Update a User in an SQL Database

User Email:

User First Name:

User Last Name:

User Updated Date:



The code used for index.php is below:


<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=
    , initial-scale=1.0">
    <link rel="stylesheet" href="../styles.css">
    <title>Update Database Contents</title>
</head>
<body>

    <h1 class="lesson-h1">Update a User in an SQL Database</h1>

    <?php
        include('../connection.php');

            $sql = "SELECT * FROM `users` WHERE id = 176";
            $result = mysqli_query($link, $sql); 
            $result = mysqli_fetch_assoc($result);
            echo "<p>User Email: <strong>$result[email]</strong></p>";
            echo "<p>User First Name: <strong>$result[first_name]</strong></p>";
            echo "<p>User Last Name: <strong>$result[last_name]</strong></p>";
            echo "<p>User Updated Date: <strong>$result[created]</strong></p>";
            
        $first_name = htmlentities($_POST['first-name']);
        $last_name = htmlentities($_POST['last-name']);

        if(isset($_POST['update'])){

            if(strlen($first_name) > 20){
                echo "<h3>First Name Too Long | Max Chars = 20</h3>";
            } else if(strlen($last_name) > 25){
                echo "<h3>Last Name Too Long | Max Chars = 25</h3>";
            } else {
                if(!empty($first_name)){
                    $sql = "UPDATE `users` SET `first_name` = '$first_name' WHERE id = 176";
                    mysqli_query($link, $sql); 
                    header("location: index.php");
                } 
                if(!empty($last_name)){
                    $sql = "UPDATE `users` SET `last_name` = '$last_name' WHERE id = 176";
                    mysqli_query($link, $sql);
                    header("location: index.php");
                } 
                else {
                    echo "<h3>Nothing Was Updated</h3>";
                }
            }    
        }

    ?>

    <form action="index.php" method="post">
        <input type="text" name="first-name" id="first-name" placeholder="First Name">
        <input type="text" name="last-name" id="last-name" placeholder="Last Name">
        <input type="submit" value="Update" name ="update">
    </form>
    <hr>

    <?php
        include('../show_code.php');
        show_code('index.php');
    ?>
    
</body>
</html>