<form role="form" action="profile_update.php"> <div class="form-group"> <label>First Name</label> <input class="form-control" name="first_name" value="<?php echo( htmlspecialchars( $row['first_name'] ) ); ?>"> </div> <div class="form-group"> <label>Last Name</label> <input class="form-control" name="last_name" value="<?php echo( htmlspecialchars( $row['last_name'] ) ); ?>"> </div> <fieldset disabled> <div class="form-group"> <label for="disabledSelect">Username</label> <input class="form-control" id="disabledInput" name="username" type="text" placeholder="<?php echo( htmlspecialchars( $row['username'] ) ); ?>" disabled> </div></fieldset> <div class="form-group"> <label>Address</label> <textarea class="form-control" rows="3" name="address" placeholder="<?php echo( htmlspecialchars( $row['address'] ) ); ?>"></textarea> </div> <div class="form-group"> <label>Contact No.</label> <input class="form-control" name="contact_no" value="<?php echo( htmlspecialchars( $row['contact_no'] ) ); ?>"> </div> <fieldset disabled> <div class="form-group"> <label for="disabledSelect">Email ID</label> <input class="form-control" id="disabledInput" name="email_id" type="text" placeholder="<?php echo( htmlspecialchars( $row['email_id'] ) ); ?>" disabled> </div></fieldset> <fieldset disabled> <div class="form-group"> <label for="disabledSelect">Department</label> <input class="form-control" id="disabledInput" name="department" type="text" placeholder="<?php echo( htmlspecialchars( $row['department'] ) ); ?>" disabled> </div></fieldset> <button type="submit" class="btn btn-default">Submit</button> <button type="reset" class="btn btn-default">Reset</button> </form> </div>
<?php session_start(); ob_start(); $con=mysqli_connect("localhost","root","","hct_db"); // Check connection if (mysqli_connect_errno()) { echo "Failed to connect to MySQL: " . mysqli_connect_error(); } // escape variables for security $first_name = mysqli_real_escape_string($con, $_POST['first_name']); $last_name = mysqli_real_escape_string($con, $_POST['last_name']); $address = mysqli_real_escape_string($con, $_POST['address']); $contact_no = mysqli_real_escape_string($con, $_POST['contact_no']); mysqli_query($con,"UPDATE admin SET first_name='$first_name', last_name='$last_name', address='$address', contact_no='contact_no' where username= '".$_SESSION['username']."'"); mysqli_close($con); ob_end_flush(); ?>
var
This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)