Updating a SQL database

[Andrew R]

I want to update the SQL database on a user account. The page is protected by sessions which you can see at the top of the scripts below.

The problem I am having is that the echoes are not displaying in the forms and that the database doesn’t update itself once the form have been submited.

editprofile.php
[!--sizeo:1--][span style=\"font-size:8pt;line-height:100%\"][!--/sizeo--][code]<?
session_start();
include 'session_checker.php';
session_checker();
include 'db.php';
echo "<p> </p>";
echo "<strong><center>Change ". $_SESSION['username']."'s information. <br /><br  /></strong></center>";
$name = $_SESSION['username'];

$sql = "SELECT * FROM user_profile WHERE username = '$username'";

$result = mysql_query($sql);

$email_address = $user_array['email_address'];
$username = $user_array['username'];
$password = $user_array['password'];


mysql_close($connection);

?>


<html>
<head><title>Edit Profile</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
<!--
table{font-family: Verdana; color: #cc9933}
-->
</style>
</head>
<body>
<form name="form2" method="post" action="profile_process.php"><br>
  <table width="50%"border="0" cellpadding="1" cellspacing="0" align="center" style="font-family: Verdana; font-size: 12pt; color: #cc9933">
    <tr>
      <td width="100%" colspan="2">
<center>
          <font color="#000000">Edit Profile</font>
</center></td>
   </tr>
</table>
  <table width="498"border="0" cellpadding="1" cellspacing="0" align="center" style="font-family: Verdana; font-size: 10pt; color: #cc9933">
    <!--DWLayoutTable-->
    <tr>
      <td width="189" align="left" valign="top"> </td>
      <td width="301" ><input name="name" type="hidden" id="name2" value="<? echo "$username";?>"></td>
      <td width="2"></td>
    </tr>
    <tr>
      <td align="left" valign="top"><font color="#000000">Email Address</font></td>
      <td ><input name="email_address" type="text" id="email_address" value="<? echo "$Email";?>"></td>
      <td></td>
    </tr>
    <tr>
      <td height="24" align="left" valign="top"><font color="#000000">Username</font></td>
      <td valign="top"><input name="username" type="text" id="username" value="<? echo "$username";?>"></td>
      <td></td>
    </tr>
    <tr>
      <td height="24" align="left" valign="top"><font color="#000000">Password</font></td>
      <td valign="top"><input name="password" type="text" id="password" value="<? echo "$password";?>"></td>
      <td></td>
    </tr>
    <tr>
      <td height="26" colspan="2" align="center" valign="top"><input type="submit" name="Submit" value="Submit       Changes"></td>
      <td></td>
    </tr>
  </table>
</form>
</body>
</html>[/code][!--sizec--][/span][!--/sizec--]

Once the above form is submitted it goes to profile_process.php where the new information is entered into the database. The problem is the information is not being updated.

[!--sizeo:1--][span style=\"font-size:8pt;line-height:100%\"][!--/sizeo--][code]<?
session_start();
header("Cache_control: private");

include 'db.php';


// Define post fields into simple variables
$username = $_POST['username'];
$Email = $_POST['Email'];
$username = $_POST['username'];
$password = $_POST['password'];


/* Strip slashes. */

$username = stripslashes($name);
$Email = stripslashes($Email);
$username = stripslashes($username);
$password = stripslashes($password);


    
// Enter info into the Database.

mysql_query("UPDATE user_profile SET Email = '$Email', username = '$username', password = '$password' WHERE username = '$username'");

mysql_close($connection);

echo '<center><font color="red">Your information has been updated.</center></font>';
?>[/code][!--sizec--][/span][!--/sizec--]

The fields in the table "user_profile" are "Email", "password" and "username", these are the fields I want to update.

I have tried just about everything in trying to get this working. The problem may be because of the sessions used at the top of the script?

Any suggestions and help would be much appreicated.

[AndyB]

When things go awry, it's always best to be able to see the actual query (which might NOT be what you're expecting) and to have sensible error checking in place. Change:
[code]mysql_query("UPDATE user_profile SET Email = '$Email', username = '$username', password = '$password' WHERE username = '$username'");[/code]

to this (in profile_process.php), then save it, upload it, and try again. If what you see doesn't make the problem self-evident, tell us what you see:
[code]$query = "UPDATE user_profile SET Email = '$Email', username = '$username', password = '$password' WHERE username = '$username'";
$result = mysql_query($query) or die("Error: ". mysql_error(). "<br>Query: ". $query);[/code]

BTW, I can't see where username is actually obtained in your code as $user_array never seems to be defined.