Hello phpfreaks.
I had made a page where I want the user to have a opportunity to update their user information. At that page I have 3 checkboxes $_POST[‘work’] , $_POST[‘private’] , $_POST[‘hide_private’] and I want them to be checked if the value are ‘one’ an unchecked if the value is ‘0’. But I also want the database to be updated if there are any changes.
How can I do that? Somebody please help me!!! Thanks…
Here is my code..
<?php
session_start();
$db = mysql_connect('localhost', 'root', '') or
die ('Det var ikke muligt at få forbindelse til databasen.');
mysql_select_db('postbil', $db) or die(mysql_error($db));
if (isset($_POST['submit']) && $_POST['submit'] == 'Update') {
// Filtrering av indkommende værdier
$work = (isset($_POST['work'])) ? trim($_POST['work']) : '';
$private = (isset($_POST['private'])) ? trim($_POST['private']) : '';
$email = (isset($_POST['loginname'])) ? trim($_POST['loginname']) : '';
$user_id = (isset($_POST['user_id'])) ? $_POST['user_id'] : '';
$first_name = (isset($_POST['first_name'])) ? trim($_POST['first_name']) : '';
$last_name = (isset($_POST['last_name'])) ? trim($_POST['last_name']) : '';
$password = (isset($_POST['password'])) ? trim($_POST['password']) : '';
$hide_private = (isset($_POST['hide_private'])) ? trim($_POST['hide_private']) : '';
$born_date = (isset($_POST['born_date'])) ? trim($_POST['born_date']) : '';
$adress = (isset($_POST['adress'])) ? trim($_POST['adress']) : '';
$city = (isset($_POST['city'])) ? trim($_POST['city']) : '';
$zip_code = (isset($_POST['zip_code'])) ? trim($_POST['zip_code']) : '';
$contry = (isset($_POST['contry'])) ? trim($_POST['contry']) : '';
$phone = (isset($_POST['phone'])) ? trim($_POST['phone']) : '';
$homepage = (isset($_POST['homepage'])) ? trim($_POST['homepage']) : '';
$pic = (isset($_POST['pic'])) ? trim($_POST['pic']) : '';
$work_name = (isset($_POST['work_name'])) ? trim($_POST['work_name']) : '';
$work_adress = (isset($_POST['work_adress'])) ? trim($_POST['work_adress']) : '';
$work_zip_code = (isset($_POST['work_zip_code'])) ? trim($_POST['work_zip_code']) : '';
$work_city = (isset($_POST['work_city'])) ? trim($_POST['work_city']) : '';
$work_phone = (isset($_POST['work_phone'])) ? trim($_POST['work_phone']) : '';
$work_homepage = (isset($_POST['work_homepage'])) ? trim($_POST['work_homepage']) : '';
// Sikre at email og password passer sammen og sikre at der ikke er nogen der prøver at manipulere medsiden
$query = 'SELECT email FROM site_user WHERE user_id = ' . (int)$user_id .
' AND email = "' . mysql_real_escape_string($_SESSION['loginname'], $db) .
'"';
if (empty($first_name)) {
$errors[] = 'Du mangler at indtaste dit fornavn.';
}
if (empty($last_name)) {
$errors[] = 'du mangler at indtaste dit efternavn.';
}
if (count($errors) > 0) {
echo '<p><strong style="color:#FF000;">Unable to update your ' .
'account information.</strong></p>';
echo '<p>Please fix the following:</p>';
echo '<ul>';
foreach ($errors as $error) {
echo '<li>' . $error . '</li>';
}
echo '</ul>';
} else {
// no error send information to database.
$query = 'UPDATE site_user SET
work = "' . mysql_real_escape_string($work, $db) . '",
private = "' . mysql_real_escape_string($private, $db) . '",
first_name = "' . mysql_real_escape_string($first_name, $db) . '",
last_name = "' . mysql_real_escape_string($last_name, $db) . '",
password = "' . mysql_real_escape_string($password, $db) . '",
hide_private = "' . mysql_real_escape_string($hide_private, $db) . '",
born_date = "' . mysql_real_escape_string($born_date, $db) . '",
adress = "' . mysql_real_escape_string($adress, $db) . '",
city = "' . mysql_real_escape_string($city, $db) . '",
zip_code = "' . mysql_real_escape_string($zip_code, $db) . '",
contry = "' . mysql_real_escape_string($contry, $db) . '",
phone = "' . mysql_real_escape_string($phone, $db) . '",
homepage = "' . mysql_real_escape_string($homepage, $db) . '",
pic = "' . mysql_real_escape_string($pic, $db) . '",
work_name = "' . mysql_real_escape_string($work_name, $db) . '",
work_adress = "' . mysql_real_escape_string($work_adress, $db) . '",
work_zip_code = "' . mysql_real_escape_string($work_zip_code, $db) . '",
work_city = "' . mysql_real_escape_string($work_city, $db) . '",
work_phone = "' . mysql_real_escape_string($work_phone, $db) . '",
work_homepage = "' . mysql_real_escape_string($work_homepage, $db) . '"
WHERE
email = "' . mysql_real_escape_string($_SESSION['loginname'], $db) . '"'; // user_id = "' . $user_id . '"';
mysql_query($query, $db) or die(mysql_error());
mysql_close($db);
?>
<html>
<head>
<title>Update user info</title>
</head>
<body>
<p><strong>The infomation is updated.</strong></p>
</body>
</html>
<?php
die();
}
} else {
$query = 'SELECT
user_id, email, work, private, first_name, last_name, hide_private, born_date, adress, city, zip_code, contry, phone, homepage, pic, work_name, work_adress, work_zip_code ,work_city, work_homepage
FROM
site_user
WHERE
email = "' . mysql_real_escape_string($_SESSION['loginname'], $db) . '"';
$result = mysql_query($query, $db) or die(mysql_error());
$row = mysql_fetch_assoc($result);
extract($row);
mysql_free_result($result);
mysql_close($db);
}
?>
<html>
<head>
<link rel="stylesheet" type="text/css" href="style.css">
<title>Update user info.</title>
<style type="text/css">
td { vertical-align: top; }
</style>
<script type="text/javascript">
window.onload = function() {
document.getElementById('cancel').onclick = goBack;
}
function goBack() {
history.go(-1);
}
</script>
</head>
<body>
<div>
<form action="update_user.php" method="post" enctype="multipart/form-data">
<center>
<table>
</center>
<tr>
<td width="220 px"></td>
<td width="320 px"></td>
</tr>
<tr>
<td></td>
<td>Work: <input type="checkbox" name="work"/> Private: <input type="checkbox" name="private"/></td>
</tr>
<tr>
<td>Firstname:</td>
<td><input type="text" id="first_name" name="first_name" value="<?php echo $first_name; ?>"/></td>
</tr>
<tr>
<td>Lastname:</td>
<td><input type="text" id="last_name" name="last_name" value="<?php echo $last_name; ?>"/></td>
</tr>
<tr>
<td>E-mail:</td>
<td><?php echo $_SESSION['loginname']; ?></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" id="password" name="password" value="<?php echo $password; ?>"/></td>
</tr>
<tr>
<td>Confirm password:</td>
<td><input type="password" id="confirm_password" name="confirm_password" value="<?php echo $confirm_password; ?>"/></td>
</tr>
<center>
</table>
<table>
<tr>
<td width="220 px"><h3>Private.</h3></td>
<td width="320 px"><input type="checkbox" name="hide_private"/> Dont show private infomation.</td>
</tr>
<tr>
<td>Date of born: <small>(dd-mm-yyyy)</small></td>
<td width="260 px"><input type="text" id="born" name="born" value="<?php echo $born_date; ?>"/></td>
</tr>
<tr>
<td>Adress:</td>
<td><input type="text" id="adress" name="adress" value="<?php echo $adress; ?>"/></td>
</tr>
<tr>
<td>Zip code:</td>
<td><input type="text" id="zip_code" name="zip_code" value="<?php echo $zip_code; ?>"/></td>
</tr>
<tr>
<td>City:</td>
<td><input type="text" id="city" name="city" value="<?php echo $city; ?>"/></td>
</tr>
<tr>
<td>Contry:</td>
<td><input type="text" id="contry" name="contry" value="<?php echo $contry; ?>"/></td>
</tr>
<tr>
<td>Phone:</td>
<td><input type="text" id="phone" name="phone" value="<?php echo $phone; ?>"/></td>
</tr>
<tr>
<td>Homepage:</td>
<td><input type="text" id="homepage" name="homepage" value="<?php echo $homepage; ?>"/></td>
</tr>
<tr>
<td>Image:</td>
<td><input type="hidden" name="MAX_FILE_SIZE" value="100000"><input name="pic" type="file"></td>
</tr>
</table>
<table>
<tr>
<td width="220 px">Work:</td>
<td width="320 px"></td>
</tr>
<tr>
<td>work name:</td>
<td><input type="text" id="work_name" name="work_name" value="<?php echo $work_name; ?>"/></td>
</tr>
<tr>
<td>Work adress:</td>
<td><input type="text" id="work_adress" name="work_adress" value="<?php echo $work_adress; ?>"/></td>
</tr>
<tr>
<td>Work zip code:</td>
<td><input type="text" id="work_zip_code" name="work_zip_code" value="<?php echo $work_zip_code; ?>"/></td>
</tr>
<tr>
<td>Work city:</td>
<td><input type="text" id="work_city" name="work_city" value="<?php echo $work_city; ?>"/></td>
</tr>
<tr>
<td>Work phone:</td>
<td><input type="text" id="work_phone" name="work_phone" value="<?php echo $work_phone; ?>"/></td>
</tr>
<tr>
<td>Work homepage:</td>
<td><input type="text" id="work_homepage" name="work_homepage" value="<?php echo $work_homepage; ?>"/></td>
</tr>
<tr>
<td></td>
<td><input type="submit" name="submit" id="submit" value="Update"></td>
</tr>
</table>
</center>
</form>
</div>
<a href="tindex.php">Tilbage</a>
</body>
</html>