PHP
session_start();
if (!(isset($_SESSION['login']) && $_SESSION['login'] != '')) {
header ("Location: ../../kms/login.php");
}
include('./includes/config.php');
$employee = $_POST['employ'];
if (isset($_POST['update'])){
$new = $_POST['Employee'];
$Lname = $_POST['Lname'];
$Fname = $_POST['Fname'];
$Unit = $_POST['unit'];
$Position = $_POST['Position'];
$visor = $_POST['SupervisorID'];
$Acc = $_POST['AccessLevel'];
$query="UPDATE empinfo Set empID='$new', lastname='$Lname', firstname='$Fname',
Unit='$Unit', Position='$Position', Supervisor='$visor' where empID = '$employee
'";
$query2 ="UPDATE empaccount SET empID='$new', lastname='$Lname', AccessLevel='$A
cc' where empID = '$employee'";
if (!mysql_query($query,$db))
{
die('Error: ' . mysql_error());
}
if (!mysql_query($query2,$db))
{
die('Error: ' . mysql_error());
}
mysql_close($db);
header("Location:empmngt.php");
/*echo"$new";
echo"$Lname";
echo"$Fname";
echo"$Unit";
echo"$Position";
echo"$visor";
echo"$Acc";*/
}
?>
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="./includes/style.css">
<title></title>
</head>
<body>
<div class="header">
<img src="../images/logo.png">
<b>
<ul>
<li><a href="home.php">Dashboard</a></li>
<li><a href="createevent.php">Create Event</a></li>
<li><a href="reports.php">Reports</a></li>
<li><a href="recommendations.php">Recommendations</a></li>
<li><a href="empmngt.php" class="active">Employee Mngmt.</a></li>
<li><a href="changepwsd.php">Password</a></li>
<li><a href="logout.php">Log-out</a></li>
</ul>
</b>
<br>
</div>
<div class="contains">
<?php
$query = "SELECT empid, lastname, firstname, unit, position, supervisor from emp
info where empid='$employee'";
$result = @mysql_query($query);
$results = array();
$results= mysql_fetch_assoc($result, MYSQL_NUM);
$employee = $results[0];
$Lname = $results[1];
$Fname = $results[2];
$Unit = $results[3];
$Position = $results[4];
$visor = $results[5];
$querylev = "SELECT AccessLevel from empaccount where empID ='$employee'";
$resultlev = @mysql_query($querylev);
$resultarraylev = array();
$resultarraylev = mysql_fetch_assoc($resultlev, MYSQL_NUM);
$level = $resultarraylev[0];
$querysup = "SELECT FirstName, LastName from empinfo where empID ='$visor'";
$resultsup = @mysql_query($querysup);
$resultarraysup = array();
$resultarraysup = mysql_fetch_assoc($resultsup, MYSQL_NUM);
$Fsup = $resultarraysup[0];
$Lsup = $resultarraysup[1];