It’s giving me error:
Warning: Undefined array key “id” in D:xampphtdocsBlogFulladminedit-user-logic.php on line 5
Fatal error: Uncaught mysqli_sql_exception: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near ‘LIMIT 1’ at line 1 in D:xampphtdocsBlogFulladminedit-user-logic.php:14 Stack trace: #0 D:xampphtdocsBlogFulladminedit-user-logic.php(14): mysqli_query(Object(mysqli), ‘UPDATE users SE…’) #1 {main} thrown in D:xampphtdocsBlogFulladminedit-user-logic.php on line 14
I tried replacing single quotes with ` , but it didn’t help
<?php
require 'config/database.php';
if(isset($_POST['submit'])) {
$id = filter_var($_POST['id'], FILTER_SANITIZE_NUMBER_INT);
$firstname = filter_var($_POST['firstname'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$lastname = filter_var($_POST['lastname'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
$is_admin = filter_var($_POST['userrole'], FILTER_SANITIZE_NUMBER_INT);
if(!$firstname || !$lastname) {
$_SESSION['edit-user'] = "Invalid form input on edit page.";
} else {
$query = "UPDATE users SET firstname='$firstname', lastname='$lastname', is_admin=$is_admin WHERE id=$id LIMIT 1";
$result = mysqli_query($connection, $query);
if(mysqli_errno($connection)) {
$_SESSION['edit-user'] = "Failed to update user.";
} else {
$_SESSION['edit-user-success'] = "User $firstname $lastname updated sucessfully";
}
}
}
header('location: ' . ROOT_URL . 'admin/manage-users.php');
die();