jc2008 Posted May 10, 2008 Share Posted May 10, 2008 All, Im currently in the process of building a forum, now i have my administrative section which is all good, however im having masses of difficulty updating my users information. I manage to open my page called, edit_user.php which displays all of the selected users information , however when i submit the new data to update_user.php it never updates... but echos "The user has been edited" If you could help i would be grateful been stuck on this for hours now edit_user.php <?php session_start(); include "../global.php"; ?> <html> <head> <title>FEEDBK | Edit User</title> <link rel="stylesheet" type="text/css" href="../style.css"> <script language="Javascript"> function confirmLogout(){ var agree = confirm("Are you sure you wish to logout?"); if(agree){ return true; }else { return false; } } </script> </head> <body> <center> <div id="holder"> <div id="userInfo"> <?php if ($_SESSION['uid']) { $sql = "SELECT * FROM `fb_users` WHERE `id`='" . $_SESSION[uid] . "'"; $res = mysql_query($sql) or die(mysql_error()); if (mysql_num_rows($res) == 0) { session_destroy(); echo "Please <a href=\"./login.php\">Login</a> to your account, or <a href=\"./register.php\">Register</a> a new account!\n"; } else { $row = mysql_fetch_assoc($res); echo "Welcome back, <a href=\"./index.php?=act=profile&id=" . $row['id'] . "\">" . $row['username'] . "</a>! <a href=\"./logout.php\" onClick=\"return confirmLogout()\">| Logout</a>\n"; //Checks Administrator Status echo "<br>\n"; echo "<a href=\"./index.php\">Forum Index</a>\n"; if ($row['admin'] == '1') { echo " | <a href=\"../admin.php\">Administrative Section</a>\n"; } } } else { echo "Please <a href=\"../login.php\">Login</a> to your account, or <a href=\"../register.php\">Register</a> a new account!\n"; } ?> </div> <div id="content"> <?php if ($_SESSION['uid']) { $sql3 = "SELECT admin FROM `fb_users` WHERE `id`='" . $_SESSION['uid'] . "'"; $res3 = mysql_query($sql3) or die(mysql_error()); if (mysql_num_rows($res) == 0) { echo "You are not correctly logged in\n"; } else { $row2 = mysql_fetch_assoc($res3); if ($row2['admin'] != 1) { echo "You are not permitted to this area!\n"; } else { $act = $_GET['act']; $acts = array('create_cat', 'create_subcat', 'edit_forum_cats', 'edit_forum_subcat', 'manage_users'); $actions = array('create_cat' => 'Create Forum Category', 'create_subcat' => 'Create Forum Sub Category', 'edit_forum_cats' => 'Edit Forum Category', 'edit_forum_subcat' => 'Edit Forum Sub Category', 'manage_users' => 'Manage Users'); $x = 1; $c = count($actions); foreach ($actions as $url => $link) { $bull = ($x == $c) ? "" : " • "; echo "<a href=\"../admin.php?act=" . $url . "\">" . $link . "</a>" . $bull . "\n"; $x++; } if($_SESSION['uid']){ $id = $_GET['id']; $sql20 = "SELECT username, name, surname, email, password, admin FROM fb_users WHERE id=$id"; $res20 = mysql_query($sql20) or die(mysql_error()); while ($row = mysql_fetch_array($res20)) { if (mysql_num_rows($res20) == 1) { echo "<form method=\"post\" action=\"update_user.php\" id=\"user_update\" name=\"user_update\">"; echo "<p>"; echo "<label for=\"username\">Username:</label><input type=\"text\" disabled=\"disabled\" name=\"username\" id=\"username\" value=" . $row['username'] . ">"; echo "</p>"; echo "<p>"; echo "<label for=\"name\">First Name:</label><input type=\"text\" name=\"name\" id=\"name\" value=" . $row['name'] . ">"; echo "</p>"; echo "<p>"; echo "<label for=\"surname\">Surname:</label><input type=\"text\" name=\"surname\" id=\"surname\" value=" . $row['surname'] . ">"; echo "</p>"; echo "<p>"; echo "<label for=\"email\">E-mail:</label><input type=\"text\" name=\"email\" id=\"email\" value=" . $row['email'] . ">"; echo "</p>"; echo "<p>"; echo "<label for=\"password\">Password:</label><input type=\"password\" name=\"password\" id=\"password\" onKeyUp=\"passwordStrength(this.value)\" value=" . $row['password'] . ">"; echo "</p>"; echo "<p>"; echo "<label for=\"passconf\">Confirm Password:</label><input type=\"password\" name=\"passconf\" id=\"passconf\" value=" . $row['password'] . ">"; echo "</p>"; echo "<p>"; echo "<label for=\"passwordStrength\">Password Strength</label>"; echo "<div id=\"passwordDescription\">Password not entered</div>"; echo "<div id=\"passwordStrength\" class=\"strength0\"></div>"; echo "</p>"; echo "<p>"; echo "<input type=\"submit\" name=\"submit\" id=\"submit\" value=\"Update\">\n"; echo "</p>"; echo "</form>"; } } } } } } ?> </div> </div> </center> </body> </html> update_user <?php session_start(); include "../global.php"; include_once "../functions.php"; connect(); if($_SESSION['uid']){ $id = $_POST['id']; $username = $_POST['username']; $name = $_POST['name']; $surname = $_POST['surname']; $email = $_POST['email']; // $sql = "UPDATE fb_users SET `name` = ".$name.", `surname` = ".$surname.", `email` = ".$email.", `password` = ".$password." WHERE `id`='$id' LIMIT 1"; $sql99 = "UPDATE fb_users SET name='$name', surname='$surname', email='$email' WHERE `id`='".$id."' LIMIT 1"; $res99 = mysql_query($sql99) or die(mysql_error()); //if (mysql_num_rows($res) == 1) { echo "The user has been edited"; }else { // If it did not run OK. echo "The user could not be edited due to a system error. We apologize for any inconvenience."; } ?> Quote Link to comment Share on other sites More sharing options...
jc2008 Posted May 11, 2008 Author Share Posted May 11, 2008 could anyone help? Quote Link to comment Share on other sites More sharing options...
GingerRobot Posted May 11, 2008 Share Posted May 11, 2008 As far as I can see, $_POST['id'] isn't set by your form, so your update statement wont find any rows to match. Quote Link to comment Share on other sites More sharing options...
psychowolvesbane Posted May 11, 2008 Share Posted May 11, 2008 So what you can do is place userId into a hidden field within the form to send that information through the POST. P.S. You don't need to use concatenation with this: WHERE `id`='".$id."', WHERE `id`='$id' would be just fine unless you planned to add some non-variable onto the Id. Quote Link to comment Share on other sites More sharing options...
jc2008 Posted May 11, 2008 Author Share Posted May 11, 2008 Still wont work , i am now posting the 'id' aswell as you can see here... <?php session_start(); include "../global.php"; ?> <html> <head> <title>FEEDBK | Edit User</title> <link rel="stylesheet" type="text/css" href="../style.css"> <script language="Javascript"> function confirmLogout(){ var agree = confirm("Are you sure you wish to logout?"); if(agree){ return true; }else { return false; } } </script> </head> <body> <center> <div id="holder"> <div id="userInfo"> <?php if ($_SESSION['uid']) { $sql = "SELECT * FROM `fb_users` WHERE `id`='" . $_SESSION[uid] . "'"; $res = mysql_query($sql) or die(mysql_error()); if (mysql_num_rows($res) == 0) { session_destroy(); echo "Please <a href=\"./login.php\">Login</a> to your account, or <a href=\"./register.php\">Register</a> a new account!\n"; } else { $row = mysql_fetch_assoc($res); echo "Welcome back, <a href=\"./index.php?=act=profile&id=" . $row['id'] . "\">" . $row['username'] . "</a>! <a href=\"./logout.php\" onClick=\"return confirmLogout()\">| Logout</a>\n"; //Checks Administrator Status echo "<br>\n"; echo "<a href=\"./index.php\">Forum Index</a>\n"; if ($row['admin'] == '1') { echo " | <a href=\"../admin.php\">Administrative Section</a>\n"; } } } else { echo "Please <a href=\"../login.php\">Login</a> to your account, or <a href=\"../register.php\">Register</a> a new account!\n"; } ?> </div> <div id="content"> <?php if ($_SESSION['uid']) { $sql3 = "SELECT admin FROM `fb_users` WHERE `id`='" . $_SESSION['uid'] . "'"; $res3 = mysql_query($sql3) or die(mysql_error()); if (mysql_num_rows($res) == 0) { echo "You are not correctly logged in\n"; } else { $row2 = mysql_fetch_assoc($res3); if ($row2['admin'] != 1) { echo "You are not permitted to this area!\n"; } else { $act = $_GET['act']; $acts = array('create_cat', 'create_subcat', 'edit_forum_cats', 'edit_forum_subcat', 'manage_users'); $actions = array('create_cat' => 'Create Forum Category', 'create_subcat' => 'Create Forum Sub Category', 'edit_forum_cats' => 'Edit Forum Category', 'edit_forum_subcat' => 'Edit Forum Sub Category', 'manage_users' => 'Manage Users'); $x = 1; $c = count($actions); foreach ($actions as $url => $link) { $bull = ($x == $c) ? "" : " • "; echo "<a href=\"../admin.php?act=" . $url . "\">" . $link . "</a>" . $bull . "\n"; $x++; } if($_SESSION['uid']){ $id = $_GET['id']; $sql20 = "SELECT id, username, name, surname, email, password, admin FROM fb_users WHERE id=$id"; $res20 = mysql_query($sql20) or die(mysql_error()); while ($row = mysql_fetch_array($res20)) { if (mysql_num_rows($res20) == 1) { echo "<form method=\"post\" action=\"update_user.php\" id=\"user_update\" name=\"user_update\">"; echo "<p>"; echo "<label for=\"id\">ID:</label><input type=\"text\" disabled=\"disabled\" name=\"id\" id=\"id\" value=" . $row['id'] . ">"; echo "</p>"; echo "<p>"; echo "<label for=\"username\">Username:</label><input type=\"text\" disabled=\"disabled\" name=\"username\" id=\"username\" value=" . $row['username'] . ">"; echo "</p>"; echo "<p>"; echo "<label for=\"name\">First Name:</label><input type=\"text\" name=\"name\" id=\"name\" value=" . $row['name'] . ">"; echo "</p>"; echo "<p>"; echo "<label for=\"surname\">Surname:</label><input type=\"text\" name=\"surname\" id=\"surname\" value=" . $row['surname'] . ">"; echo "</p>"; echo "<p>"; echo "<label for=\"email\">E-mail:</label><input type=\"text\" name=\"email\" id=\"email\" value=" . $row['email'] . ">"; echo "</p>"; echo "<p>"; echo "<label for=\"password\">Password:</label><input type=\"password\" name=\"password\" id=\"password\" onKeyUp=\"passwordStrength(this.value)\" value=" . $row['password'] . ">"; echo "</p>"; echo "<p>"; echo "<label for=\"passconf\">Confirm Password:</label><input type=\"password\" name=\"passconf\" id=\"passconf\" value=" . $row['password'] . ">"; echo "</p>"; echo "<p>"; echo "<label for=\"passwordStrength\">Password Strength</label>"; echo "<div id=\"passwordDescription\">Password not entered</div>"; echo "<div id=\"passwordStrength\" class=\"strength0\"></div>"; echo "</p>"; echo "<p>"; echo "<input type=\"submit\" name=\"submit\" id=\"submit\" value=\"Update\">\n"; echo "</p>"; echo "</form>"; } } } } } } ?> </div> </div> </center> </body> </html> and have adjusted the SQL statement so theres no concat <?php session_start(); include "../global.php"; if($_SESSION['uid']){ $id = $_POST['id']; $username = $_POST['username']; $name = $_POST['name']; $surname = $_POST['surname']; $email = $_POST['email']; $sql99 = "UPDATE fb_users SET name='$name', surname='$surname', email='$email' WHERE `id`='$id' LIMIT 1"; $res99 = mysql_query($sql99) or die(mysql_error()); if (mysql_num_rows($res99) == 1) { echo "The user has been edited"; }else { // If it did not run OK. echo "The user could not be edited due to a system error. We apologize for any inconvenience."; } } ?> It runs straight through no errors are reported and just echo's the user has been edited, however when i check back the user credentials are still the same. Quote Link to comment Share on other sites More sharing options...
jc2008 Posted May 11, 2008 Author Share Posted May 11, 2008 I removed the if (mysql_num_rows($res99) == 1) and changed the POSTS to REQUESTS but still no joy really is bugging me now...... <?php session_start(); include "../global.php"; if($_SESSION['uid']){ $id = $_REQUEST['id']; $username = $_REQUEST['username']; $name = $_REQUEST['name']; $surname = $_REQUEST['surname']; $email = $_REQUEST['email']; $sql99 = "UPDATE fb_users SET name='$name', surname='$surname', email='$email' WHERE `id`='$id' LIMIT 1"; $res99 = mysql_query($sql99) or die(mysql_error()); echo "The user has been edited"; }else { // If it did not run OK. echo "The user could not be edited due to a system error. We apologize for any inconvenience."; } ?> [code] [/code] Quote Link to comment Share on other sites More sharing options...
GingerRobot Posted May 11, 2008 Share Posted May 11, 2008 Try echoing the query in question. Check exactly what is being executed. Quote Link to comment Share on other sites More sharing options...
jc2008 Posted May 11, 2008 Author Share Posted May 11, 2008 Hi, I tried this and it has helped in a way , and it seems to be unable to carry the 'id' field . It does exist in the MySQL table and works perfectly well when the form collects the editable data. The actual SQL statement is below followed by what it echoed out. - $sql99 = "UPDATE fb_users SET name='$name', surname='$surname', email='$email' WHERE id='$id' LIMIT 1"; The user has been edited 'UPDATE fb_users SET name='Nil', surname='Patel', email='xxxxxx@hotmail.com' WHERE id='' LIMIT 1' Any ideas? Quote Link to comment Share on other sites More sharing options...
jc2008 Posted May 11, 2008 Author Share Posted May 11, 2008 Any idea why the ID value is not being passed across? Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted May 11, 2008 Share Posted May 11, 2008 is it set in the form? Quote Link to comment Share on other sites More sharing options...
jc2008 Posted May 11, 2008 Author Share Posted May 11, 2008 yeh thats the thing that is really bugging me... . :'( Quote Link to comment Share on other sites More sharing options...
psychowolvesbane Posted May 11, 2008 Share Posted May 11, 2008 I just noticed something when browsing through you're form coding, on each form input you didn't use value=\"\" even when you paused the echo to place the php variable in, so you must have forgotten that. Although it still seems to post the other info fine except for the id, but give it a shot at least, plus this is how you're form inputs should look like anyway so I'd recommend keeping it. <?php echo "<form method=\"post\" action=\"update_user.php\" id=\"user_update\" name=\"user_update\">"; echo "<p>"; echo "<label for=\"id\">ID:</label><input type=\"text\" disabled=\"disabled\" name=\"id\" id=\"id\" value=\"" . $row['id'] . "\">"; echo "</p>"; echo "<p>"; echo "<label for=\"username\">Username:</label><input type=\"text\" disabled=\"disabled\" name=\"username\" id=\"username\" value=\"" . $row['username'] . "\">"; echo "</p>"; echo "<p>"; echo "<label for=\"name\">First Name:</label><input type=\"text\" name=\"name\" id=\"name\" value=\"" . $row['name'] . "\">"; echo "</p>"; echo "<p>"; echo "<label for=\"surname\">Surname:</label><input type=\"text\" name=\"surname\" id=\"surname\" value=\"" . $row['surname'] . "\">"; echo "</p>"; echo "<p>"; echo "<label for=\"email\">E-mail:</label><input type=\"text\" name=\"email\" id=\"email\" value=\"" . $row['email'] . "\">"; echo "</p>"; echo "<p>"; echo "<label for=\"password\">Password:</label><input type=\"password\" name=\"password\" id=\"password\" onKeyUp=\"passwordStrength(this.value)\" value=\"" . $row['password'] . "\">"; echo "</p>"; echo "<p>"; echo "<label for=\"passconf\">Confirm Password:</label><input type=\"password\" name=\"passconf\" id=\"passconf\" value=\"" . $row['password'] . "\">"; echo "</p>"; echo "<p>"; echo "<label for=\"passwordStrength\">Password Strength</label>"; echo "<div id=\"passwordDescription\">Password not entered</div>"; echo "<div id=\"passwordStrength\" class=\"strength0\"></div>"; echo "</p>"; echo "<p>"; echo "<input type=\"submit\" name=\"submit\" id=\"submit\" value=\"Update\">\n"; echo "</p>"; echo "</form>"; ?> Quote Link to comment Share on other sites More sharing options...
Lukeidiot Posted May 12, 2008 Share Posted May 12, 2008 Hi, I tried this and it has helped in a way , and it seems to be unable to carry the 'id' field . It does exist in the MySQL table and works perfectly well when the form collects the editable data. The actual SQL statement is below followed by what it echoed out. - $sql99 = "UPDATE fb_users SET name='$name', surname='$surname', email='$email' WHERE id='$id' LIMIT 1"; The user has been edited 'UPDATE fb_users SET name='Nil', surname='Patel', email='xxxxxx@hotmail.com' WHERE id='' LIMIT 1' Any ideas? I'm also working on an adminpane/edit user script for my member's system. http://lockpick.lukeidiot.com/?go=adminpanel I have had the problem of not getting the values in the right order like: "UPDATE fb_users SET name='$name', surname='$surname', email='$email' WHERE id='$id' LIMIT 1"; Should be: "UPDATE fb_users SET surname='$surname', name='$name', email='$email' WHERE id='$id' LIMIT 1"; Give me a hit on aim or msn.. AIM: Lukeidiots MSN: Lukeidiot@gmail.com Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.