flawlessgreen

Ok now it works. if ($customer == 1) { $row = mysql_fetch_assoc($customers); $realname = $row['realname']; //i have to put it outside for it to display the database data in the textbox $username = $row['username']; $email = $row['email']; $password = $row['password']; $address = $row['address']; if (isset($_POST['submit'])) { //you should check if values exist and data you expect //you can check each one of these else make an error or keep values from database if (isset($_POST['new_realname']) && trim($_POST['new_realname']) != '') { $realname = $_POST['new_realname']; } else { $realname = $row['realname']; }

It still won't work. I tried var_dump($_SESSION['user_id']) i get a NULL

array(1) { ["user"]=> string(1) "1" }

Apparently it doesn't detect the value, I am not sure. That's why it show "No user with that id"

<?php session_start(); include_once 'dbconnect.php'; //for the session user it allows only logged in user to view if (!isset($_SESSION['user']) && !isset($_SESSION['user_id'])) { header("Location: index.php"); exit; //use exit() so the script does not continue to run } // to get the data of the name and display welcome! (blablabla) $res=mysql_query("SELECT * FROM users WHERE user_id='" . $_SESSION['user'] . "'"); $userRow=mysql_fetch_array($res); $customers = mysql_query("SELECT * FROM users where user_id='" . $_SESSION['user_id'] . "'"); $customer = mysql_num_rows($customers); if ($customer == 1) { $row = mysql_fetch_assoc($customers); if (isset($_POST['submit'])) { //you should check if values exist and data you expect //you can check each one of these else make an error or keep values from database if (isset($_POST['new_realname']) && trim($_POST['new_realname']) != '') { $realname = $_POST['new_realname']; } else { $realname = $row['realname']; } if (isset($_POST['new_username']) && trim($_POST['new_username']) != '') { $username = $_POST['new_username']; } else { $username = $row['username']; } if (isset($_POST['new_email']) && !filter_var($_POST['new_email'], FILTER_VALIDATE_EMAIL) === false) { $email = $_POST['new_email']; } else { $email = $row['email']; } if (isset($_POST['new_password']) && trim($_POST['new_password']) != '') { $password = md5($_POST['new_password']); //use password_hash() and password_verify() } else { $password = $row['password']; //can't reverse hashed passwords to show in form } if (isset($_POST['new_address']) && trim($_POST['new_address']) != '') { $address = $_POST['new_address']; } else { $address = $row['address']; } //escape values before inserting with mysql_real_escape_string, mysqli_real_escape_string or pdo and prepared statements if (mysql_query("UPDATE users SET realname='" . mysql_real_escape_string($realname) . "', username='" . mysql_real_escape_string($username) . "', email='" . mysql_real_escape_string($email) . "', password='$password', address='" . mysql_real_escape_string($address) . "' WHERE user_id='" . $_SESSION['user_id'] . "'")) { header("Location: editprofileLog.php"); exit; } else { ?> <script>alert('error while updating you...');</script> <?php } } } else { echo "No user with that id"; } ?> Welcome! <b><?php echo $userRow['username']; ?> <form method="POST"> <table border="0"> <tr> <td><input type="text" name="new_realname" value="<?php echo $realname ?>" placeholder="Real Name" required /></td> </tr> <tr> <td><input type="text" name="new_username" value="<?php echo $username ?>" placeholder="User Name" required /></td> </tr> <tr> <td><input type="email" name="new_email" value="<?php echo $email ?>" placeholder="Your Email" required /></td> </tr> <tr> <td><input type="password" name="new_password" value="<?php echo $password ?>" placeholder="Type if want new password" /></td> </tr> <tr> <td><input type="text" name="new_address" value="<?php echo $address ?>" placeholder="Address" required /></td> </tr> <tr> <td><button type="submit" name="submit" value="submit">Update</button></td> </tr> </table> </form> I have kind of edited QuickOldCar code. Sorry if I am wrong, learning the process of coding. I have 3 data inside my database, which have user_id "1", "2," and "3"

Hi thanks for the help. But it keeps showing "no user with that id"

How do I display users that log in with their information in the edit profile section? Currently my code only display the first user in my database, even though a different user is logged in. <?php session_start(); include_once 'dbconnect.php'; if(!isset($_SESSION['user'])) { header("Location: index.php"); } $res=mysql_query("SELECT * FROM admin WHERE user_id=".$_SESSION['user']); $userRow=mysql_fetch_array($res); if(isset($_SESSION['user'])) { $customerID = $_SESSION['user_id']; $username = $_SESSION['username']; $customers = mysql_query("SELECT * FROM admin where user_id='".$customerID."'"); $customer = mysql_num_rows($customers); if($customer== 1){ $row = mysql_fetch_assoc($customers); $realname = $row['realname']; $username = $row['username']; $email = $row['email']; $password = $row['password']; $address = $row['address']; if(isset($_POST['submit'])){ $_var1 = $_POST['new_realname']; $_var2 = $_POST['new_username']; $_var3 = $_POST['new_email']; $_var4 = md5($_POST['new_password']); $_var5 = $_POST['new_address']; if(mysql_query("UPDATE admin SET realname='$_var1', username='$_var2', email='$_var3', password='$_var4', address='$_var5' WHERE user_id='$customerID'")) { ?> <?php header("Location: ADeditprofile.php"); } else { ?> <script>alert('error while updating you...');</script> <?php } } } } ?> <form method="POST"> <table border="0"> <tr> <td><input type="text" name="new_realname" value="<?php echo $realname ?>" placeholder="Real Name" required /></td> </tr> <tr> <td><input type="text" name="new_username" value="<?php echo $username ?>" placeholder="User Name" required /></td> </tr> <tr> <td><input type="email" name="new_email" value="<?php echo $email ?>" placeholder="Your Email" required /></td> </tr> <tr> <td><input type="password" name="new_password" value="<?php echo $password ?>" placeholder="Your Password" required /></td> </tr> <tr> <td><input type="text" name="new_address" value="<?php echo $address ?>" placeholder="Address" required /></td> </tr> <tr> <td><button type="submit" name="submit" value="submit">Update</button></td> </tr> </table> </form>