prepare("SELECT id, name, email, role FROM users WHERE id = ?"); $stmt->execute([$user_id]); $user = $stmt->fetch(PDO::FETCH_ASSOC); if (!$user) { header("Location: users.php?error=not_found"); exit; } } catch (PDOException $e) { $error_message = 'Database error: ' . $e->getMessage(); } if ($_SERVER['REQUEST_METHOD'] === 'POST') { $name = $_POST['name'] ?? ''; $email = $_POST['email'] ?? ''; $role = $_POST['role'] ?? 'Employee'; $password = $_POST['password'] ?? ''; if (empty($name) || empty($email)) { $error_message = 'Name and Email are required.'; } elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $error_message = 'Invalid email format.'; } else { try { $pdo = db(); // Check if email already exists for another user $stmt = $pdo->prepare("SELECT id FROM users WHERE email = ? AND id != ?"); $stmt->execute([$email, $user_id]); if ($stmt->fetch()) { $error_message = 'Email already exists for another user.'; } else { if (!empty($password)) { $hashed_password = password_hash($password, PASSWORD_DEFAULT); $sql = "UPDATE users SET name = ?, email = ?, role = ?, password = ? WHERE id = ?"; $stmt = $pdo->prepare($sql); $stmt->execute([$name, $email, $role, $hashed_password, $user_id]); } else { $sql = "UPDATE users SET name = ?, email = ?, role = ? WHERE id = ?"; $stmt = $pdo->prepare($sql); $stmt->execute([$name, $email, $role, $user_id]); } header("Location: users.php?success=user_updated"); exit; } } catch (PDOException $e) { $error_message = 'Database error: ' . $e->getMessage(); } } } ?> Edit User - IC-Inventory

Edit User

Leave blank to keep the current password.
Cancel