Member Avatar for eagled2

I'm new to php and am working on my first large scale project. I am making a custom ticketing system that requires users to login and let's technicians login to work tickets. I am trying to implement a account disabling feature so tech's that are no longer with the company don't have to have there accounts deleted when they are gone for a time. I want admins to be able to edit the users profile and use a checkbox to mark the account as disabled I have a table called profiles with the username and profile information. I have added a tinyint field called "disabled" with a 1 char limit.

I have successfully programmed my login script to only let you login if the disabled field is equal to 0 but i can't get my edit profile script to update the database with any value at all. I have searched this and other forums and can only find info on using an array for mutliple checkboxes but I have only 1 checkbox so I'm not sure that is the best way. Once the checkbox updates to the database I will also need to make so when viewing and editing the users profile you can tell whether the account is disabled already by having the checkbox marked only if the account is disabled.

Below is my adminprofile.php file. The edit profile section starts on line 59 and my database update starts on line 112. Parts of this page currently work as expected except the disabled checkbox. Any help would be appreciated.

<?php
session_start();

include 'config.php';

include 'opendb.php';
include("login.php");

echo '<link rel="stylesheet" type="text/css" href="profile.css">';

echo '<center><div id="page"><img src="images/profhead.gif" width="955" height="90" /></center>';

if($logged_in){

loggedgroup();
if($_SESSION[grptype] == 'Admin' or $_SESSION[grptype] == 'Superadmin' or $_SESSION[grptype2] == 'Admin' or $_SESSION[grptype2] == 'Superadmin'){

if ($_SESSION['uid'] == NULL){
echo '<META HTTP-EQUIV="refresh" content="0;URL=admin.php">';
}else{
displayLogin();

echo '<hr>';

if( isset($_GET['pg']) ) { 
 switch( $_GET['pg']) {
 	case 'view':

global $conn;

$sql = "SELECT * FROM `profiles` WHERE id='$_SESSION[uid]'";

$query = mysql_query($sql, $conn) or die(mysql_error());
$row = mysql_num_rows($query);
while ($row = mysql_fetch_array($query)) {echo '<div id="vwprof"><center><h2>Personal Information</h2><table width="28%" align="center" background="images/trimmtext.gif" style="border-style:groove;border-color:navy;margin-top:12px;">
<tr><td width="50% align="left"><h3>Username:</h3></td><td width="50% align="right"><h4><input type="text" name="user" value="'.$row['username'].'" readonly></h4>
<tr><td width="50% align="left"><h3>Disabled:</h3></td><td width="50% align="right"><h4><input type="checkbox" name="disabled" value="" readonly></h4>'; 
echo '</td></tr><tr><td width="50% align="left"><h3>Name:</h3></td><td width="50% align="right"><h4><input type="text" name="name" value="'.$row['first_name'].' '.$row['last_name'].'" readonly></h4>'; 
echo '</td><tr><tr><td width="50% align="left"><h3>Group:</h3></td><td width="50% align="right"><h4><input type="text" name="group" value="'.$_SESSION['grpname'].'" readonly></h4>';
echo '</td><tr><tr><td width="50% align="left"><h3>Group 2:</h3></td><td width="50% align="right"><h4><input type="text" name="group2" value="'.$_SESSION['grp2name'].'" readonly></h4>'; 
echo  '</td></tr><tr><td width="50% algin="left"><h3>Home Phone:</h3></td><td width="50% align="right"><h4><input type="text" name="phone" value="'. $row['phone'].'" readonly></h4></td></tr>';
echo '<tr><td width="50% algin="left"><h3>Alt Phone:</h3></td><td width="50% align="right"><h4><input type="text" name="altphone" value="'. $row['altphone'].'" readonly></h4></td></tr>'; 
echo '<tr><td width="50% algin="left"><h3>Alt Phone Type:</h3></td><td width="50% align="right"><h4><input type="text" name="altphn_title" value="'. $row['altphn_title'].'" readonly></h4></td></tr>';
echo '<tr><td width="50% algin="left"><h3>Email Address:</h3></td><td width="50% align="right"><h4><input type="text" name="email" value="'. $row['email'].'" readonly></h4></td></tr>
<tr align="left"><center><td><a href="adminprofile.php?pg=edit">Edit Personal Profile</a></td></center><td><a href="adminprofile.php?pg=systems">View System Profiles</a></td> <td align="right"></tr></table>

<h2>Physical Address</h2><table width="28%" align="center" background="images/trimmtext.gif" style="border-style:groove;border-color:navy;margin-top:12px;">
<tr><td width="50% align="left"><h3>Address:</h3></td><td width="50% align="right"><h4><input type="text" name="address" value="'.$row['address'].'" readonly></h4></td></tr>
<tr><td width="50% align="left"><h3>Address Line 2:</h3></td><td width="50% align="right"><h4><input type="text" name="address2" value="'.$row['address2'].'" readonly></h4></td></tr>
<tr><td width="50% align="left"><h3>City, State:</h3></td><td width="50% align="right"><h4><input type="text" name="city" value="'.$row['city'].', '.$row['state'].'" readonly></h4></td></tr>
<tr><td width="50% align="left"><h3>Zip Code:</h3></td><td width="50% align="right"><h4><input type="text" name="zip" value="'.$row['zip'].'-'.$row['zip4'].'" readonly></h4></td></tr>
<tr><td width="50% align="left"><h3>Cross Streets:</h3></td><td width="50% align="right"><h4><input type="text" name="cross_roads" value="'.$row['cross_roads'].'" readonly></h4></td></tr></table>
</center></div>';


}		

		break;
    case 'edit':

global $conn;

$sqle = "SELECT * FROM `profiles` WHERE id='$_SESSION[uid]'";

$querye = mysql_query($sqle, $conn) or die(mysql_error());
$rowe = mysql_num_rows($querye);

if ( !isset($_POST['submit'])) {

while ($rowe = mysql_fetch_array($querye)) {
echo '<form action="" method="post">';
echo '<div id="edtprof"><center><h2>Personal Information</h2><table width="28%" align="center" background="images/trimmtext.gif" style="border-style:groove;border-color:navy;margin-top:12px;">
<tr><td width="50% align="left"><h3>Username:</h3></td><td width="50% align="right"><h4><input type="text" name="username" value="'.$rowe['username'].'" readonly></h4>
<tr><td width="50% align="left"><h3>Disabled:</h3></td><td width="50% align="right"><h4><input type="checkbox" name="disabled" value=""></h4>'; 
echo '</td></tr><tr><td width="50% align="left"><h3>First Name:</h3></td><td width="50% align="right"><h4><input type="text" name="first_name" id="first_name" value="'.$rowe['first_name'].'"></h4>';
echo '</td></tr><tr><td width="50% align="left"><h3>Last Name:</h3></td><td width="50% align="right"><h4><input type="text" name="last_name" value="'.$rowe['last_name'].'"></h4>'; 
echo '</td><tr><tr><td width="50% align="left"><h3>Group:</h3></td><td width="50% align="right"><h4><input type="text" name="group" value="'.$_SESSION['grpname'].'" readonly></h4>'; 
echo '</td><tr><tr><td width="50% align="left"><h3>Group 2:</h3></td><td width="50% align="right"><h4><input type="text" name="group2" value="'.$_SESSION['grp2name'].'" readonly></h4>'; 
echo  '</td></tr><tr><td width="50% algin="left"><h3>Home Phone:</h3></td><td width="50% align="right"><h4><input type="text" name="phone" value="'. $rowe['phone'].'"></h4></td></tr>';
echo '<tr><td width="50% algin="left"><h3>Alt Phone:</h3></td><td width="50% align="right"><h4><input type="text" name="altphone" value="'. $rowe['altphone'].'"></h4></td></tr>'; 
echo '<tr><td width="50% algin="left"><h3>Alt Phone Type:</h3></td><td width="50% align="right"><h4><input type="text" name="altphn_title" value="'. $rowe['altphn_title'].'"></h4></td></tr>';
echo '<tr><td width="50% algin="left"><h3>Email Address:</h3></td><td width="50% align="right"><h4><input type="text" name="email" value="'. $rowe['email'].'"></h4></td></tr></table>

<h2>Physical Address</h2><table width="28%" align="center" background="images/trimmtext.gif" style="border-style:groove;border-color:navy;margin-top:12px;">
<tr><td width="50% align="left"><h3>Address:</h3></td><td width="50% align="right"><h4><input type="text" name="address" value="'.$rowe['address'].'"></h4></td></tr>
<tr><td width="50% align="left"><h3>Address Line 2:</h3></td><td width="50% align="right"><h4><input type="text" name="address2" value="'.$rowe['address2'].'"></h4></td></tr>
<tr><td width="50% align="left"><h3>City:</h3></td><td width="50% align="right"><h4><input type="text" name="city" value="'.$rowe['city'].'"></h4></td></tr>
<tr><td width="50% align="left"><h3>State:</h3></td><td width="50% align="right"><h4><input type="text" name="state" value="'.$rowe['state'].'"></h4></td></tr>
<tr><td width="50% align="left"><h3>Zip Code:</h3></td><td width="50% align="right"><h4><input type="text" name="zip" value="'.$rowe['zip'].'">-<input type="text" name="zip4" value="'.$rowe['zip4'].'"></h4></td></tr>
<tr><td width="50% align="left"><h3>Cross Streets:</h3></td><td width="50% align="right"><h4><input type="text" name="cross_roads" value="'.$rowe['cross_roads'].'"></h4></td></tr>
<tr><td align="left"><input type="submit" name="submit" value="Save!"></td></tr></table></center></div></form>';
}


} else {

$first_name = $_POST[first_name];
$last_name = $_POST[last_name];
$phone = $_POST[phone];
$altphone = $_POST[altphone];
$altphn_title = $_POST[altphn_title];
$email = $_POST[email];
$address = $_POST[address];
$address2 = $_POST[address2];
$city = $_POST[city];
$state = $_POST[state];
$zip = $_POST[zip];
$zip4 = $_POST[zip4];
$cross_roads = $_POST[cross_roads];
$disabled = $_POST[disabled];

if ($disabled == NULL) {
$disabled = 1;
}
else {
$disabled = 0;
}

mysql_query("update profiles set disabled='$disabled', first_name='$first_name', last_name='$last_name', phone='$phone', altphone='$altphone', altphn_title='$altphn_title', email='$email', address='$address', address2='$address2', 
city='$city', state='$state', zip='$zip', zip4='$zip4', cross_roads='$cross_roads' WHERE id='$_SESSION[gid]'");
mysql_close();

echo '<META HTTP-EQUIV="refresh" content="0;URL=adminprofile.php?pg=view">'; 


}
break;

}		}
		
}	

}else{
   echo '<br><center><h3>You must be an admin to view this page. If you feel you have reached this message in error please contact the site admin.</h3></center>';
}

}
else{
   echo '<br><center><h3>You must be logged in to view this page. Please login!</h3></center>';
displayLogin();
}



?>
  • 2 Contributors
  • 4 Replies
  • 91 Views
  • 14 Hours Discussion Span
  • Latest Post Latest Post by eagled2

Recommended Answers

All 4 Replies

Member Avatar for R0bb0b

see if this works
added value to disabled checkbox
added check if disabled isset and = disabled
added if db disabled "checked='checked' "

<?php
session_start();

include 'config.php';

include 'opendb.php';
include("login.php");

echo '<link rel="stylesheet" type="text/css" href="profile.css">';

echo '<center><div id="page"><img src="images/profhead.gif" width="955" height="90" /></center>';

if($logged_in){

loggedgroup();
if($_SESSION[grptype] == 'Admin' or $_SESSION[grptype] == 'Superadmin' or $_SESSION[grptype2] == 'Admin' or $_SESSION[grptype2] == 'Superadmin'){

if ($_SESSION['uid'] == NULL){
echo '<META HTTP-EQUIV="refresh" content="0;URL=admin.php">';
}else{
displayLogin();

echo '<hr>';

if( isset($_GET['pg']) ) { 
 switch( $_GET['pg']) {
 	case 'view':

global $conn;

$sql = "SELECT * FROM `profiles` WHERE id='$_SESSION[uid]'";

$query = mysql_query($sql, $conn) or die(mysql_error());
$row = mysql_num_rows($query);
while ($row = mysql_fetch_array($query)) {
if($row['disabled'] == "1")
{
	$checkdisabled = 'checked="checked" ';
}
else
{
	$checkdisabled = '';
}
echo '<div id="vwprof"><center><h2>Personal Information</h2><table width="28%" align="center" background="images/trimmtext.gif" style="border-style:groove;border-color:navy;margin-top:12px;">
<tr><td width="50% align="left"><h3>Username:</h3></td><td width="50% align="right"><h4><input type="text" name="user" value="'.$row['username'].'" readonly></h4>
<tr><td width="50% align="left"><h3>Disabled:</h3></td><td width="50% align="right"><h4><input type="checkbox" ' . $checkdisabled . 'name="disabled" value="disabled" readonly></h4>'; 
echo '</td></tr><tr><td width="50% align="left"><h3>Name:</h3></td><td width="50% align="right"><h4><input type="text" name="name" value="'.$row['first_name'].' '.$row['last_name'].'" readonly></h4>'; 
echo '</td><tr><tr><td width="50% align="left"><h3>Group:</h3></td><td width="50% align="right"><h4><input type="text" name="group" value="'.$_SESSION['grpname'].'" readonly></h4>';
echo '</td><tr><tr><td width="50% align="left"><h3>Group 2:</h3></td><td width="50% align="right"><h4><input type="text" name="group2" value="'.$_SESSION['grp2name'].'" readonly></h4>'; 
echo  '</td></tr><tr><td width="50% algin="left"><h3>Home Phone:</h3></td><td width="50% align="right"><h4><input type="text" name="phone" value="'. $row['phone'].'" readonly></h4></td></tr>';
echo '<tr><td width="50% algin="left"><h3>Alt Phone:</h3></td><td width="50% align="right"><h4><input type="text" name="altphone" value="'. $row['altphone'].'" readonly></h4></td></tr>'; 
echo '<tr><td width="50% algin="left"><h3>Alt Phone Type:</h3></td><td width="50% align="right"><h4><input type="text" name="altphn_title" value="'. $row['altphn_title'].'" readonly></h4></td></tr>';
echo '<tr><td width="50% algin="left"><h3>Email Address:</h3></td><td width="50% align="right"><h4><input type="text" name="email" value="'. $row['email'].'" readonly></h4></td></tr>
<tr align="left"><center><td><a href="adminprofile.php?pg=edit">Edit Personal Profile</a></td></center><td><a href="adminprofile.php?pg=systems">View System Profiles</a></td> <td align="right"></tr></table>

<h2>Physical Address</h2><table width="28%" align="center" background="images/trimmtext.gif" style="border-style:groove;border-color:navy;margin-top:12px;">
<tr><td width="50% align="left"><h3>Address:</h3></td><td width="50% align="right"><h4><input type="text" name="address" value="'.$row['address'].'" readonly></h4></td></tr>
<tr><td width="50% align="left"><h3>Address Line 2:</h3></td><td width="50% align="right"><h4><input type="text" name="address2" value="'.$row['address2'].'" readonly></h4></td></tr>
<tr><td width="50% align="left"><h3>City, State:</h3></td><td width="50% align="right"><h4><input type="text" name="city" value="'.$row['city'].', '.$row['state'].'" readonly></h4></td></tr>
<tr><td width="50% align="left"><h3>Zip Code:</h3></td><td width="50% align="right"><h4><input type="text" name="zip" value="'.$row['zip'].'-'.$row['zip4'].'" readonly></h4></td></tr>
<tr><td width="50% align="left"><h3>Cross Streets:</h3></td><td width="50% align="right"><h4><input type="text" name="cross_roads" value="'.$row['cross_roads'].'" readonly></h4></td></tr></table>
</center></div>';


}		

		break;
    case 'edit':

global $conn;

$sqle = "SELECT * FROM `profiles` WHERE id='$_SESSION[uid]'";

$querye = mysql_query($sqle, $conn) or die(mysql_error());
$rowe = mysql_num_rows($querye);

if ( !isset($_POST['submit'])) {

while ($rowe = mysql_fetch_array($querye)) {
if($rowe['disabled'] == "1")
{
	$checkdisabled = 'checked="checked" ';
}
else
{
	$checkdisabled = '';
}
echo '<form action="" method="post">';
echo '<div id="edtprof"><center><h2>Personal Information</h2><table width="28%" align="center" background="images/trimmtext.gif" style="border-style:groove;border-color:navy;margin-top:12px;">
<tr><td width="50% align="left"><h3>Username:</h3></td><td width="50% align="right"><h4><input type="text" name="username" value="'.$rowe['username'].'" readonly></h4>
<tr><td width="50% align="left"><h3>Disabled:</h3></td><td width="50% align="right"><h4><input type="checkbox" ' . $checkdisabled . 'name="disabled" value="disabled"></h4>'; 
echo '</td></tr><tr><td width="50% align="left"><h3>First Name:</h3></td><td width="50% align="right"><h4><input type="text" name="first_name" id="first_name" value="'.$rowe['first_name'].'"></h4>';
echo '</td></tr><tr><td width="50% align="left"><h3>Last Name:</h3></td><td width="50% align="right"><h4><input type="text" name="last_name" value="'.$rowe['last_name'].'"></h4>'; 
echo '</td><tr><tr><td width="50% align="left"><h3>Group:</h3></td><td width="50% align="right"><h4><input type="text" name="group" value="'.$_SESSION['grpname'].'" readonly></h4>'; 
echo '</td><tr><tr><td width="50% align="left"><h3>Group 2:</h3></td><td width="50% align="right"><h4><input type="text" name="group2" value="'.$_SESSION['grp2name'].'" readonly></h4>'; 
echo  '</td></tr><tr><td width="50% algin="left"><h3>Home Phone:</h3></td><td width="50% align="right"><h4><input type="text" name="phone" value="'. $rowe['phone'].'"></h4></td></tr>';
echo '<tr><td width="50% algin="left"><h3>Alt Phone:</h3></td><td width="50% align="right"><h4><input type="text" name="altphone" value="'. $rowe['altphone'].'"></h4></td></tr>'; 
echo '<tr><td width="50% algin="left"><h3>Alt Phone Type:</h3></td><td width="50% align="right"><h4><input type="text" name="altphn_title" value="'. $rowe['altphn_title'].'"></h4></td></tr>';
echo '<tr><td width="50% algin="left"><h3>Email Address:</h3></td><td width="50% align="right"><h4><input type="text" name="email" value="'. $rowe['email'].'"></h4></td></tr></table>

<h2>Physical Address</h2><table width="28%" align="center" background="images/trimmtext.gif" style="border-style:groove;border-color:navy;margin-top:12px;">
<tr><td width="50% align="left"><h3>Address:</h3></td><td width="50% align="right"><h4><input type="text" name="address" value="'.$rowe['address'].'"></h4></td></tr>
<tr><td width="50% align="left"><h3>Address Line 2:</h3></td><td width="50% align="right"><h4><input type="text" name="address2" value="'.$rowe['address2'].'"></h4></td></tr>
<tr><td width="50% align="left"><h3>City:</h3></td><td width="50% align="right"><h4><input type="text" name="city" value="'.$rowe['city'].'"></h4></td></tr>
<tr><td width="50% align="left"><h3>State:</h3></td><td width="50% align="right"><h4><input type="text" name="state" value="'.$rowe['state'].'"></h4></td></tr>
<tr><td width="50% align="left"><h3>Zip Code:</h3></td><td width="50% align="right"><h4><input type="text" name="zip" value="'.$rowe['zip'].'">-<input type="text" name="zip4" value="'.$rowe['zip4'].'"></h4></td></tr>
<tr><td width="50% align="left"><h3>Cross Streets:</h3></td><td width="50% align="right"><h4><input type="text" name="cross_roads" value="'.$rowe['cross_roads'].'"></h4></td></tr>
<tr><td align="left"><input type="submit" name="submit" value="Save!"></td></tr></table></center></div></form>';
}


} else {

$first_name = $_POST["first_name"];
$last_name = $_POST["last_name"];
$phone = $_POST["phone"];
$altphone = $_POST["altphone"];
$altphn_title = $_POST["altphn_title"];
$email = $_POST["email"];
$address = $_POST["address"];
$address2 = $_POST["address2"];
$city = $_POST["city"];
$state = $_POST["state"];
$zip = $_POST["zip"];
$zip4 = $_POST["zip4"];
$cross_roads = $_POST["cross_roads"];

if (isset($_POST["disabled"]) && $_POST["disabled"] == "disabled") {
$disabled = 1;
}
else {
$disabled = 0;
}

mysql_query("update profiles set disabled='$disabled', first_name='$first_name', last_name='$last_name', phone='$phone', altphone='$altphone', altphn_title='$altphn_title', email='$email', address='$address', address2='$address2', 
city='$city', state='$state', zip='$zip', zip4='$zip4', cross_roads='$cross_roads' WHERE id='$_SESSION[gid]'");
mysql_close();

echo '<META HTTP-EQUIV="refresh" content="0;URL=adminprofile.php?pg=view">'; 


}
break;

}		}
		
}	

}else{
   echo '<br><center><h3>You must be an admin to view this page. If you feel you have reached this message in error please contact the site admin.</h3></center>';
}

}
else{
   echo '<br><center><h3>You must be logged in to view this page. Please login!</h3></center>';
displayLogin();
}



?>
Member Avatar for eagled2

Thank you. That was just what I was missing. I did have a typo in my query but once I fixed that and added your changes it worked great.

I never knew you could combine 2 if statements together like that. I am a little puzzled still though on how the below code you added combined with the variable name being added to the input tag works though. As far as I can tell somehow putting the variable in there tells the script to run the below code but it doesn't quite make since to me.

The part that really puzzles me is

$checkdisabled = 'checked="checked" ';
if($row['disabled'] == "1")

{

$checkdisabled = 'checked="checked" ';

}

else

{

$checkdisabled = '';

}
Member Avatar for R0bb0b

$checkdisabled is pluged into the checkbox so when you pull the query, if the column "disabled" is 1 then checked="checked" is added to the checkbox making it checked else that will be left out making it unchecked. I know a lot of people just put the word checked in the checkbox tag but checked="checked" is the correct xhtml syntax.

Member Avatar for eagled2

Thank you. That makes more since now.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.