Your IP : 216.73.216.40

Current Path : /var/www/html/ajay/tele/
Upload File :
Current File : /var/www/html/ajay/tele/edit.php

<!DOCTYPE html>
<?php
    ob_start();
?>
<?php
    require_once("includes/session.php");
    confirm_admin();
    require_once("includes/functions.php");
    require_once("includes/header.php");
    require_once("includes/ContentSanitize.class.php");
    $san = new Sanitize();
    
    if(isset($_GET['uid'])) {
	$uid = $san->cleanString($_GET['uid']);
	if(isValidUserLdap($uid)) {
?>
<html>
<head>
<title>User</title>
</head>
<body align="center">
    <table align="right">
	<tr>
	    <td>Login:</td>
	    <td><?php echo user_name($_SESSION['uid']); ?> ( <?php echo $_SESSION['uid'] ?> )</td>
	</tr>
	<tr>
	    <td colspan=2><a href="logout.php">Logout</a></td>
	</tr>
	<tr>
	    <td colspan=2><a href="admin.php">Admin Panel</a></td>
	</tr>
    </table>

    <form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>?uid=<?php echo $uid; ?>" method="post">
        <table align="center">
	      <tr>
		<td colspan=2>		
    <?php
    if (isset($_POST['submit'])) {
	    extract($_POST);
	    $name = $san->cleanString($name);
	    $des = $san->cleanString($des);
	    $office = $san->cleanString($office);
	    $resi = $san->cleanString($resi);
	    $mob = $san->cleanString($mob);
	    $email = $san->cleanString($email);
	    
	    if(preg_match('/^\d{10}$/',$mob)) {
		$query = "UPDATE `user_data` SET `name`=:name,`designation`=:des,`office`=:office,
		`residence`=:resi,`mobile`=:mob,`email`=:email WHERE `username` = :username";
		$stmt = $dbh->prepare($query);
		$stmt->bindParam(':username', $uid, PDO::PARAM_STR);
		$stmt->bindParam(':name', $name, PDO::PARAM_STR);
		$stmt->bindParam(':des', $des, PDO::PARAM_STR);
		$stmt->bindParam(':office', $office, PDO::PARAM_STR);
		$stmt->bindParam(':resi', $resi, PDO::PARAM_STR);
		$stmt->bindParam(':mob', $mob, PDO::PARAM_STR);
		$stmt->bindParam(':email', $email, PDO::PARAM_STR);
		
		if($stmt->execute()) {
		    echo 'Information Update Sucessfully';
		} else {
		    echo 'Error: ';
		    print_r($stmt->errorInfo());
		}
	    } else {
		echo "Invalid Mobile Number";
	    }
	    echo '<br><br>';
	} else {
	    $name = $des = $office = $resi = $mob = $email = "";
	}
    ?>
		</td>
	    </tr>

<?php
    $query = "SELECT * FROM `user_data` WHERE `username` = :username";
    $stmt = $dbh->prepare($query);
    $stmt->bindParam(':username', $uid, PDO::PARAM_STR);
    $stmt->execute();
    $row = $stmt->fetch(PDO::FETCH_ASSOC);
?>
	    <tr>
		<th colspan=2>UPDATE INFO</th>
	    </tr>
	    <tr>
		<td>Name :</td>
		<td><input type="text" name="name" value="<?php echo $row['name']; ?>"></td>
	    </tr>
	    <tr>
		<td>Designation :</td>
		<td><input type="text" name="des" value="<?php echo $row['designation']; ?>"></td>
	    </tr>
	    <tr>
		<td>Office :</td>
		<td><input type="text" name="office" value="<?php echo $row['office']; ?>"></td>
	    </tr>
	    <tr>
		<td>Residance :</td>
		<td><input type="text" name="resi" value="<?php echo $row['residence']; ?>"></td>
	    </tr>
	    <tr>
		<td>Mobile :</td>
		<td><input type="number" name="mob" value="<?php echo $row['mobile']; ?>"></td>
	    </tr>
	    <tr>
		<td>E-mail :</td>
		<td><input type="email" name="email" value="<?php echo $row['email']; ?>"></td>
	    </tr>
	    <tr>
		<td colspan=2><input id="button-style1" name="submit" type="submit" value="UPDATE"></td>
	    </tr>
	</table>
    </form>
    <br><br>
    By: Gaurav Bansal
</body>
</html>
<?php
	} else {
	    echo "Invalid Username";
	}
    } else {
	echo "Please input a username";
    }
?>
<?php
    ob_end_flush();
?>