real_escape($_GET['val']);
if(isset($val) && $val == "del"){
$id = $db->real_escape($_GET['id']);
$query = "DELETE FROM admin WHERE id = '$id'";
if($db->query($query)){
$msg = "Record Successfully Deleted";
}else{
$error = "Network Error.";
}
}
if(!empty($val) || $val == "edit"){
$id = $db->real_escape($_GET['id']);
$result = $db->fetch_array($db->query("SELECT * FROM admin WHERE id = '$id'"));
$edit = true;
}
if(isset($_POST['create']) || isset($_POST['update'])){
$id = $db->real_escape($_POST['id']);
$UserName = $db->real_escape($_POST['UserName']);
$Password = $db->real_escape($_POST['Password']);
$FullName = $db->real_escape($_POST['FullName']);
$status = $db->real_escape($_POST['status']);
if(isset($_POST['update'])){
$operation = "UPDATE";
$where = "WHERE id = '$id'";
$success_message = "Record Successfully Update";
}elseif(isset($_POST['create'])){
$operation = "INSERT INTO";
$where = "";
$success_message = "Record Successfully Added";
}
if($db->num_rows($db->query("SELECT * FROM admin WHERE UserName = '$UserName'")) == 0 || isset($_POST['update'])){
$query = "$operation admin SET UserName = '$UserName', Password = '$Password', FullName = '$FullName', status = '$status' $where";
if($db->query($query)){
$msg = $success_message;
}else{
$error = "Network Error.";
}
}else{
$error = "This UserName already exist.";
}
}
?>
| # |
Full Name |
UserName |
Password |
Status |
Creation Date |
Action |
query("SELECT * FROM admin WHERE type != 'Admin' ORDER BY id DESC");
$count = $db->num_rows($record);
while($result = $db->fetch_array($record)){
?>
|
|
|
|
|
|
|