php-user-management/action.php at main · ephremmatheus/php-user-management · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
<?php
session_start(); //serve para guardar as informaçoes do usuario, com isso é possivel registrar e resgatar as informaçoes usando $_SESSION[nome] = 'ze'
require 'connection.php';

if(isset($_POST['create_user'])){ //Se o formulário foi enviado pelo botão create_user, então execute o código abaixo.
    $name = mysqli_real_escape_string($connection, trim($_POST["name"])); //Pegue o nome enviado pelo formulário, remova espaços extras e deixe ele seguro para usar no banco.
    $email = mysqli_real_escape_string($connection, trim($_POST["email"]));
    $date_of_birth = mysqli_real_escape_string($connection, trim($_POST["date_of_birth"]));
    $password = isset($_POST["password"]) ? mysqli_real_escape_string($connection, password_hash(trim($_POST["password"]), PASSWORD_DEFAULT)) : '';

    $sql = "INSERT INTO usuarios (name, user_email, date_of_birth, password) VALUES ('$name', '$email', '$date_of_birth', '$password')";

    $isAnyEmpty = empty($name) || empty($email) || empty($date_of_birth) || empty($password);

    if($isAnyEmpty){
        $_SESSION['empty'] = "All inputs must be filled";
        header('Location: user-create.php');
        exit;
    } else{
        mysqli_query($connection , $sql);
        if(mysqli_affected_rows($connection) > 0){
            $_SESSION['message'] = 'User created';
            header('Location: index.php');
            exit;
        } else {
            $_SESSION['message'] = 'Error, user not created';
            header('Location: index.php');
            exit;
        }
    }


}

if(isset($_POST['update_user'])){
    $user_id = $_POST['id'];
    $name = mysqli_real_escape_string($connection, trim($_POST["name"]));
    $email = mysqli_real_escape_string($connection, trim($_POST["email"]));
    $date_of_birth = mysqli_real_escape_string($connection, trim($_POST["date_of_birth"]));
    // $password = isset($_POST["password"]) ? mysqli_real_escape_string($connection, password_hash(trim($_POST["password"]), PASSWORD_DEFAULT)) : '';

    $sql = "UPDATE usuarios SET name = '$name', user_email = '$email', date_of_birth = '$date_of_birth' WHERE id = '$user_id'";

    $isAnyEmpty = empty($name) || empty($email) || empty($date_of_birth)  /* || empty($password)*/;

    if($isAnyEmpty){
        $_SESSION['empty'] = "All inputs must be filled";
        header('Location: user-create.php');
        exit;
    } else{
        mysqli_query($connection , $sql);
        if(mysqli_affected_rows($connection) > 0){
            $_SESSION['message'] = 'User edited';
            header('Location: index.php');
            exit;
        } else {
            $_SESSION['message'] = 'Error, user not edited';
            header('Location: index.php');
            exit;
        }
    }


}

if(isset($_POST['user_delete'])){
    $id = $_POST['user_delete'];
    $sql = "DELETE FROM usuarios WHERE id = '$id'";
    print_r($id);

    $result = mysqli_query($connection, $sql);
    if(mysqli_affected_rows($connection) > 0){
        $_SESSION['message'] = 'User deleted';
        header('Location: index.php');
    } else {
        $_SESSION['message'] = 'User not deleted';
        header('Location: index.php');
    }

}

?>