Jump to content

Trying to veiw other members

farban

By farban
in PHP Coding Help

 Share

Recommended Posts

farban Member

farban

Posted
Posted

Got a userlists.php script that paginates all the users of a site. When clicking on view profile on a user it will direct to a veiwprofile.php which will display all the info of that user. I cant explain very well in detail but i want it so that the url represents the user id so that the veiwprofile.php page is dynamic and it will show the user that was selected from the userlist.php page.

 

i have this so far but when i click on view profile all i get is a blank page

userlist.php

 

 <tr><td><a href='viewprofile.php?='".$id."'>View Profile</a></tr></td>

 

viewprofile.php

 

<?php
session_start();

if (!isset($_SESSION['user_id'])) {


	$url = absolute_url();
	header("Location: $url");

	exit();



}

include("includes/start.php");
require_once("includes/_connect.inc.php");


if (isset($_GET['user_id'])) {	

 $q = " SELECT 
   
   user.user_first_name,
   user.user_surname,
   user.user_photo,
   user.user_age,
   user.user_sex,
   user.user_city,
   user.user_home_phone,
   user.user_mobile_phone,
   user.user_profession,
   user.user_specialist_area,
   user.user_email,
   user.user_password,
   user.user_username


FROM


user

WHERE user.user_id= '".$_GET['user_id']."'";

$result = @mysqli_query($dbc, $q);

if ($result) {



	while ($row =mysqli_fetch_array($result, MYSQLI_ASSOC)) {

	 echo "<table class='pictable'>


  <tr>
  <td><img src='images/".$row[user_photo]."' width='100%' height='100%'></img></td>  </tr></table>
  <table class='profiletable'>
	   <tr><td>First Name</td> <td>".$row[user_first_name]."</td>  </tr>
	  <tr><td>Surname</td> <td>".$row[user_surname]."</td></tr>
	 <tr><td>Age</td> <td>".$row[user_age]."</td></tr>
	  <tr><td>Email</td> <td>".$row[user_email]."</td></tr>
	  <tr><td>Sex</td> <td>".$row[user_sex]."</td></tr>
	    <tr><td>City</td><td>".$row[user_city]."</td></tr>
	  <tr><td>Home Phone</td> <td>".$row[user_home_phone]."</td></tr>
	  <tr><td>Mobile Phone</td> <td>".$row[user_mobile_phone]."</td></tr>
	  <tr><td>Profession</td> <td>".$row[user_profession]."</td></tr>
	  <tr><td>Specialist area</td> <td>".$row[user_specialist_area]."</td></tr>


	  </table>";
	  
	  }
	  if (isset($_SESSION ['user_id']))  {
	  	echo "<div class='usereditprofile'><a href='editprofile.php'>Edit Profile</a></div>";
	  }


	  
	  mysqli_free_result($result);
	  
	  }
}
	  
	  











include("includes/footer.php");
?>

 

 

Link to comment
https://forums.phpfreaks.com/topic/149851-trying-to-veiw-other-members/
Share on other sites
WolfRage Newbie

WolfRage

Posted
Posted

1st this won't work:

<tr><td><a href='viewprofile.php?='".$id."'>View Profile</a></tr></td>

Should be.

<tr><td><a href='viewprofile.php?=<?php echo $id; ?>' >View Profile</a></tr></td>

you need to break into php and then back out.

 

Also you should be screening your incoming variables like $_GET for sql injection, least they sabotage you and delete your database.

farban Member

farban

Posted
  • Author
Posted

ill post up the code for the userlist.php

 

<?php
session_start();

if (!isset($_SESSION['user_id'])) {


	$url = absolute_url();
	header("Location: $url");

	exit();



}

include("includes/start.php");
require_once("includes/_connect.inc.php");

echo "<h1>The user list</h1><p>Listing the members of the site</p>";
$id = $_GET['user_id'];
$display= 2;

if (isset($_GET['p']) && is_numeric($_GET['p'])) {


	$pages = $_GET['p'];

}

else	{

	$q = " SELECT COUNT(user_id) FROM user";

	$result = @mysqli_query($dbc, $q);

	$row = mysqli_fetch_array($result, MYSQLI_NUM);

	$records = $row [0];


	if ($records > $display) {

		$pages = ceil ($records/$display);

	}

	else  {

		$pages= 2;

	}

}

if (isset($_GET['s']) && is_numeric ($_GET['s'])) {

	$start =$_GET['s'];

} 	else {

$start =0;

}

 $q = " SELECT 
   
   user.user_first_name,
   user.user_surname,
   user.user_photo,
   user.user_age,
   user.user_sex,
   user.user_city,
   user.user_home_phone,
   user.user_mobile_phone,
   user.user_profession,
   user.user_specialist_area,
   user.user_email,
   user.user_password,
   user.user_username

   FROM
   user
   ORDER BY 
   user.user_id
  ASC LIMIT $start, $display";
  
  $result = @mysqli_query($dbc, $q)or die("Error: ".mysqli_error($dbc));

  while ($row =mysqli_fetch_array($result, MYSQLI_ASSOC)) {



	 echo "<div class='userlist'><table class='pictable'>


  <tr>
  <td><img src='images/".$row[user_photo]."' width='100%' height='100%'></img></td>  </tr></table>
  <table class='profiletable'>
	   <tr><td>First Name</td> <td>".$row[user_first_name]."</td>  </tr>
	  <tr><td>Surname</td> <td>".$row[user_surname]."</td></tr>
	 <tr><td>Age</td> <td>".$row[user_age]."</td></tr>
	  <tr><td>Email</td> <td>".$row[user_email]."</td></tr>
	  <tr><td>Sex</td> <td>".$row[user_sex]."</td></tr>
	    <tr><td>City</td><td>".$row[user_city]."</td></tr>
	  <tr><td>Home Phone</td> <td>".$row[user_home_phone]."</td></tr>
	  <tr><td>Mobile Phone</td> <td>".$row[user_mobile_phone]."</td></tr>
	  <tr><td>Profession</td> <td>".$row[user_profession]."</td></tr>
	  <tr><td>Specialist area</td> <td>".$row[user_specialist_area]."</td></tr>
	  <tr><td><a href='viewprofile.php?='".$id."'>View Profile</a></tr></td>
</table></div>";
	  
	  }

	  mysqli_free_result($result);
	  mysqli_close($dbc);
	  
	  if ($pages > 1) {
		  
		  echo'<div class="userlinklist"><p>';
		  
		  $current_page =($start/$display) +1;
		  
		  if ($current_page !=1) {
			  
			  echo '<a href="userlist.php?s='.($start - $display).'&p='.$pages.'">Previous</a>';
			  
		  }
		  
		  
		  for ($i =1; $i <= $pages; $i++) {
			  if ($i !=$current_page) {
				  
				  echo ',<a href="userlist.php?s='.(($display * ($i -1))).'&p='.$pages.'">'.$i.'</a>,';

			  }
			  
			  else {  
				  
				  echo $i.'';
				  
			  }
		  }
		  
		  
		  if ($current_page !=$pages) {
			  
			  echo '<a href="userlist.php?s='.($start + $display).'&p'.$pages.'">Next</a>';
			  
			  
		  }
		  
		  echo '</p></div>';
		  
	  }
	  
	  include("includes/footer.php"); ?>

samshel Member

samshel

Posted
Posted 

<tr><td><a href='viewprofile.php?='".$id."'>View Profile</a></tr></td>

 

change this to

 

<tr><td><a href='viewprofile.php?user_id='".$row[user_id]."''>View Profile</a></tr></td>

 

in viewprofile.php

if (isset($_SESSION ['user_id']))  {
  echo "<div class='usereditprofile'><a href='editprofile.php'>Edit Profile</a></div>";
}

 

this will allow the user to edit any profile, he should have access to edit only his own profile..

 

if (isset($_SESSION ['user_id']) && ($_SESSION ['user_id'] == $_GET['user_id']))  {
  echo "<div class='usereditprofile'><a href='editprofile.php'>Edit Profile</a></div>";
}

 

 

farban Member

farban

Posted
  • Author
Posted

I have done the changes and it seems to be navigating to the correct id numbers which is great but nothting appears on the viewprofile.php page. arghh so close !!

 

viewprofile.php

 

<?php
session_start();

   if (!isset($_SESSION['user_id'])) {
      
      
      $url = absolute_url();
      header("Location: $url");
      
      exit();
      
      
      
   }
   
   include("includes/start.php");
   require_once("includes/_connect.inc.php");
   
   
   if (isset($_GET['user_id'])) {   
    
    $q = " SELECT 
   
   user.user_first_name,
   user.user_surname,
   user.user_photo,
   user.user_age,
   user.user_sex,
   user.user_city,
   user.user_home_phone,
   user.user_mobile_phone,
   user.user_profession,
   user.user_specialist_area,
   user.user_email,
   user.user_password,
   user.user_username

   
FROM


user

WHERE user.user_id= '".$_GET['user_id']."'";

$result = @mysqli_query($dbc, $q);

if ($result) {


      
      while ($row =mysqli_fetch_array($result, MYSQLI_ASSOC)) {
      
       echo "<table class='pictable'>


     <tr>
     <td><img src='images/".$row[user_photo]."' width='100%' height='100%'></img></td>  </tr></table>
     <table class='profiletable'>
         <tr><td>First Name</td> <td>".$row[user_first_name]."</td>  </tr>
        <tr><td>Surname</td> <td>".$row[user_surname]."</td></tr>
       <tr><td>Age</td> <td>".$row[user_age]."</td></tr>
        <tr><td>Email</td> <td>".$row[user_email]."</td></tr>
        <tr><td>Sex</td> <td>".$row[user_sex]."</td></tr>
          <tr><td>City</td><td>".$row[user_city]."</td></tr>
        <tr><td>Home Phone</td> <td>".$row[user_home_phone]."</td></tr>
        <tr><td>Mobile Phone</td> <td>".$row[user_mobile_phone]."</td></tr>
        <tr><td>Profession</td> <td>".$row[user_profession]."</td></tr>
        <tr><td>Specialist area</td> <td>".$row[user_specialist_area]."</td></tr>
      
      
        </table>";
        
        }
        if (isset($_SESSION ['user_id']) && ($_SESSION ['user_id'] == $_GET['user_id']))  {
  echo "<div class='usereditprofile'><a href='editprofile.php'>Edit Profile</a></div>";
}

      
        
        mysqli_free_result($result);
        
        }
   }
        
        
      
      
      







   
   include("includes/footer.php");
?>

farban Member

farban

Posted
  • Author
Posted

doing something like this in viewprofile.php works fine cause its static

 

    $q = " SELECT 
   
   user.user_first_name,
   user.user_surname,
   user.user_photo,
   user.user_age,
   user.user_sex,
   user.user_city,
   user.user_home_phone,
   user.user_mobile_phone,
   user.user_profession,
   user.user_specialist_area,
   user.user_email,
   user.user_password,
   user.user_username

   
FROM


user

WHERE user.user_id=3";

 

but i need it to be dynamic to represent the user that has been selected

 

    $q = " SELECT 
   
   user.user_first_name,
   user.user_surname,
   user.user_photo,
   user.user_age,
   user.user_sex,
   user.user_city,
   user.user_home_phone,
   user.user_mobile_phone,
   user.user_profession,
   user.user_specialist_area,
   user.user_email,
   user.user_password,
   user.user_username

   
FROM


user

WHERE user.user_id='".$_GET['user_id']."'";

 

this code dosent work. really need some help soo close to fixing this

Silverado_NL Newbie

Silverado_NL

Posted
Posted

try turning error reporting on by adding this code to the top of the page

ini_set('error_reporting', E_ALL); 			
ini_set('display_errors', TRUE);

 

and when doing the actual query you have error supressing by the @ sign

 

$result = @mysqli_query($dbc, $q);

should be this, to show what the query error is.

$result = 2mysqli_query($dbc, $q);

 

echoing the actual query that need to be run also helps to see if its working

 

farban Member

farban

Posted
  • Author
Posted

aha it says that

 

 

Notice: Undefined index: user_id in C:\xampp\htdocs\testsite\community\viewprofile.php on line 44

 

Notice: Undefined index: user_id in C:\xampp\htdocs\testsite\community\viewprofile.php on line 75

 

for viewprofile.php

 

any help please?

Silverado_NL Newbie

Silverado_NL

Posted
Posted

should be this, to show what the query error is.

$result = 2mysqli_query($dbc, $q);

ofcourse this is not right,i have made a typo here

$result = mysqli_query($dbc, $q);

 

 

Notice: Undefined index: user_id in C:\xampp\htdocs\testsite\community\viewprofile.php on line 44

means the the user_id index from the $_GET variable is not defined.

in other words your not linking to the page as you should.

for example http://website.com/viewprofile.php?user_id=5 url will define the user_id $_GET variable in your script with number 5

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.