Jump to content

Archived

This topic is now archived and is closed to further replies.

vund0

Change Profile Page

Recommended Posts

I am having some problems with the changeprofileparse.php page.  When a user submits their changes and lets say they changed just their firstname, for some reason it comes back saying:


Change Profile Results


The following items have been updated in your profile:



First Name
Last Name
Address 1
Address 2
City
State
Zipcode
Country
Homephone
Email
Company
Username


changeprofileparse:
[code]<?php
if ($_POST['firstname'] != "") {
    $firstname = htmlspecialchars($_POST['firstname']);
    mysql_query("UPDATE users SET firstname='$firstname' WHERE username='$username'") or die (mysql_error());
    $_SESSION['firstname'] = $firstname;
    $cfirstname = "<li>First Name</li>";
}
if ($_POST['lastname'] != "") {
    $lastname = htmlspecialchars($_POST['lastname']);
    mysql_query("UPDATE users SET lastname='$lastname' WHERE username='$username'") or die (mysql_error());
    $_SESSION['lastname'] = $lastname;
    $clastname = "<li>Last Name</li>";
}
if ($_POST['address1'] != "") {
    $address1 = htmlspecialchars($_POST['address1']);
    mysql_query("UPDATE users SET address1='$address1' WHERE username='$username'") or die (mysql_error());
    $_SESSION['address1'] = $address1;
    $caddress1 = "<li>Address 1</li>";
}
if ($_POST['address2'] != "") {
    $address2 = htmlspecialchars($_POST['address2']);
    mysql_query("UPDATE users SET address2='$address2' WHERE username='$username'") or die (mysql_error());
    $_SESSION['address2'] = $address2;
    $caddress2 = "<li>Address 2</li>";
}
if ($_POST['city'] != "") {
    $city = htmlspecialchars($_POST['city']);
    mysql_query("UPDATE users SET city='$city' WHERE username='$username'") or die (mysql_error());
    $_SESSION['city'] = $city;
    $ccity = "<li>City</li>";
}
if ($_POST['state'] != "") {
    $state = htmlspecialchars($_POST['state']);
    mysql_query("UPDATE users SET state='$state' WHERE username='$username'") or die (mysql_error());
    $_SESSION['state'] = $state;
    $cstate = "<li>State</li>";
}
if ($_POST['zipcode'] != "") {
    $zipcode = htmlspecialchars($_POST['zipcode']);
    mysql_query("UPDATE users SET zipcode='$zipcode' WHERE username='$username'") or die (mysql_error());
    $_SESSION['zipcode'] = $zipcode;
    $czipcode = "<li>Zipcode</li>";
}
if ($_POST['country'] != "") {
    $country = htmlspecialchars($_POST['country']);
    mysql_query("UPDATE users SET country='$country' WHERE username='$username'") or die (mysql_error());
    $_SESSION['country'] = $country;
    $ccountry = "<li>Country</li>";
}
if ($_POST['homephone'] != "") {
    $homephone = htmlspecialchars($_POST['homephone']);
    mysql_query("UPDATE users SET homephone='$homephone' WHERE username='$username'") or die (mysql_error());
    $_SESSION['homephone'] = $homephone;
    $chomephone = "<li>Homephone</li>";
}
if ($_POST['email'] != "") {
    $email = htmlspecialchars($_POST['email']);
    mysql_query("UPDATE users SET email='$email' WHERE username='$username'") or die (mysql_error());
    $_SESSION['email'] = $email;
    $cemail = "<li>Email</li>";
}
if ($_POST['company'] != "") {
    $company = htmlspecialchars($_POST['company']);
    mysql_query("UPDATE users SET company='$company' WHERE username='$username'") or die (mysql_error());
    $_SESSION['company'] = $company;
    $ccompany = "<li>Company</li>";
}
if ($_POST['username'] != "") {
    $username = htmlspecialchars($_POST['username']);
    mysql_query("UPDATE users SET username='$username' WHERE address2='$address2'") or die (mysql_error());
    $_SESSION['username'] = $username;
    $cusername = "<li>Username</li>";
}
?>
<?php
if (($cfirstname) || ($clastname) || ($caddress1) || ($caddress2) || ($ccity) || ($cstate) || ($czipcode) || ($country) || ($chomephone) || ($cemail) || ($ccompany) || ($cusername)) {
    echo '<p "class=style8">The following items have been updated in your profile:<br /><ul></p>';
    if ($cfirstname) {
        echo $cfirstname;
    }
if ($clastname) {
        echo $clastname;
    }
if ($caddress1) {
        echo $caddress1;
    }
if ($caddress2) {
        echo $caddress2;
    }
if ($ccity) {
        echo $ccity;
    }
if ($cstate) {
        echo $cstate;
    }
    if ($czipcode) {
        echo $czipcode;
    }
    if ($ccountry) {
        echo $ccountry;
    }
    if ($chomephone) {
        echo $chomephone;
    }
    if ($cemail) {
        echo $cemail;
    }
    if ($ccompany) {
        echo $ccompany;
    }
if ($cusername) {
        echo $cusername;
    }
    echo "</ul><br />To view your updated profile, <a href=\"membernetwork.php\">click here</a>.";
}else {
    echo "Nothing in your profile has been changed.  <a href=\"membernetwork.php\">Click here</a> to return to your profile.";
}
?>[/code]


changeprofile.html:
[code]
<form action="changeprofileparse.php" method="post">
    <table width="383" height="464" border="0" cellpadding="0" cellspacing="0">
    <tr>
      <td width="172"><div align="center"><font color="#FFFFFF">First Name </font></div></td>
      <td width="211"><input type="text" value="<?php echo $rows['firstname']; ?>" name="firstname" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Last
        Name</font></div></td>
      <td><input type="text" value="<?php echo $rows['lastname']; ?>" name="lastname" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Address
        1</font></div></td>
      <td><input type="text" value="<?php echo $rows['address1']; ?>" name="address1" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Address
        2</font></div></td>
      <td><input type="text" value="<?php echo $rows['address2']; ?>" name="address2" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">City</font></div></td>
      <td><input type="text" value="<?php echo $rows['city']; ?>" name="city" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">State</font></div></td>
      <td><input type="text" value="<?php echo $rows['state']; ?>" name="state" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Zip
        Code</font></div></td>
      <td><input type="text" value="<?php echo $rows['zipcode']; ?>" name="zipcode" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Country</font></div></td>
      <td><input type="text" value="<?php echo $rows['country']; ?>" name="country" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Home
        Phone</font></div></td>
      <td><input type="text" value="<?php echo $rows['homephone']; ?>" name="homephone" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">E-mail</font></div></td>
      <td><input type="text" value="<?php echo $rows['email']; ?>" name="email" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Company</font></div></td>
      <td><input type="text" value="<?php echo $rows['company']; ?>" name="company" /></td>
    </tr>
    <tr>
      <td><div align="center" class="style13">Username</div></td>
      <td><label>
        <input type="text" value="<?php echo $rows['username']; ?>" name="username" />
      </label></td>
    </tr>
  </table>
  <p align="center">
    <label>
    <input type="submit" name="update" value="Submit Changes">
    </label>
  </p>
  <p align="center">
      <input type="hidden" value="<?php echo $_SESSION['userId']; ?>" name="id22" />
  </form>

[/code]

Thanks for your help

Share this post


Link to post
Share on other sites
Use
[code]if (isset($_POST['firstname']))[/code]
instead of
[code]if ($_POST['firstname'] != "")[/code]

Ronald  ;D

Share this post


Link to post
Share on other sites
Did you apply this isset() to all POST variables? Or just the first one?

Share this post


Link to post
Share on other sites
you can check mysql_affected_rows after the update query to see if it has changed or not.

Share this post


Link to post
Share on other sites
The use of $rows in your form indicates that you have gotten this from a data base. That means that all variables in your form have been filled in! That means that all IFs in your POST checks are TRUE.

Ronald  ;D

Share this post


Link to post
Share on other sites
I see what you mean.  I dont want to change my form, I like how it shows your information so people know what they filled out.  So is there a way to update their profile when the form is already filled out?

Share this post


Link to post
Share on other sites
Btw, it updates fine I am just trying to match what they changed to what the server says they changed

Share this post


Link to post
Share on other sites
You'd have to get your $row variables available in your changeprofileparsed and change your POST checks to something like:

[code]if (isset($_POST['firstname'])  && $_POST['firstname'] != $row['firstname') {
etc....
[/code]

Ronald  ;D

Share this post


Link to post
Share on other sites
So something like this?

[code]
<?php
if (isset($_POST['firstname'])  && $_POST['firstname'] != $row['firstname']) {
    $firstname = htmlspecialchars($_POST['firstname']);
    mysql_query("UPDATE users SET firstname='$firstname' WHERE username='$username'") or die (mysql_error());
    $_SESSION['firstname'] = $firstname;
    $cfirstname = "<li>First Name</li>";
}
if (isset($_POST['lastname'])  && $_POST['lastname'] != $row['lastname']) {
    $lastname = htmlspecialchars($_POST['lastname']);
    mysql_query("UPDATE users SET lastname='$lastname' WHERE username='$username'") or die (mysql_error());
    $_SESSION['lastname'] = $lastname;
    $clastname = "<li>Last Name</li>";
}
if (isset($_POST['address1'])  && $_POST['address1'] != $row['address1']) {
    $address1 = htmlspecialchars($_POST['address1']);
    mysql_query("UPDATE users SET address1='$address1' WHERE username='$username'") or die (mysql_error());
    $_SESSION['address1'] = $address1;
    $caddress1 = "<li>Address 1</li>";
}
if (isset($_POST['address2'])  && $_POST['address2'] != $row['address2']) {
    $address2 = htmlspecialchars($_POST['address2']);
    mysql_query("UPDATE users SET address2='$address2' WHERE username='$username'") or die (mysql_error());
    $_SESSION['address2'] = $address2;
    $caddress2 = "<li>Address 2</li>";
}
if (isset($_POST['city'])  && $_POST['city'] != $row['city']) {
    $city = htmlspecialchars($_POST['city']);
    mysql_query("UPDATE users SET city='$city' WHERE username='$username'") or die (mysql_error());
    $_SESSION['city'] = $city;
    $ccity = "<li>City</li>";
}
if (isset($_POST['state'])  && $_POST['state'] != $row['state']) {
    $state = htmlspecialchars($_POST['state']);
    mysql_query("UPDATE users SET state='$state' WHERE username='$username'") or die (mysql_error());
    $_SESSION['state'] = $state;
    $cstate = "<li>State</li>";
}
if (isset($_POST['zipcode'])  && $_POST['zipcode'] != $row['zipcode']) {
    $zipcode = htmlspecialchars($_POST['zipcode']);
    mysql_query("UPDATE users SET zipcode='$zipcode' WHERE username='$username'") or die (mysql_error());
    $_SESSION['zipcode'] = $zipcode;
    $czipcode = "<li>Zipcode</li>";
}
if (isset($_POST['country'])  && $_POST['country'] != $row['country']) {
    $country = htmlspecialchars($_POST['country']);
    mysql_query("UPDATE users SET country='$country' WHERE username='$username'") or die (mysql_error());
    $_SESSION['country'] = $country;
    $ccountry = "<li>Country</li>";
}
if (isset($_POST['homephone'])  && $_POST['homephone'] != $row['homephone']) {
    $homephone = htmlspecialchars($_POST['homephone']);
    mysql_query("UPDATE users SET homephone='$homephone' WHERE username='$username'") or die (mysql_error());
    $_SESSION['homephone'] = $homephone;
    $chomephone = "<li>Homephone</li>";
}
if (isset($_POST['email'])  && $_POST['email'] != $row['email']) {
    $email = htmlspecialchars($_POST['email']);
    mysql_query("UPDATE users SET email='$email' WHERE username='$username'") or die (mysql_error());
    $_SESSION['email'] = $email;
    $cemail = "<li>Email</li>";
}
if (isset($_POST['company'])  && $_POST['company'] != $row['company']) {
    $company = htmlspecialchars($_POST['company']);
    mysql_query("UPDATE users SET company='$company' WHERE username='$username'") or die (mysql_error());
    $_SESSION['company'] = $company;
    $ccompany = "<li>Company</li>";
}
if (isset($_POST['username'])  && $_POST['username'] != $row['username']) {
    $username = htmlspecialchars($_POST['username']);
    mysql_query("UPDATE users SET username='$username' WHERE address2='$address2'") or die (mysql_error());
    $_SESSION['username'] = $username;
    $cusername = "<li>Username</li>";
}
?>
[/code]

Share this post


Link to post
Share on other sites
I think you be better and faster to put all the update querys in one.

Share this post


Link to post
Share on other sites
you could add like an array that if changed

[code]if($_POST['name'] != $row[]){
$changed[] = "Name";
}
[/code]

then add that field to array then later loop through the array

Share this post


Link to post
Share on other sites
Heres the full code:


changeprofile.php:
[code]
<?php
//checks cookies to make sure they are logged in
if(isset($_COOKIE['ID_my_site']))
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{

//if the cookie has the wrong password, they are taken to the login page
if ($pass != $info['password'])
{ header("Location: login.php");
}

//otherwise they are shown the admin area
else
{

}
}
}
else

//if the cookie does not exist, they are taken to the login screen
{
header("Location: login.php");
}
?> 


  <?php
if(isset( $update ))
{
$sql = "UPDATE users SET username = '$username', email = '$email', company = '$company', homephone = '$homephone', country = '$country', zipcode = '$zipcode', state = '$state', city = '$city', address2 = '$address2', address1 = '$address1', firstname = '$firstname', lastname = '$lastname'  WHERE userid=$userid";
$result = mysql_query($sql);
}
else
{
// Retrieve all the data from the "example" table
$result = mysql_query("SELECT * FROM users")
or die(mysql_error()); 
($rows = mysql_fetch_array($result))
//now put in your form details
?>


<form action="changeprofileparse.php" method="post">
    <table width="383" height="464" border="0" cellpadding="0" cellspacing="0">
    <tr>
      <td width="114"><div align="center"><font color="#FFFFFF">First Name </font></div></td>
      <td width="269"><input type="text" value="<?php echo $rows['firstname']; ?>" name="firstname" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Last
        Name</font></div></td>
      <td><input type="text" value="<?php echo $rows['lastname']; ?>" name="lastname" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Address
        1</font></div></td>
      <td><input type="text" value="<?php echo $rows['address1']; ?>" name="address1" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Address
        2</font></div></td>
      <td><input type="text" value="<?php echo $rows['address2']; ?>" name="address2" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">City</font></div></td>
      <td><input type="text" value="<?php echo $rows['city']; ?>" name="city" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">State</font></div></td>
      <td><input type="text" value="<?php echo $rows['state']; ?>" name="state" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Zip
        Code</font></div></td>
      <td><input type="text" value="<?php echo $rows['zipcode']; ?>" name="zipcode" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Country</font></div></td>
      <td><input type="text" value="<?php echo $rows['country']; ?>" name="country" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Home
        Phone</font></div></td>
      <td><input type="text" value="<?php echo $rows['homephone']; ?>" name="homephone" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">E-mail</font></div></td>
      <td><input type="text" value="<?php echo $rows['email']; ?>" name="email" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Company</font></div></td>
      <td><input type="text" value="<?php echo $rows['company']; ?>" name="company" /></td>
    </tr>
    <tr>
      <td><div align="center" class="style13">Username</div></td>
      <td><label>
        <input type="text" value="<?php echo $rows['username']; ?>" name="username" />
      </label></td>
    </tr>
  </table>
  <p align="center">
    <label>
    <input type="submit" name="update" value="Submit Changes">
    </label>
  </p>
  <p align="center">
      <input type="hidden" value="<?php echo $_SESSION['userId']; ?>" name="id22" />
  </form>

[/code]


changeprofileparse.php:
[code]
<?php
if (isset($_POST['firstname'])  && $_POST['firstname'] != $row['firstname']) {
    $firstname = htmlspecialchars($_POST['firstname']);
    mysql_query("UPDATE users SET firstname='$firstname' WHERE username='$username'") or die (mysql_error());
    $_SESSION['firstname'] = $firstname;
    $cfirstname = "<li>First Name</li>";
}
if (isset($_POST['lastname'])  && $_POST['lastname'] != $row['lastname']) {
    $lastname = htmlspecialchars($_POST['lastname']);
    mysql_query("UPDATE users SET lastname='$lastname' WHERE username='$username'") or die (mysql_error());
    $_SESSION['lastname'] = $lastname;
    $clastname = "<li>Last Name</li>";
}
if (isset($_POST['address1'])  && $_POST['address1'] != $row['address1']) {
    $address1 = htmlspecialchars($_POST['address1']);
    mysql_query("UPDATE users SET address1='$address1' WHERE username='$username'") or die (mysql_error());
    $_SESSION['address1'] = $address1;
    $caddress1 = "<li>Address 1</li>";
}
if (isset($_POST['address2'])  && $_POST['address2'] != $row['address2']) {
    $address2 = htmlspecialchars($_POST['address2']);
    mysql_query("UPDATE users SET address2='$address2' WHERE username='$username'") or die (mysql_error());
    $_SESSION['address2'] = $address2;
    $caddress2 = "<li>Address 2</li>";
}
if (isset($_POST['city'])  && $_POST['city'] != $row['city']) {
    $city = htmlspecialchars($_POST['city']);
    mysql_query("UPDATE users SET city='$city' WHERE username='$username'") or die (mysql_error());
    $_SESSION['city'] = $city;
    $ccity = "<li>City</li>";
}
if (isset($_POST['state'])  && $_POST['state'] != $row['state']) {
    $state = htmlspecialchars($_POST['state']);
    mysql_query("UPDATE users SET state='$state' WHERE username='$username'") or die (mysql_error());
    $_SESSION['state'] = $state;
    $cstate = "<li>State</li>";
}
if (isset($_POST['zipcode'])  && $_POST['zipcode'] != $row['zipcode']) {
    $zipcode = htmlspecialchars($_POST['zipcode']);
    mysql_query("UPDATE users SET zipcode='$zipcode' WHERE username='$username'") or die (mysql_error());
    $_SESSION['zipcode'] = $zipcode;
    $czipcode = "<li>Zipcode</li>";
}
if (isset($_POST['country'])  && $_POST['country'] != $row['country']) {
    $country = htmlspecialchars($_POST['country']);
    mysql_query("UPDATE users SET country='$country' WHERE username='$username'") or die (mysql_error());
    $_SESSION['country'] = $country;
    $ccountry = "<li>Country</li>";
}
if (isset($_POST['homephone'])  && $_POST['homephone'] != $row['homephone']) {
    $homephone = htmlspecialchars($_POST['homephone']);
    mysql_query("UPDATE users SET homephone='$homephone' WHERE username='$username'") or die (mysql_error());
    $_SESSION['homephone'] = $homephone;
    $chomephone = "<li>Homephone</li>";
}
if (isset($_POST['email'])  && $_POST['email'] != $row['email']) {
    $email = htmlspecialchars($_POST['email']);
    mysql_query("UPDATE users SET email='$email' WHERE username='$username'") or die (mysql_error());
    $_SESSION['email'] = $email;
    $cemail = "<li>Email</li>";
}
if (isset($_POST['company'])  && $_POST['company'] != $row['company']) {
    $company = htmlspecialchars($_POST['company']);
    mysql_query("UPDATE users SET company='$company' WHERE username='$username'") or die (mysql_error());
    $_SESSION['company'] = $company;
    $ccompany = "<li>Company</li>";
}
if (isset($_POST['username'])  && $_POST['username'] != $row['username']) {
    $username = htmlspecialchars($_POST['username']);
    mysql_query("UPDATE users SET username='$username' WHERE address2='$address2'") or die (mysql_error());
    $_SESSION['username'] = $username;
    $cusername = "<li>Username</li>";
}
?>

<?php

if (($cfirstname) || ($clastname) || ($caddress1) || ($caddress2) || ($ccity) || ($cstate) || ($czipcode) || ($country) || ($chomephone) || ($cemail) || ($ccompany) || ($cusername)) {
    echo '<p "class=style8">The following items have been updated in your profile:<br /><ul></p>';
    if ($cfirstname) {
        echo $cfirstname;
    }
if ($clastname) {
        echo $clastname;
    }
if ($caddress1) {
        echo $caddress1;
    }
if ($caddress2) {
        echo $caddress2;
    }
if ($ccity) {
        echo $ccity;
    }
if ($cstate) {
        echo $cstate;
    }
    if ($czipcode) {
        echo $czipcode;
    }
    if ($ccountry) {
        echo $ccountry;
    }
    if ($chomephone) {
        echo $chomephone;
    }
    if ($cemail) {
        echo $cemail;
    }
    if ($ccompany) {
        echo $ccompany;
    }
if ($cusername) {
        echo $cusername;
    }
    echo "</ul><br />To view your updated profile, <a href=\"membernetwork.php\">click here</a>.";
}else {
    echo "Nothing in your profile has been changed.  <a href=\"membernetwork.php\">Click here</a> to return to your profile.";
}
?>

[/code]

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.