Jump to content

Change Profile Page


vund0

Recommended Posts

I am having some problems with the changeprofileparse.php page.  When a user submits their changes and lets say they changed just their firstname, for some reason it comes back saying:


Change Profile Results


The following items have been updated in your profile:



First Name
Last Name
Address 1
Address 2
City
State
Zipcode
Country
Homephone
Email
Company
Username


changeprofileparse:
[code]<?php
if ($_POST['firstname'] != "") {
    $firstname = htmlspecialchars($_POST['firstname']);
    mysql_query("UPDATE users SET firstname='$firstname' WHERE username='$username'") or die (mysql_error());
    $_SESSION['firstname'] = $firstname;
    $cfirstname = "<li>First Name</li>";
}
if ($_POST['lastname'] != "") {
    $lastname = htmlspecialchars($_POST['lastname']);
    mysql_query("UPDATE users SET lastname='$lastname' WHERE username='$username'") or die (mysql_error());
    $_SESSION['lastname'] = $lastname;
    $clastname = "<li>Last Name</li>";
}
if ($_POST['address1'] != "") {
    $address1 = htmlspecialchars($_POST['address1']);
    mysql_query("UPDATE users SET address1='$address1' WHERE username='$username'") or die (mysql_error());
    $_SESSION['address1'] = $address1;
    $caddress1 = "<li>Address 1</li>";
}
if ($_POST['address2'] != "") {
    $address2 = htmlspecialchars($_POST['address2']);
    mysql_query("UPDATE users SET address2='$address2' WHERE username='$username'") or die (mysql_error());
    $_SESSION['address2'] = $address2;
    $caddress2 = "<li>Address 2</li>";
}
if ($_POST['city'] != "") {
    $city = htmlspecialchars($_POST['city']);
    mysql_query("UPDATE users SET city='$city' WHERE username='$username'") or die (mysql_error());
    $_SESSION['city'] = $city;
    $ccity = "<li>City</li>";
}
if ($_POST['state'] != "") {
    $state = htmlspecialchars($_POST['state']);
    mysql_query("UPDATE users SET state='$state' WHERE username='$username'") or die (mysql_error());
    $_SESSION['state'] = $state;
    $cstate = "<li>State</li>";
}
if ($_POST['zipcode'] != "") {
    $zipcode = htmlspecialchars($_POST['zipcode']);
    mysql_query("UPDATE users SET zipcode='$zipcode' WHERE username='$username'") or die (mysql_error());
    $_SESSION['zipcode'] = $zipcode;
    $czipcode = "<li>Zipcode</li>";
}
if ($_POST['country'] != "") {
    $country = htmlspecialchars($_POST['country']);
    mysql_query("UPDATE users SET country='$country' WHERE username='$username'") or die (mysql_error());
    $_SESSION['country'] = $country;
    $ccountry = "<li>Country</li>";
}
if ($_POST['homephone'] != "") {
    $homephone = htmlspecialchars($_POST['homephone']);
    mysql_query("UPDATE users SET homephone='$homephone' WHERE username='$username'") or die (mysql_error());
    $_SESSION['homephone'] = $homephone;
    $chomephone = "<li>Homephone</li>";
}
if ($_POST['email'] != "") {
    $email = htmlspecialchars($_POST['email']);
    mysql_query("UPDATE users SET email='$email' WHERE username='$username'") or die (mysql_error());
    $_SESSION['email'] = $email;
    $cemail = "<li>Email</li>";
}
if ($_POST['company'] != "") {
    $company = htmlspecialchars($_POST['company']);
    mysql_query("UPDATE users SET company='$company' WHERE username='$username'") or die (mysql_error());
    $_SESSION['company'] = $company;
    $ccompany = "<li>Company</li>";
}
if ($_POST['username'] != "") {
    $username = htmlspecialchars($_POST['username']);
    mysql_query("UPDATE users SET username='$username' WHERE address2='$address2'") or die (mysql_error());
    $_SESSION['username'] = $username;
    $cusername = "<li>Username</li>";
}
?>
<?php
if (($cfirstname) || ($clastname) || ($caddress1) || ($caddress2) || ($ccity) || ($cstate) || ($czipcode) || ($country) || ($chomephone) || ($cemail) || ($ccompany) || ($cusername)) {
    echo '<p "class=style8">The following items have been updated in your profile:<br /><ul></p>';
    if ($cfirstname) {
        echo $cfirstname;
    }
if ($clastname) {
        echo $clastname;
    }
if ($caddress1) {
        echo $caddress1;
    }
if ($caddress2) {
        echo $caddress2;
    }
if ($ccity) {
        echo $ccity;
    }
if ($cstate) {
        echo $cstate;
    }
    if ($czipcode) {
        echo $czipcode;
    }
    if ($ccountry) {
        echo $ccountry;
    }
    if ($chomephone) {
        echo $chomephone;
    }
    if ($cemail) {
        echo $cemail;
    }
    if ($ccompany) {
        echo $ccompany;
    }
if ($cusername) {
        echo $cusername;
    }
    echo "</ul><br />To view your updated profile, <a href=\"membernetwork.php\">click here</a>.";
}else {
    echo "Nothing in your profile has been changed.  <a href=\"membernetwork.php\">Click here</a> to return to your profile.";
}
?>[/code]


changeprofile.html:
[code]
<form action="changeprofileparse.php" method="post">
    <table width="383" height="464" border="0" cellpadding="0" cellspacing="0">
    <tr>
      <td width="172"><div align="center"><font color="#FFFFFF">First Name </font></div></td>
      <td width="211"><input type="text" value="<?php echo $rows['firstname']; ?>" name="firstname" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Last
        Name</font></div></td>
      <td><input type="text" value="<?php echo $rows['lastname']; ?>" name="lastname" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Address
        1</font></div></td>
      <td><input type="text" value="<?php echo $rows['address1']; ?>" name="address1" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Address
        2</font></div></td>
      <td><input type="text" value="<?php echo $rows['address2']; ?>" name="address2" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">City</font></div></td>
      <td><input type="text" value="<?php echo $rows['city']; ?>" name="city" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">State</font></div></td>
      <td><input type="text" value="<?php echo $rows['state']; ?>" name="state" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Zip
        Code</font></div></td>
      <td><input type="text" value="<?php echo $rows['zipcode']; ?>" name="zipcode" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Country</font></div></td>
      <td><input type="text" value="<?php echo $rows['country']; ?>" name="country" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Home
        Phone</font></div></td>
      <td><input type="text" value="<?php echo $rows['homephone']; ?>" name="homephone" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">E-mail</font></div></td>
      <td><input type="text" value="<?php echo $rows['email']; ?>" name="email" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Company</font></div></td>
      <td><input type="text" value="<?php echo $rows['company']; ?>" name="company" /></td>
    </tr>
    <tr>
      <td><div align="center" class="style13">Username</div></td>
      <td><label>
        <input type="text" value="<?php echo $rows['username']; ?>" name="username" />
      </label></td>
    </tr>
  </table>
  <p align="center">
    <label>
    <input type="submit" name="update" value="Submit Changes">
    </label>
  </p>
  <p align="center">
      <input type="hidden" value="<?php echo $_SESSION['userId']; ?>" name="id22" />
  </form>

[/code]

Thanks for your help
Link to comment
Share on other sites

So something like this?

[code]
<?php
if (isset($_POST['firstname'])  && $_POST['firstname'] != $row['firstname']) {
    $firstname = htmlspecialchars($_POST['firstname']);
    mysql_query("UPDATE users SET firstname='$firstname' WHERE username='$username'") or die (mysql_error());
    $_SESSION['firstname'] = $firstname;
    $cfirstname = "<li>First Name</li>";
}
if (isset($_POST['lastname'])  && $_POST['lastname'] != $row['lastname']) {
    $lastname = htmlspecialchars($_POST['lastname']);
    mysql_query("UPDATE users SET lastname='$lastname' WHERE username='$username'") or die (mysql_error());
    $_SESSION['lastname'] = $lastname;
    $clastname = "<li>Last Name</li>";
}
if (isset($_POST['address1'])  && $_POST['address1'] != $row['address1']) {
    $address1 = htmlspecialchars($_POST['address1']);
    mysql_query("UPDATE users SET address1='$address1' WHERE username='$username'") or die (mysql_error());
    $_SESSION['address1'] = $address1;
    $caddress1 = "<li>Address 1</li>";
}
if (isset($_POST['address2'])  && $_POST['address2'] != $row['address2']) {
    $address2 = htmlspecialchars($_POST['address2']);
    mysql_query("UPDATE users SET address2='$address2' WHERE username='$username'") or die (mysql_error());
    $_SESSION['address2'] = $address2;
    $caddress2 = "<li>Address 2</li>";
}
if (isset($_POST['city'])  && $_POST['city'] != $row['city']) {
    $city = htmlspecialchars($_POST['city']);
    mysql_query("UPDATE users SET city='$city' WHERE username='$username'") or die (mysql_error());
    $_SESSION['city'] = $city;
    $ccity = "<li>City</li>";
}
if (isset($_POST['state'])  && $_POST['state'] != $row['state']) {
    $state = htmlspecialchars($_POST['state']);
    mysql_query("UPDATE users SET state='$state' WHERE username='$username'") or die (mysql_error());
    $_SESSION['state'] = $state;
    $cstate = "<li>State</li>";
}
if (isset($_POST['zipcode'])  && $_POST['zipcode'] != $row['zipcode']) {
    $zipcode = htmlspecialchars($_POST['zipcode']);
    mysql_query("UPDATE users SET zipcode='$zipcode' WHERE username='$username'") or die (mysql_error());
    $_SESSION['zipcode'] = $zipcode;
    $czipcode = "<li>Zipcode</li>";
}
if (isset($_POST['country'])  && $_POST['country'] != $row['country']) {
    $country = htmlspecialchars($_POST['country']);
    mysql_query("UPDATE users SET country='$country' WHERE username='$username'") or die (mysql_error());
    $_SESSION['country'] = $country;
    $ccountry = "<li>Country</li>";
}
if (isset($_POST['homephone'])  && $_POST['homephone'] != $row['homephone']) {
    $homephone = htmlspecialchars($_POST['homephone']);
    mysql_query("UPDATE users SET homephone='$homephone' WHERE username='$username'") or die (mysql_error());
    $_SESSION['homephone'] = $homephone;
    $chomephone = "<li>Homephone</li>";
}
if (isset($_POST['email'])  && $_POST['email'] != $row['email']) {
    $email = htmlspecialchars($_POST['email']);
    mysql_query("UPDATE users SET email='$email' WHERE username='$username'") or die (mysql_error());
    $_SESSION['email'] = $email;
    $cemail = "<li>Email</li>";
}
if (isset($_POST['company'])  && $_POST['company'] != $row['company']) {
    $company = htmlspecialchars($_POST['company']);
    mysql_query("UPDATE users SET company='$company' WHERE username='$username'") or die (mysql_error());
    $_SESSION['company'] = $company;
    $ccompany = "<li>Company</li>";
}
if (isset($_POST['username'])  && $_POST['username'] != $row['username']) {
    $username = htmlspecialchars($_POST['username']);
    mysql_query("UPDATE users SET username='$username' WHERE address2='$address2'") or die (mysql_error());
    $_SESSION['username'] = $username;
    $cusername = "<li>Username</li>";
}
?>
[/code]
Link to comment
Share on other sites

Heres the full code:


changeprofile.php:
[code]
<?php
//checks cookies to make sure they are logged in
if(isset($_COOKIE['ID_my_site']))
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{

//if the cookie has the wrong password, they are taken to the login page
if ($pass != $info['password'])
{ header("Location: login.php");
}

//otherwise they are shown the admin area
else
{

}
}
}
else

//if the cookie does not exist, they are taken to the login screen
{
header("Location: login.php");
}
?> 


  <?php
if(isset( $update ))
{
$sql = "UPDATE users SET username = '$username', email = '$email', company = '$company', homephone = '$homephone', country = '$country', zipcode = '$zipcode', state = '$state', city = '$city', address2 = '$address2', address1 = '$address1', firstname = '$firstname', lastname = '$lastname'  WHERE userid=$userid";
$result = mysql_query($sql);
}
else
{
// Retrieve all the data from the "example" table
$result = mysql_query("SELECT * FROM users")
or die(mysql_error()); 
($rows = mysql_fetch_array($result))
//now put in your form details
?>


<form action="changeprofileparse.php" method="post">
    <table width="383" height="464" border="0" cellpadding="0" cellspacing="0">
    <tr>
      <td width="114"><div align="center"><font color="#FFFFFF">First Name </font></div></td>
      <td width="269"><input type="text" value="<?php echo $rows['firstname']; ?>" name="firstname" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Last
        Name</font></div></td>
      <td><input type="text" value="<?php echo $rows['lastname']; ?>" name="lastname" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Address
        1</font></div></td>
      <td><input type="text" value="<?php echo $rows['address1']; ?>" name="address1" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Address
        2</font></div></td>
      <td><input type="text" value="<?php echo $rows['address2']; ?>" name="address2" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">City</font></div></td>
      <td><input type="text" value="<?php echo $rows['city']; ?>" name="city" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">State</font></div></td>
      <td><input type="text" value="<?php echo $rows['state']; ?>" name="state" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Zip
        Code</font></div></td>
      <td><input type="text" value="<?php echo $rows['zipcode']; ?>" name="zipcode" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Country</font></div></td>
      <td><input type="text" value="<?php echo $rows['country']; ?>" name="country" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Home
        Phone</font></div></td>
      <td><input type="text" value="<?php echo $rows['homephone']; ?>" name="homephone" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">E-mail</font></div></td>
      <td><input type="text" value="<?php echo $rows['email']; ?>" name="email" /></td>
    </tr>
    <tr>
      <td><div align="center"><font color="#FFFFFF">Company</font></div></td>
      <td><input type="text" value="<?php echo $rows['company']; ?>" name="company" /></td>
    </tr>
    <tr>
      <td><div align="center" class="style13">Username</div></td>
      <td><label>
        <input type="text" value="<?php echo $rows['username']; ?>" name="username" />
      </label></td>
    </tr>
  </table>
  <p align="center">
    <label>
    <input type="submit" name="update" value="Submit Changes">
    </label>
  </p>
  <p align="center">
      <input type="hidden" value="<?php echo $_SESSION['userId']; ?>" name="id22" />
  </form>

[/code]


changeprofileparse.php:
[code]
<?php
if (isset($_POST['firstname'])  && $_POST['firstname'] != $row['firstname']) {
    $firstname = htmlspecialchars($_POST['firstname']);
    mysql_query("UPDATE users SET firstname='$firstname' WHERE username='$username'") or die (mysql_error());
    $_SESSION['firstname'] = $firstname;
    $cfirstname = "<li>First Name</li>";
}
if (isset($_POST['lastname'])  && $_POST['lastname'] != $row['lastname']) {
    $lastname = htmlspecialchars($_POST['lastname']);
    mysql_query("UPDATE users SET lastname='$lastname' WHERE username='$username'") or die (mysql_error());
    $_SESSION['lastname'] = $lastname;
    $clastname = "<li>Last Name</li>";
}
if (isset($_POST['address1'])  && $_POST['address1'] != $row['address1']) {
    $address1 = htmlspecialchars($_POST['address1']);
    mysql_query("UPDATE users SET address1='$address1' WHERE username='$username'") or die (mysql_error());
    $_SESSION['address1'] = $address1;
    $caddress1 = "<li>Address 1</li>";
}
if (isset($_POST['address2'])  && $_POST['address2'] != $row['address2']) {
    $address2 = htmlspecialchars($_POST['address2']);
    mysql_query("UPDATE users SET address2='$address2' WHERE username='$username'") or die (mysql_error());
    $_SESSION['address2'] = $address2;
    $caddress2 = "<li>Address 2</li>";
}
if (isset($_POST['city'])  && $_POST['city'] != $row['city']) {
    $city = htmlspecialchars($_POST['city']);
    mysql_query("UPDATE users SET city='$city' WHERE username='$username'") or die (mysql_error());
    $_SESSION['city'] = $city;
    $ccity = "<li>City</li>";
}
if (isset($_POST['state'])  && $_POST['state'] != $row['state']) {
    $state = htmlspecialchars($_POST['state']);
    mysql_query("UPDATE users SET state='$state' WHERE username='$username'") or die (mysql_error());
    $_SESSION['state'] = $state;
    $cstate = "<li>State</li>";
}
if (isset($_POST['zipcode'])  && $_POST['zipcode'] != $row['zipcode']) {
    $zipcode = htmlspecialchars($_POST['zipcode']);
    mysql_query("UPDATE users SET zipcode='$zipcode' WHERE username='$username'") or die (mysql_error());
    $_SESSION['zipcode'] = $zipcode;
    $czipcode = "<li>Zipcode</li>";
}
if (isset($_POST['country'])  && $_POST['country'] != $row['country']) {
    $country = htmlspecialchars($_POST['country']);
    mysql_query("UPDATE users SET country='$country' WHERE username='$username'") or die (mysql_error());
    $_SESSION['country'] = $country;
    $ccountry = "<li>Country</li>";
}
if (isset($_POST['homephone'])  && $_POST['homephone'] != $row['homephone']) {
    $homephone = htmlspecialchars($_POST['homephone']);
    mysql_query("UPDATE users SET homephone='$homephone' WHERE username='$username'") or die (mysql_error());
    $_SESSION['homephone'] = $homephone;
    $chomephone = "<li>Homephone</li>";
}
if (isset($_POST['email'])  && $_POST['email'] != $row['email']) {
    $email = htmlspecialchars($_POST['email']);
    mysql_query("UPDATE users SET email='$email' WHERE username='$username'") or die (mysql_error());
    $_SESSION['email'] = $email;
    $cemail = "<li>Email</li>";
}
if (isset($_POST['company'])  && $_POST['company'] != $row['company']) {
    $company = htmlspecialchars($_POST['company']);
    mysql_query("UPDATE users SET company='$company' WHERE username='$username'") or die (mysql_error());
    $_SESSION['company'] = $company;
    $ccompany = "<li>Company</li>";
}
if (isset($_POST['username'])  && $_POST['username'] != $row['username']) {
    $username = htmlspecialchars($_POST['username']);
    mysql_query("UPDATE users SET username='$username' WHERE address2='$address2'") or die (mysql_error());
    $_SESSION['username'] = $username;
    $cusername = "<li>Username</li>";
}
?>

<?php

if (($cfirstname) || ($clastname) || ($caddress1) || ($caddress2) || ($ccity) || ($cstate) || ($czipcode) || ($country) || ($chomephone) || ($cemail) || ($ccompany) || ($cusername)) {
    echo '<p "class=style8">The following items have been updated in your profile:<br /><ul></p>';
    if ($cfirstname) {
        echo $cfirstname;
    }
if ($clastname) {
        echo $clastname;
    }
if ($caddress1) {
        echo $caddress1;
    }
if ($caddress2) {
        echo $caddress2;
    }
if ($ccity) {
        echo $ccity;
    }
if ($cstate) {
        echo $cstate;
    }
    if ($czipcode) {
        echo $czipcode;
    }
    if ($ccountry) {
        echo $ccountry;
    }
    if ($chomephone) {
        echo $chomephone;
    }
    if ($cemail) {
        echo $cemail;
    }
    if ($ccompany) {
        echo $ccompany;
    }
if ($cusername) {
        echo $cusername;
    }
    echo "</ul><br />To view your updated profile, <a href=\"membernetwork.php\">click here</a>.";
}else {
    echo "Nothing in your profile has been changed.  <a href=\"membernetwork.php\">Click here</a> to return to your profile.";
}
?>

[/code]
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.