <select name="category"> <option value="name">Name</option> <option value="username">Username</option> <option value="email">Email</option> <option value="phone">Phone Number</option> </select> </label> <label>Search Criteria: <input type="text" name ="criteria" /> </label> <input type="submit" /> </form> <?php if (isset($_POST['submitted'])) { include('connect1.php'); $category = $_POST['category']; $criteria = $_POST['criteria'] ; $query = "SELECT * FROM members WHERE $category LIKE '%".$criteria."%'"; $result = mysqli_query($dbcon, $query) or die('error getting data'); $num_rows = mysqli_num_rows($result); echo "$num_rows results found"; echo "<table>"; echo "<tr><th>Name</th> <th>Username</th> <th>Phone Number</th> <th>Email</th></tr>"; while ($row = mysqli_fetch_array($result, MYSQLI_ASSOC)) { echo "<tr><td>"; echo "<a href=\"myprofile.php?id=".$row['id']."\">".$row['name']."</a>"; echo "</td><td>"; echo $row['username']; echo "</td><td>"; echo $row['phone']; echo "</td><td>"; echo $row['email']; echo "</td></tr>"; } echo "</table>"; } ?> <!-- InstanceEndEditable --></div> <div id="apDiv7"><a href="news.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image6','','button/news2.png',1)"><img src="button/news1.png" name="Image6" width="235" height="50" border="0" id="Image6" /></a></div> <div id="apDiv"> <?php if ($accounttype == "Admin") { echo "<a href=\"../search1.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image7','','../button/membermanager2.png',1)\"><img src=\"../button/membermanager1.png\" name=\"Image7\" width=\"235\" height=\"50\" border=\"0\" id=\"Image7\" /></a>"; } ?></div> <div id="apDiv3"><?php if ($accounttype == "Admin") { echo "<a href=\"../addevent.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image8','','../button/eventmanager2.png',1)\"><img src=\"../button/eventmanager1.png\" name=\"Image8\" width=\"235\" height=\"50\" border=\"0\" id=\"Image8\" /></a>"; } ?> </div> <div id="apDiv14"><?php if ($accounttype == "Admin") { echo "<a href=\"../addart.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image9','','../button/newsmanager2.png',1)\"><img src=\"../button/newsmanager1.png\" name=\"Image9\" width=\"234\" height=\"50\" border=\"0\" id=\"Image9\" /></a>"; } ?> </div> <img name="boyscout" src="buttons/boyscout.jpg" width="1180" height="700" border="0" id="boyscout" alt="" /> </body> <!-- InstanceEnd --></html> Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186392 Share on other sites More sharing options...
searls03 Posted March 11, 2011 Author Share Posted March 11, 2011 all links work, only when I click on the link and go to profile edit page, my info is pulled instead of other user Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186412 Share on other sites More sharing options...
Maq Posted March 11, 2011 Share Posted March 11, 2011 Looks like you're assigning $id to the session variable 'id' rather than passing it from the selected user. Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186413 Share on other sites More sharing options...
searls03 Posted March 11, 2011 Author Share Posted March 11, 2011 so what session should I set then? here is login form page where all sessions start: <?php /* Created By Adam Khoury @ [url='http://www.flashbuilding.com/']www.flashbuilding.com[/url] -----------------------June 20, 2008----------------------- */ if ($_POST['username']) { //Connect to the database through our include include_once "connect_to_mysql.php"; $username = stripslashes($_POST['username']); $username = strip_tags($username); $username = mysql_real_escape_string($username); $password = ereg_replace("[^A-Za-z0-9]", "", $_POST['password']); // filter everything but numbers and letters $password = md5($password); // Make query and then register all database data that - // cannot be changed by member into SESSION variables. // Data that you want member to be able to change - // should never be set into a SESSION variable. $sql = mysql_query("SELECT * FROM members WHERE username='$username' AND password='$password'"); $login_check = mysql_num_rows($sql); if($login_check > 0){ while($row = mysql_fetch_array($sql)){ // Get member ID into a session variable $id = $row["id"]; session_register('id'); $_SESSION['id'] = $id; // Get member username into a session variable $name = $row["name"]; session_register('name'); $_SESSION['username'] = $username; // Get member userlevel into a session variable $userlevel = $row["userlevel"]; session_register('userlevel'); $_SESSION['userlevel'] = $userlevel; // Update last_log_date field for this member now mysql_query("UPDATE members SET lastlogin=now() WHERE id='$id'"); // Print success message here if all went well then exit the script header("location: news.php?"); exit(); } // close while } else { // Print login failure message to the user and link them back to your login page print '<br /><br /><font color="#FF0000">No match in our records, try again </font><br /> <br /><a href="login.php">Click here</a> to go back to the login page.'; exit(); }} ?> Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186414 Share on other sites More sharing options...
PFMaBiSmAd Posted March 11, 2011 Share Posted March 11, 2011 Here is a general hint - you would need to include a GET parameter on the end of the URLs that indicates which profile you want to display/edit/update and then in your code you would determine what if anything the current visitor can do. 1) If the current visitor is not logged in or is logged in but is not an admin and he is also not the same member who's profile is being viewed, you would only display the profile, which I am guessing is what your myprofile.php page is doing? 2) If the current visitor is logged in and is either the same member who's profile is being viewed or the current visitor is logged in as an admin, you would allow them access the profile edit page. The profile edit page would also check the same conditions to make sure the current visitor has permission to edit the profile and the code that saves the changes would also recheck the permissions for the current visitor. The biggest change I see in your existing code would be to get the $id value (that you are putting into the queries) from a GET parameter on the URL instead of getting it from $_SESSION['id'] and to add the logic necessary to test if or what the current visitor (via his $_SESSION['id'] value) can do or see on any page. Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186415 Share on other sites More sharing options...
Maq Posted March 11, 2011 Share Posted March 11, 2011 so what session should I set then? here is login form page where all sessions start: Pass in the user id when you submit the form to edit their profile. You should already have this information. Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186416 Share on other sites More sharing options...
searls03 Posted March 11, 2011 Author Share Posted March 11, 2011 What do you mean pass in the user id? Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186417 Share on other sites More sharing options...
searls03 Posted March 11, 2011 Author Share Posted March 11, 2011 Here is a general hint - you would need to include a GET parameter on the end of the URLs that indicates which profile you want to display/edit/update and then in your code you would determine what if anything the current visitor can do. 1) If the current visitor is not logged in or is logged in but is not an admin and he is also not the same member who's profile is being viewed, you would only display the profile, which I am guessing is what your myprofile.php page is doing? 2) If the current visitor is logged in and is either the same member who's profile is being viewed or the current visitor is logged in as an admin, you would allow them access the profile edit page. The profile edit page would also check the same conditions to make sure the current visitor has permission to edit the profile and the code that saves the changes would also recheck the permissions for the current visitor. The biggest change I see in your existing code would be to get the $id value (that you are putting into the queries) from a GET parameter on the URL instead of getting it from $_SESSION['id'] and to add the logic necessary to test if or what the current visitor (via his $_SESSION['id'] value) can do or see on any page. Can you give me the exact line and how to do it? I think I know where, and i tried changing it, but now it doesn't pull any id. Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186418 Share on other sites More sharing options...
searls03 Posted March 12, 2011 Author Share Posted March 12, 2011 Come on, I need some help. so How do i make it not display my info and submit to the right person in database. Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186479 Share on other sites More sharing options...
PFMaBiSmAd Posted March 12, 2011 Share Posted March 12, 2011 I need to know how to allow admin to essentially be "all users" ... ^^^ You have been told how to do that. We are not here to write your code for you and it will take more than changing a couple of lines of code. It will take some actual programming effort. Have you modified (and tested) your code to use a GET parameter to specify which profile to display/edit/update, modified (and tested) your code to cause any links to be built with that GET parameter on them, and then to add (and test) the logic to determine what actions the current visitor can do on any of the relevant pages, depending on if he is a regular member and the profile is his or he is an administrator? Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186581 Share on other sites More sharing options...
searls03 Posted March 12, 2011 Author Share Posted March 12, 2011 I need to know what line(s) exactly need to be changed to get. I tried changing one line in the search code to get but now it pulls no id. The address it goes to is .../myprofile.php?id= and then no Id. I am pretty sure it has to do with session variable. But if I try to changethe variable no content displays then. I need to know where to put get and if the session variable could cause this. Thanks in advance for any help. Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186598 Share on other sites More sharing options...
searls03 Posted March 12, 2011 Author Share Posted March 12, 2011 Would this be easier to do if I had two tables? One for members,one for sessions? Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186724 Share on other sites More sharing options...
searls03 Posted March 13, 2011 Author Share Posted March 13, 2011 so would it work if instead of using id I were to make a new row call userid-not session variable. would this work? if so, how? Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186846 Share on other sites More sharing options...
redarrow Posted March 13, 2011 Share Posted March 13, 2011 You need to understand an id first. we setup a databse like so userid ((who the user is)) name (( user's name dob (users date of birth tel ((users telephone number date ((date a note is made time (a time a note is made notes (notes)) We give users a userid in a datadabes, so we no who they are. lets say a user can comment, on a note a user is showwing. we need a new database colum for comments. commentid ((this is the id of the commment userid ((this is the person who wrote the comment comment ((this is the comment noteid(this is the userid of notes date_of_note (this is date of note commenting on time_of_note((this is time of note commenting on date (this is the date of comment time ((this is the time of comment you read a note , and use a link to comment on the note, fill in a form to comment, in the form your have hidden values, date_of_note and time_of_note, and noteid. know you can select a specific note, and see comments, form a single user easly. There more to it, but there the basic idea, to get info about others, or even join info together. via a id... ---------------- Your jumping before you can walk. Your trying to create a advance membership system, before knowing how a standard username and password system works. it simple setup like this members_power ((table name member_id (members id from reg) member_auth (what the member is 1=admin 2=user) it a big clue........ Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186903 Share on other sites More sharing options...
cs.punk Posted March 13, 2011 Share Posted March 13, 2011 Erm... $user = $_SESSION['user']; if ($user == $userWhoOwnsTheCurrentProfile OR $user == 'admin') { // Show profile edit form etc } Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186917 Share on other sites More sharing options...
searls03 Posted March 13, 2011 Author Share Posted March 13, 2011 I do know how the basic username and password work, I have done this before. I just haven't ever tried this admin edit all profiles before. Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1186975 Share on other sites More sharing options...
searls03 Posted March 13, 2011 Author Share Posted March 13, 2011 so now I am able to get it to use correct id, only problem is, it completely switches users!!!!!!! please help: <?php session_start(); // Must start session first thing /* Created By Adam Khoury @ www.flashbuilding.com -----------------------June 20, 2008----------------------- */ // Here we run a login check if (!isset($_SESSION['id'])) { echo 'Please <a href="login.php">log in</a> to access your account'; exit(); } //Connect to the database through our include include_once "connect_to_mysql.php"; // Place Session variable 'id' into local variable $userid = $_SESSION['id']; ?> <?php // Process the form if it is submitted if ($_POST['username']) { $name = $_POST['name']; $phone = $_POST['phone']; $username = $_POST['username']; $address = $_POST['address']; $city = $_POST['city']; $state = $_POST['state']; $zip = $_POST['zip']; $cell = $_POST['cell']; $email = $_POST['email']; $rank = $_POST['rank']; $badges = $_POST['badges']; $sql = mysql_query("UPDATE members SET name='$name', phone='$phone', username='$username', address='$address', city='$city', state='$state', zip='$zip', cell='$cell', email='$email', rank='$rank', badges='$badges' WHERE userid='$userid'"); $sql = mysql_query("UPDATE sessions SET name='$name', phone='$phone', username='$username', address='$address', city='$city', state='$state', zip='$zip', cell='$cell', email='$email', rank='$rank', badges='$badges' WHERE id='$id'"); echo 'Your account info has been updated, visitors to your profile will now see the new info.<br /><br /> <meta HTTP-EQUIV="REFRESH" content="3; url=http://final.net46.net/myprofile.php">'; exit(); } // close if post ?> <?php // Query member data from the database and ready it for display $sql = mysql_query("SELECT * FROM members WHERE userid=".$_GET['userid'].""); while($row = mysql_fetch_array($sql)){ $userid = $row["userid"]; $name = $row["name"]; $phone = $row["phone"]; $username = $row["username"]; $address = $row["address"]; $city = $row["city"]; $state = $row["state"]; $zip = $row["zip"]; $cell = $row["cell"]; $email = $row["email"]; $accounttype = $row["accounttype"]; $rank = $row["rank"]; $badges = $row["badges"]; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/template2.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <!-- InstanceBeginEditable name="doctitle" --> <title>Untitled Document</title> <!-- InstanceEndEditable --> <style type="text/css"> #apDiv1 { position:absolute; left:33px; top:320px; width:252px; height:48px; z-index:1; } #apDiv2 { position:absolute; left:33px; top:361px; width:254px; height:46px; z-index:2; } #apDiv3 { position:absolute; left:33px; top:525px; width:256px; height:43px; z-index:3; } #apDiv4 { position:absolute; left:33px; top:402px; width:250px; height:48px; z-index:4; } #apDiv5 { position:absolute; left:106px; top:616px; width:263px; height:255px; z-index:5; } #apDiv6 { position:absolute; left:323px; top:200px; width:898px; height:530px; z-index:5; } #apDiv7 { position:absolute; left:33px; top:443px; width:266px; height:42px; z-index:6; } #apDiv8 { position:absolute; left:111px; top:500px; width:125px; height:37px; z-index:7; } #apDiv8 strong { font-size: 24px; } #apDiv9 { position:absolute; left:33px; top:408px; width:267px; height:49px; z-index:8; } #apDiv10 { position:absolute; left:33px; top:449px; width:242px; height:23px; z-index:9; } #apDiv8 a { color: #000; } #apDiv11 { position:absolute; left:101px; top:490px; width:168px; height:42px; z-index:10; font-size: 24px; font-weight: bold; } #apDiv11 a { color: #000; } #apDiv12 { position:absolute; left:33px; top:210px; width:205px; height:135px; z-index:11; } #apDiv12 { text-align: center; } #apDiv13 { position:absolute; left:33px; top:320px; width:258px; height:47px; z-index:12; } #apDiv { position:absolute; left:33px; top:484px; width:225px; height:35px; z-index:11; } #apDiv14 { position:absolute; left:33px; top:566px; width:298px; height:51px; z-index:12; } #apDiv15 { position:absolute; left:101px; top:611px; width:168px; height:42px; z-index:10; font-size: 24px; font-weight: bold; } #apDiv5 a { font-size: 24px; color: #000; font-weight: bold; } </style> <script type="text/javascript"> function MM_swapImgRestore() { //v3.0 var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc; } function MM_preloadImages() { //v3.0 var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}} } function MM_findObj(n, d) { //v4.01 var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) { d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);} if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n]; for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document); if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImage() { //v3.0 var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } </script> <!-- InstanceBeginEditable name="head" --> <script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script> <link href="SpryAssets/SpryTabbedPanels.css" rel="stylesheet" type="text/css" /> <!-- InstanceEndEditable --> <!-- InstanceParam name="id" type="text" value="apDiv6" --> </head> <body onload="MM_preloadImages('button/myprofile2.png','button/pictures2.png','button/projects1.png','button/news2.png','button/eventmanager2.png','button/membermanager2.png','button/newsmanager2.png')"> <div id="apDiv2"><a href="register.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image3','','button/register2.png',1)"><img src="button/register1.png" name="Image3" width="235" height="50" border="0" id="Image3" /></a></div> <div id="apDiv4"><a href="projects.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image4','','button/projects2.png',1)"><img src="button/projects1.png" name="Image4" width="235" height="50" border="0" id="Image4" /></a></div> <div id="apDiv11"><?php if ($accounttype == "Scout") { echo '<a href="../logout.php">Logout</a>';} ?></div> <div id="apDiv12"><?php echo "$accounttype"; ?> <p><?php echo "$name"; ?></p> <p>Troop 78</p> </div> <div id="apDiv13"><a href="myprofile.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image5','','button/myprofile2.png',1)"><img src="button/myprofile1.png" name="Image5" width="235" height="50" border="0" id="Image5" /></a></div> <div id="apDiv5"><?php if ($accounttype == "Admin") { echo "<a href=\"../logout.php\">Logout</a>"; } ?></div> </a> </div> <div id="apDiv6"><!-- InstanceBeginEditable name="EditRegion3" --> <div id="TabbedPanels1" class="TabbedPanels"> <ul class="TabbedPanelsTabGroup"> <li class="TabbedPanelsTab" tabindex="0">My Info</li> <li class="TabbedPanelsTab" tabindex="0">Merit Badges</li> <li class="TabbedPanelsTab" tabindex="0">Scout Rank</li> </ul> <div class="TabbedPanelsContentGroup"> <div class="TabbedPanelsContent"><form action="myprofile.php" method="post" enctype="multipart/form-data" name="form" id="form" onsubmit="return validate_form ( );"> <table align="center" cellpadding="8" cellspacing="8"> <tr> <?php if ($accounttype == "Scout") { ?> <td><div align="right">Name:</div></td> <td><input name="name" type="text" disabled="disabled" id="name" value="<?php echo "$name"; ?>" size="30" maxlength="64" /></td> </tr><?php } ?> <tr> <td><div align="right">Name:</div></td> <td><input name="name" type="text" id="name" value="<?php echo "$name"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td>Phone Number:</td> <td><input name="phone" type="text" id="phone" value="<?php echo "$phone"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td><div align="right">Address:</div></td> <td><input name="address" type="text" id="address" value="<?php echo "$address"; ?>" size="30" maxlength="24" /></td> </tr> <tr> <td><div align="right">City:</div></td> <td><input name="city" type="text" id="city" value="<?php echo "$city"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td><div align="right">State:</div></td> <td><input name="state" type="text" id="state" value="<?php echo "$state"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td><div align="right">Zip Code:</div></td> <td><input name="zip" type="text" id="zip" value="<?php echo "$zip"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td><div align="right">Email:</div></td> <td><input name="email" type="text" id="email" value="<?php echo "$email"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td><div align="right">Cell Phone:</div></td> <td><input name="cell" type="text" id="cell" value="<?php echo "$cell"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td class="aaaaaaa">Username:</td> <td><label for="username"></label> <input name="username" type="text" id="username" value="<?php echo "$username"; ?>"/> </td> </tr> <tr> <td class="aaaaaaa"> </td> <td><label for="accounttype"></label> <input type="submit" name="submit" id="submit" value="Save" /></td> <input name="userid" type="text" value="<?php echo "$userid"; ?>" /> </tr> </table> </form> </div> <div class="TabbedPanelsContent"> <label for="badges"></label> <input name="badges" type="text" id="badges" value="<?php echo "$badges"; ?>" /> </div> <div class="TabbedPanelsContent"> <input name="badges2" type="text" id="badges2" value="<?php echo $rank; ?>" /> </div> </div> </div> <script type="text/javascript"> var TabbedPanels1 = new Spry.Widget.TabbedPanels("TabbedPanels1"); </script> <!-- InstanceEndEditable --></div> <div id="apDiv7"><a href="news.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image6','','button/news2.png',1)"><img src="button/news1.png" name="Image6" width="235" height="50" border="0" id="Image6" /></a></div> <div id="apDiv"> <?php if ($accounttype == "Admin") { echo "<a href=\"../search1.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image7','','../button/membermanager2.png',1)\"><img src=\"../button/membermanager1.png\" name=\"Image7\" width=\"235\" height=\"50\" border=\"0\" id=\"Image7\" /></a>"; } ?></div> <div id="apDiv3"><?php if ($accounttype == "Admin") { echo "<a href=\"../addevent.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image8','','../button/eventmanager2.png',1)\"><img src=\"../button/eventmanager1.png\" name=\"Image8\" width=\"235\" height=\"50\" border=\"0\" id=\"Image8\" /></a>"; } ?> </div> <div id="apDiv14"><?php if ($accounttype == "Admin") { echo "<a href=\"../addart.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image9','','../button/newsmanager2.png',1)\"><img src=\"../button/newsmanager1.png\" name=\"Image9\" width=\"234\" height=\"50\" border=\"0\" id=\"Image9\" /></a>"; } ?> </div> <img name="boyscout" src="buttons/boyscout.jpg" width="1180" height="700" border="0" id="boyscout" alt="" /> </body> <!-- InstanceEnd --></html> Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1187022 Share on other sites More sharing options...
searls03 Posted March 16, 2011 Author Share Posted March 16, 2011 All right, I am able to get the correct content to come up if there is no session set.......duh. So here is code I have it sets a session, but that is not the session I want.....I want userid not userid1 to be it............but that is the only way I can get info to display. Here is php code for the profile edit page: <?php session_start(); // Must start session first thing /* Created By Adam Khoury @ www.flashbuilding.com -----------------------June 20, 2008----------------------- */ // Here we run a login check if (!isset($_SESSION['id'])) { echo 'Please <a href="login.php">log in</a> to access your account'; exit(); } //Connect to the database through our include include_once "connect_to_mysql.php"; // Place Session variable 'id' into local variable $userid1 = $_SESSION['id']; ?> <?php // Process the form if it is submitted if ($_POST['username']) { $name = $_POST['name']; $phone = $_POST['phone']; $username = $_POST['username']; $address = $_POST['address']; $city = $_POST['city']; $state = $_POST['state']; $zip = $_POST['zip']; $cell = $_POST['cell']; $email = $_POST['email']; $rank = $_POST['rank']; $badges = $_POST['badges']; $sql = mysql_query("UPDATE members SET name='$name', phone='$phone', username='$username', address='$address', city='$city', state='$state', zip='$zip', cell='$cell', email='$email', rank='$rank', badges='$badges' WHERE userid='$userid'"); $sql = mysql_query("UPDATE sessions SET name='$name', phone='$phone', username='$username', address='$address', city='$city', state='$state', zip='$zip', cell='$cell', email='$email', rank='$rank', badges='$badges' WHERE id='$id'"); echo 'Your account info has been updated, visitors to your profile will now see the new info.<br /><br /> <meta HTTP-EQUIV="REFRESH" content="3; url=http://final.net46.net/myprofile.php">'; exit(); } // close if post ?> <?php // Query member data from the database and ready it for display $sql = mysql_query("SELECT * FROM editinfo WHERE userid1=".$_GET['userid1'].""); while($row = mysql_fetch_array($sql)){ $userid1 = $row["userid1"]; $name1 = $row["name1"]; $phone1 = $row["phone1"]; $username1 = $row["username1"]; $address1 = $row["address1"]; $city1 = $row["city1"]; $state1 = $row["state1"]; $zip1 = $row["zip1"]; $cell1 = $row["cell1"]; $email1 = $row["email1"]; $accounttype1 = $row["accounttype1"]; $rank1 = $row["rank1"]; $badges1 = $row["badges1"]; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>Untitled Document</title> <style type="text/css"> #apDiv1 { position:absolute; left:33px; top:320px; width:252px; height:48px; z-index:1; } #apDiv2 { position:absolute; left:33px; top:361px; width:254px; height:46px; z-index:2; } #apDiv3 { position:absolute; left:33px; top:525px; width:256px; height:43px; z-index:3; } #apDiv4 { position:absolute; left:33px; top:402px; width:250px; height:48px; z-index:4; } #apDiv5 { position:absolute; left:106px; top:616px; width:263px; height:255px; z-index:5; } #apDiv6 { position:absolute; left:323px; top:200px; width:898px; height:530px; z-index:5; } #apDiv7 { position:absolute; left:33px; top:443px; width:266px; height:42px; z-index:6; } #apDiv8 { position:absolute; left:111px; top:500px; width:125px; height:37px; z-index:7; } #apDiv8 strong { font-size: 24px; } #apDiv9 { position:absolute; left:33px; top:408px; width:267px; height:49px; z-index:8; } #apDiv10 { position:absolute; left:33px; top:449px; width:242px; height:23px; z-index:9; } #apDiv8 a { color: #000; } #apDiv11 { position:absolute; left:101px; top:490px; width:168px; height:42px; z-index:10; font-size: 24px; font-weight: bold; } #apDiv11 a { color: #000; } #apDiv12 { position:absolute; left:33px; top:210px; width:205px; height:135px; z-index:11; } #apDiv12 { text-align: center; } #apDiv13 { position:absolute; left:33px; top:320px; width:258px; height:47px; z-index:12; } #apDiv { position:absolute; left:33px; top:484px; width:225px; height:35px; z-index:11; } #apDiv14 { position:absolute; left:33px; top:566px; width:298px; height:51px; z-index:12; } #apDiv15 { position:absolute; left:101px; top:611px; width:168px; height:42px; z-index:10; font-size: 24px; font-weight: bold; } #apDiv5 a { font-size: 24px; color: #000; font-weight: bold; } </style> <script type="text/javascript"> function MM_swapImgRestore() { //v3.0 var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc; } function MM_preloadImages() { //v3.0 var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}} } function MM_findObj(n, d) { //v4.01 var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) { d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);} if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n]; for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document); if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImage() { //v3.0 var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } </script> <script src="SpryAssets/SpryTabbedPanels.js" type="text/javascript"></script> <link href="SpryAssets/SpryTabbedPanels.css" rel="stylesheet" type="text/css" /> </head> <?php // Query member data from the database and ready it for display $sql = mysql_query("SELECT * FROM members WHERE userid='userid'"); while($row = mysql_fetch_array($sql)){ $name = $row["name"]; $phone = $row["phone"]; $username = $row["username"]; $address = $row["address"]; $city = $row["city"]; $state = $row["state"]; $zip = $row["zip"]; $cell = $row["cell"]; $email = $row["email"]; $accounttype = $row["accounttype"]; $rank = $row["rank"]; $badges = $row["badges"]; } ?> <body onload="MM_preloadImages('button/myprofile2.png','button/pictures2.png','button/projects1.png','button/news2.png','button/eventmanager2.png','button/membermanager2.png','button/newsmanager2.png')"> <div id="apDiv2"><a href="register.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image3','','button/register2.png',1)"><img src="button/register1.png" name="Image3" width="235" height="50" border="0" id="Image3" /></a></div> <div id="apDiv4"><a href="projects.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image4','','button/projects2.png',1)"><img src="button/projects1.png" name="Image4" width="235" height="50" border="0" id="Image4" /></a></div> <div id="apDiv11"><?php if ($accounttype == "Scout") { echo '<a href="../logout.php">Logout</a>';} ?></div> <div id="apDiv12"><?php echo "$accounttype"; ?> <p><?php echo "$name"; ?></p> <p>Troop 78</p> </div> <div id="apDiv13"><a href="myprofile.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image5','','button/myprofile2.png',1)"><img src="button/myprofile1.png" name="Image5" width="235" height="50" border="0" id="Image5" /></a></div> <div id="apDiv5"><?php if ($accounttype == "Admin") { echo "<a href=\"../logout.php\">Logout</a>"; } ?></div> </a> </div> <div id="apDiv6"> <div id="TabbedPanels1" class="TabbedPanels"> <ul class="TabbedPanelsTabGroup"> <li class="TabbedPanelsTab" tabindex="0">My Info</li> <li class="TabbedPanelsTab" tabindex="0">Merit Badges</li> <li class="TabbedPanelsTab" tabindex="0">Scout Rank</li> </ul> <div class="TabbedPanelsContentGroup"> <div class="TabbedPanelsContent"><form action="myprofile.php" method="post" enctype="multipart/form-data" name="form" id="form" onsubmit="return validate_form ( );"> <table align="center" cellpadding="8" cellspacing="8"> <tr> <?php if ($accounttype == "Scout") { ?> <td><div align="right">Name:</div></td> <td><input name="name" type="text" disabled="disabled" id="name" value="<?php echo "$name1"; ?>" size="30" maxlength="64" /></td> </tr><?php } ?> <tr> <td><div align="right">Name:</div></td> <td><input name="name" type="text" id="name" value="<?php echo "$name1"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td>Phone Number:</td> <td><input name="phone" type="text" id="phone" value="<?php echo "$phone1"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td><div align="right">Address:</div></td> <td><input name="address" type="text" id="address" value="<?php echo "$address1"; ?>" size="30" maxlength="24" /></td> </tr> <tr> <td><div align="right">City:</div></td> <td><input name="city" type="text" id="city" value="<?php echo "$city1"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td><div align="right">State:</div></td> <td><input name="state" type="text" id="state" value="<?php echo "$state1"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td><div align="right">Zip Code:</div></td> <td><input name="zip" type="text" id="zip" value="<?php echo "$zip1"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td><div align="right">Email:</div></td> <td><input name="email" type="text" id="email" value="<?php echo "$email1"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td><div align="right">Cell Phone:</div></td> <td><input name="cell" type="text" id="cell" value="<?php echo "$cell1"; ?>" size="30" maxlength="64" /></td> </tr> <tr> <td class="aaaaaaa">Username:</td> <td><label for="username"></label> <input name="username" type="text" id="username" value="<?php echo "$username1"; ?>"/> </td> </tr> <tr> <td class="aaaaaaa"> </td> <td><label for="accounttype"></label> <input type="submit" name="submit" id="submit" value="Save" /></td> <input name="userid" type="text" value="<?php echo "$userid1"; ?>" /> </tr> </table> </form> </div> <div class="TabbedPanelsContent"> <label for="badges"></label> <input name="badges" type="text" id="badges" value="<?php echo "$badges"; ?>" /> </div> <div class="TabbedPanelsContent"> <input name="badges2" type="text" id="badges2" value="<?php echo $rank; ?>" /> </div> </div> </div> <script type="text/javascript"> var TabbedPanels1 = new Spry.Widget.TabbedPanels("TabbedPanels1"); </script> </div> <div id="apDiv7"><a href="news.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image6','','button/news2.png',1)"><img src="button/news1.png" name="Image6" width="235" height="50" border="0" id="Image6" /></a></div> <div id="apDiv"> <?php if ($accounttype == "Admin") { echo "<a href=\"../search1.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image7','','../button/membermanager2.png',1)\"><img src=\"../button/membermanager1.png\" name=\"Image7\" width=\"235\" height=\"50\" border=\"0\" id=\"Image7\" /></a>"; } ?></div> <div id="apDiv3"><?php if ($accounttype == "Admin") { echo "<a href=\"../addevent.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image8','','../button/eventmanager2.png',1)\"><img src=\"../button/eventmanager1.png\" name=\"Image8\" width=\"235\" height=\"50\" border=\"0\" id=\"Image8\" /></a>"; } ?> </div> <div id="apDiv14"><?php if ($accounttype == "Admin") { echo "<a href=\"../addart.php\" onmouseout=\"MM_swapImgRestore()\" onmouseover=\"MM_swapImage('Image9','','../button/newsmanager2.png',1)\"><img src=\"../button/newsmanager1.png\" name=\"Image9\" width=\"234\" height=\"50\" border=\"0\" id=\"Image9\" /></a>"; } ?> </div> <img name="boyscout" src="buttons/boyscout.jpg" width="1180" height="700" border="0" id="boyscout" alt="" /> </body> </html> Here is the login page where all the variables are intitialized!!!!! <?php /* Created By Adam Khoury @ [url='http://www.flashbuilding.com/']www.flashbuilding.com[/url] -----------------------June 20, 2008----------------------- */ if ($_POST['username']) { //Connect to the database through our include include_once "connect_to_mysql.php"; $username = stripslashes($_POST['username']); $username = strip_tags($username); $username = mysql_real_escape_string($username); $password = ereg_replace("[^A-Za-z0-9]", "", $_POST['password']); // filter everything but numbers and letters $password = md5($password); // Make query and then register all database data that - // cannot be changed by member into SESSION variables. // Data that you want member to be able to change - // should never be set into a SESSION variable. $sql = mysql_query("SELECT * FROM sessions WHERE username='$username' AND password='$password'"); $login_check = mysql_num_rows($sql); if($login_check > 0){ while($row = mysql_fetch_array($sql)){ // Get member ID into a session variable $id = $row["id"]; session_register('id'); $_SESSION['id'] = $id; // Get member username into a session variable $name = $row["name"]; session_register('name'); $_SESSION['username'] = $username; // Get member userlevel into a session variable $userlevel = $row["userlevel"]; session_register('userlevel'); $_SESSION['userlevel'] = 9; // Update last_log_date field for this member now mysql_query("UPDATE sessions SET lastlogin=now() WHERE id='$id'"); // Print success message here if all went well then exit the script header("location: news.php?"); exit(); } // close while } else { // Print login failure message to the user and link them back to your login page print '<br /><br /><font color="#FF0000">No match in our records, try again </font><br /> <br /><a href="login.php">Click here</a> to go back to the login page.'; exit(); }} ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/template3.dwt.php" codeOutsideHTMLIsLocked="false" --> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <!-- InstanceBeginEditable name="doctitle" --> <title>Member Login</title> <!-- InstanceEndEditable --> <style type="text/css"> #apDiv1 { position:absolute; left:33px; top:203px; width:252px; height:48px; z-index:1; } #apDiv2 { position:absolute; left:33px; top:244px; width:254px; height:80px; z-index:2; } #apDiv3 { position:absolute; left:33px; top:367px; width:256px; height:65px; z-index:3; } #apDiv4 { position:absolute; left:33px; top:285px; width:250px; height:61px; z-index:4; } #apDiv5 { position:absolute; left:339px; top:199px; width:263px; height:255px; z-index:5; } #apDiv6 { position:absolute; left:325px; top:184px; width:898px; height:530px; z-index:5; } #apDiv7 { position:absolute; left:33px; top:326px; width:266px; height:83px; z-index:6; } </style> <script type="text/javascript"> function MM_preloadImages() { //v3.0 var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array(); var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++) if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}} } function MM_swapImgRestore() { //v3.0 var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc; } function MM_findObj(n, d) { //v4.01 var p,i,x; if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) { d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);} if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n]; for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document); if(!x && d.getElementById) x=d.getElementById(n); return x; } function MM_swapImage() { //v3.0 var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3) if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];} } </script> <!-- InstanceBeginEditable name="head" --> <!-- InstanceEndEditable --> </head> <body onload="MM_preloadImages('button/register2.png','button/login2.png')"> <div id="apDiv1"><a href="pictures.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image2','','button/register2.png',1)"><img src="button/pictures1.png" name="Image2" width="300" height="50" border="0" id="Image2" /></a></div> <div id="apDiv2"><a href="login.php" onmouseout="MM_swapImgRestore()" onmouseover="MM_swapImage('Image3','','button/login2.png',1)"><img src="button/login1.png" name="Image3" width="300" height="50" border="0" id="Image3" /></a> <div id="apDiv4"></div> </div> <div id="apDiv6"><!-- InstanceBeginEditable name="EditRegion3" --> <script type="text/javascript"> <!-- Form Validation --> function validate_form ( ) { valid = true; if ( document.logform.username.value == "" ) { alert ( "Please enter your User Name" ); valid = false; } if ( document.logform.pass.value == "" ) { alert ( "Please enter your password" ); valid = false; } return valid; } <!-- Form Validation --> </script> <div align="center"> <h3><br /> <br /> Log in to your account here<br /> <br /> </h3> </div> <table align="center" cellpadding="5"> <form action="login.php" method="post" enctype="multipart/form-data" name="logform" id="logform" onsubmit="return validate_form ( );"> <tr> <td class="style7"><div align="right">Username:</div></td> <td><input name="username" type="text" id="username" size="30" maxlength="64" /></td> </tr> <tr> <td class="style7"><div align="right">Password:</div></td> <td><input name="password" type="password" id="password" size="30" maxlength="24" /></td> </tr> <tr> <td> </td> <td><input name="Submit" type="submit" value="Login" /></td> </tr> </form> </table> <!-- InstanceEndEditable --></div> <div id="apDiv7"></div><img name="boyscout" src="buttons/boyscout.jpg" width="1180" height="700" border="0" id="boyscout" alt="" /> </body> <!-- InstanceEnd --></html> If you could help me figure out the correct code for this so that the PHP tags work such as in the places where buttons show only if your accounttype is Admin (which needs session, duh) that would be so, so, so great!!!!!!!!!!!!!!!!!!!!! Quote Link to comment https://forums.phpfreaks.com/topic/230369-admin-edit-all-users/#findComment-1188000 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.