Since changing to php5, I am revamping my code. Since register_globals is turned off by default and has been since around 4.2. I am trying to do better at defining my variables. I have this form that edits a user. I am using a switch with a value of "op".
The variable use to pass fine and get me to the correct function, but now I cannot get it to pass for anything. Ive tried several things. My other form variables pass fine, but the op variable is not passing. My code is below and any help is always appreciated.
user.php
function edituser($id) {
$page_title = "BFD - Site Administration";
include ("includes/header.php");
$sql = "SELECT * FROM users WHERE userid='$id'";
$result = mysql_query($sql);
if ($result!= 0) {
$row = mysql_fetch_array($result);
$user = stripslashes($row['username']);
$name = stripslashes($row['name']);
$email = stripslashes($row['email']);
$access = intval($row['access']);
$admin = intval($row['admin']);
echo "<div id=\"content\">"
."<div class=\"admin\">";
adminmenu();
echo "<p><b>Edit User</p>"
."<form name=\"form\" method=\"post\" action=\"admin.php\">"
."<table cellspacing=\"0\" cellpadding=\"2\" border=\"0\"><tr>"
."<td width=\"20%\">Username:</td>"
."<td>$user</td>"
."</tr><tr>"
."<td width=\"20%\">Name:</td>"
."<td><input type=\"text\" name=\"name\" value=\"$name\" size=\"30\" maxlength=\"40\" /></td>"
."</tr><tr>"
."<td width=\"20%\">Email:</td>"
."<td><input type=\"text\" name=\"email\" value=\"$email\" size=\"30\" maxlength=\"40\" /></td>"
."</tr><tr>"
."<td width=\"20%\">Password:</td>"
."<td><input type=\"password\" name=\"password\" size=\"25\" maxlength=\"16\" /></td>"
."</tr><tr>"
."<td></td>"
."<td class=\"small\"> Letters and numbers only. Minimum 5 characters, maximum 16 characters.</td>"
."</tr><tr>"
."<td>Access Status:</td>"
."<td><select name=\"access\">"
."<option value=\"\">Select one...</option>";
$start = 1;
for($i=0; $start+$i <= 4; $i++) {
$a = $start+$i;
if ($access == $a) {
echo "<option value=\"$a\" selected>$a</option>";
} else {
echo "<option value=\"$a\">$a</option>";
}
}
echo "</select></td>"
."</tr><tr>"
."<td>Admin Status:</td>"
."<td><select name=\"admin\">"
."<option value=\"\">Select one...</option>";
if ($admin == 1) {
echo "<option value=\"1\" selected>Yes</option>";
echo "<option value=\"0\">No</option>";
} else {
echo "<option value=\"1\">Yes</option>";
echo "<option value=\"0\" selected>No</option>";
}
echo "</select></td>"
."</tr></table>"
."</tr><tr>"
."<td colspan=\"2\" align=\"center\">"
."<input type=\"hidden\" name=\"id\" value=\"$id\">"
."<input type=\"hidden\" name=\"op\" value=\"modifyuser\">"
."<input type=\"submit\" name=\"submit\" value=\"Make Changes\"> "
."<input type=\"button\" value=\"Back\" onClick=\"history.go(-1)\"></td></tr>"
."</table>"
."</form>"
."</div></div>";
include ("includes/nav.php");
include ("includes/footer.php");
}
}
function modifyuser ($id, $name, $password, $email, $access, $admin) {
$page_title = "BFD - Site Administration";
include ("includes/header.php");
if ($password) {
mysql_query("UPDATE users SET name='$name', password=PASSWORD('$password'), email='$email', access='$access', admin='$admin' WHERE userid='$id'");
} else {
mysql_query("UPDATE users SET name='$name', email='$email', access='$access', admin='$admin' WHERE userid='$id'");
}
echo "<div id=\"content\">"
."<div class=\"admin\">";
adminmenu();
echo "<br /><p class=\"error\" align=\"center\">User successfully edited.</p>"
."</div></div>";
include ("includes/nav.php");
include ("includes/footer.php");
}
$_GET['op'] = (isset($_GET['op'])) ? $_GET['op'] : '';
switch($_GET['op']) {
case "modifyuser":
modifyuser($_GET['id'], $_GET['name'], $_GET['password'], $_GET['email'], $_GET['access'], $_GET['admin']);
break;
}
