prepare("SELECT * FROM users WHERE id = ?"); $stmt->execute([$id]); $user = $stmt->fetch(); if (!$user) { header("Location: users.php?error=User not found"); exit; } if ($_SERVER['REQUEST_METHOD'] === 'POST') { $username = $_POST['username']; $role = $_POST['role']; $password = $_POST['password']; if ($username && $role) { try { if ($password) { $hashed_password = password_hash($password, PASSWORD_DEFAULT); $stmt = $db->prepare("UPDATE users SET username = ?, password = ?, role = ? WHERE id = ?"); $stmt->execute([$username, $hashed_password, $role, $id]); } else { $stmt = $db->prepare("UPDATE users SET username = ?, role = ? WHERE id = ?"); $stmt->execute([$username, $role, $id]); } header("Location: users.php?success=User updated"); exit; } catch (PDOException $e) { $error = "Error: " . $e->getMessage(); } } else { $error = "Please fill all required fields."; } } include 'templates/header.php'; ?>

Edit User

Cancel