[SOLVED] doesnt populate the database

[bigbenbuilders]

This form is to edit their profile but when submitted it does not change the information in the database?

 

<?php
require_once('auth.php');

if ($_REQUEST['Save'])
{
	$error = false;
	if ($_REQUEST['SESS_FIRST_NAME'] == '')
	{
		$error = true;
	}
	if ($_REQUEST['SESS_MIDDLE_NAME'] == '')
	{
		$error = true;
	}
	if ($_REQUEST['SESS_LAST_NAME'] == '')
	{
		$error = true;
	}
	if ($_REQUEST['SESS_PHONE_NAME'] == '')
	{
		$error = true;
	}
	if ($_REQUEST['SESS_EMAIL_NAME'] == '')
	{
		$error = true;
	}
	if (!$error)
	{
	$_SESSION['SESS_FIRST_NAME'] = $_REQUEST['SESS_FIRST_NAME'];
	$_SESSION['SESS_MIDDLE_NAME'] = $_REQUEST['SESS_MIDDLE_NAME'];
	$_SESSION['SESS_LAST_NAME'] = $_REQUEST['SESS_LAST_NAME'];
	$_SESSION['SESS_PHONE_NAME'] = $_REQUEST['SESS_PHONE_NAME'];
	$_SESSION['SESS_EMAIL_NAME'] = $_REQUEST['SESS_EMAIL_NAME'];
	}
}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Member Index</title>
<link href="loginmodule.css" rel="stylesheet" type="text/css" />
</head>
<body>
<h1>Welcome <?php echo $_SESSION['SESS_FIRST_NAME'];?></h1>
<a href="member-index.php">Home</a> | <a href="logout.php">Logout</a>

<form>
<p><input type='text' name='SESS_FIRST_NAME' value='<?php echo $_SESSION['SESS_FIRST_NAME'];?>' />
<input type='text' name='SESS_MIDDLE_NAME' value='<?php echo $_SESSION['SESS_MIDDLE_NAME'];?>' />
<input type='text' name='SESS_LAST_NAME' value='<?php echo $_SESSION['SESS_LAST_NAME'];?>' /> </p>
<p><input type='text' name='SESS_PHONE_NAME' value='<?php echo $_SESSION['SESS_PHONE_NAME'];?>' /></p>
<p><input type='text' name='SESS_EMAIL_NAME' value='<?php echo $_SESSION['SESS_EMAIL_NAME'];?>' /></p>
<input type='submit' name='Save' value='Save' />
</form>

</body>
</html>

[play_]

Where is the query to update the database?

[kickstart]

Hi

 

I wrote that to merely update the session fields for you, but nothing in the original post mentioned saving it to a database.

 

It would be quite easy to expand it to, but quite a bit more info would be needed such as the table they are stored on, the column names, they key field (as you do not want people to update this normally), etc.

 

You would want something like (based on guessed tables names, column names and connection):-

 

if (!$error)
{
$_SESSION['SESS_FIRST_NAME'] = $_REQUEST['SESS_FIRST_NAME'];
$_SESSION['SESS_MIDDLE_NAME'] = $_REQUEST['SESS_MIDDLE_NAME'];
$_SESSION['SESS_LAST_NAME'] = $_REQUEST['SESS_LAST_NAME'];
$_SESSION['SESS_PHONE_NAME'] = $_REQUEST['SESS_PHONE_NAME'];
$_SESSION['SESS_EMAIL_NAME'] = $_REQUEST['SESS_EMAIL_NAME'];
$sql = "UPDATE UsersTable SET FirstName = '".mysql_real_escape_string($_SESSION['SESS_FIRST_NAME'])."', MiddleName = '".mysql_real_escape_string($_SESSION['SESS_MIDDLE_NAME'])."', LastName = '".mysql_real_escape_string($_SESSION['SESS_LAST_NAME'])."', PhoneName = '".mysql_real_escape_string($_SESSION['SESS_PHONE_NAME'])."', EmailName = '".mysql_real_escape_string($_SESSION['SESS_EMAIL_NAME'])."' WHERE id = ".mysql_real_escape_string($_SESSION['SESS_USER_ID'])."";
$void = mysql_query($sql,$conn) or die(mysql_error());
}

 

All the best

 

Keith

[bigbenbuilders]

now I get this error

 

Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2)

[play_]

Is there even a database setup?

[bigbenbuilders]

here is the config.php file and it connects to the database on the registration sign in etc...

 

<?php
define('DB_HOST', '');
    define('DB_USER', '');
    define('DB_PASSWORD', '');
    define('DB_DATABASE', '');
?>

[bigbenbuilders]

Here is the complete code that I have now

 

<?php
require_once('auth.php');
require_once('config.php');

if ($_REQUEST['Save'])
{
	$error = false;
	if ($_REQUEST['SESS_FIRST_NAME'] == '')
	{
		$error = true;
	}
	if ($_REQUEST['SESS_MIDDLE_NAME'] == '')
	{
		$error = true;
	}
	if ($_REQUEST['SESS_LAST_NAME'] == '')
	{
		$error = true;
	}
	if ($_REQUEST['SESS_PHONE_NAME'] == '')
	{
		$error = true;
	}
	if ($_REQUEST['SESS_EMAIL_NAME'] == '')
	{
		$error = true;
	}
	if (!$error)
{
$_SESSION['SESS_FIRST_NAME'] = $_REQUEST['SESS_FIRST_NAME'];
$_SESSION['SESS_MIDDLE_NAME'] = $_REQUEST['SESS_MIDDLE_NAME'];
$_SESSION['SESS_LAST_NAME'] = $_REQUEST['SESS_LAST_NAME'];
$_SESSION['SESS_PHONE_NAME'] = $_REQUEST['SESS_PHONE_NAME'];
$_SESSION['SESS_EMAIL_NAME'] = $_REQUEST['SESS_EMAIL_NAME'];
$sql = "UPDATE members SET firstname = '".mysql_real_escape_string($_SESSION['SESS_FIRST_NAME'])."', middlename = '".mysql_real_escape_string($_SESSION['SESS_MIDDLE_NAME'])."', lastname = '".mysql_real_escape_string($_SESSION['SESS_LAST_NAME'])."', phone = '".mysql_real_escape_string($_SESSION['SESS_PHONE_NAME'])."', email = '".mysql_real_escape_string($_SESSION['SESS_EMAIL_NAME'])."' WHERE member_id = ".mysql_real_escape_string($_SESSION['SESS_USER_ID'])."";
$void = mysql_query($sql,$conn) or die(mysql_error());
}
}


?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Member Index</title>
<link href="loginmodule.css" rel="stylesheet" type="text/css" />
</head>
<body>
<h1>Welcome <?php echo $_SESSION['SESS_FIRST_NAME'];?></h1>
<a href="member-index.php">Home</a> | <a href="logout.php">Logout</a>

<form>
<p><input type='text' name='SESS_FIRST_NAME' value='<?php echo $_SESSION['SESS_FIRST_NAME'];?>' />
<input type='text' name='SESS_MIDDLE_NAME' value='<?php echo $_SESSION['SESS_MIDDLE_NAME'];?>' />
<input type='text' name='SESS_LAST_NAME' value='<?php echo $_SESSION['SESS_LAST_NAME'];?>' /> </p>
<p><input type='text' name='SESS_PHONE_NAME' value='<?php echo $_SESSION['SESS_PHONE_NAME'];?>' /></p>
<p><input type='text' name='SESS_EMAIL_NAME' value='<?php echo $_SESSION['SESS_EMAIL_NAME'];?>' /></p>
<input type='submit' name='Save' value='Save' />
</form>

</body>
</html>

[bigbenbuilders]

any ideas guys as I am a newbie and strugling

[TeNDoLLA]

I don't think your database server is running at all.

[bigbenbuilders]

I am able to use the log in

[bigbenbuilders]

and the register?

[bigbenbuilders]

it displays the information?  Just wont update the database? please help

[kickstart]

Hi

 

Is "$conn" set up as the connection?

 

All the best

 

Keith

[bigbenbuilders]

here is the registration-exe if this helps...please remember that I am new at this...this does work..

 

<?php
//Start session
session_start();

//Include database connection details
require_once('config.php');

//Array to store validation errors
$errmsg_arr = array();

//Validation error flag
$errflag = false;

//Connect to mysql server
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
	die('Failed to connect to server: ' . mysql_error());
}

//Select database
$db = mysql_select_db(DB_DATABASE);
if(!$db) {
	die("Unable to select database");
}

//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
	$str = @trim($str);
	if(get_magic_quotes_gpc()) {
		$str = stripslashes($str);
	}
	return mysql_real_escape_string($str);
}

//Sanitize the POST values
$fname = clean($_POST['fname']);
$mname = clean($_POST['mname']);
$lname = clean($_POST['lname']);
$phone = clean($_POST['phone']);
$email = clean($_POST['email']);
$emailconfirm = clean($_POST['emailconfirm']);
$login = clean($_POST['login']);
$password = clean($_POST['password']);
$cpassword = clean($_POST['cpassword']);

//Input Validations
if($fname == '') {
	$errmsg_arr[] = 'First name missing';
	$errflag = true;
}

if($lname == '') {
	$errmsg_arr[] = 'Last name missing';
	$errflag = true;
}
if($email == '') {
	$errmsg_arr[] = 'Email missing';
	$errflag = true;
}
if($emailconfirm == '') {
	$errmsg_arr[] = 'Confirm Email missing';
	$errflag = true;
}
if($login == '') {
	$errmsg_arr[] = 'Login ID missing';
	$errflag = true;
}
if($password == '') {
	$errmsg_arr[] = 'Password missing';
	$errflag = true;
}
if($cpassword == '') {
	$errmsg_arr[] = 'Confirm password missing';
	$errflag = true;
}
if( strcmp($password, $cpassword) != 0 ) {
	$errmsg_arr[] = 'Passwords do not match';
	$errflag = true;
}
if( strcmp($email, $emailconfirm) != 0 ) {
	$errmsg_arr[] = 'Emails do not match';
	$errflag = true;
}

//Check for duplicate login ID
if($login != '') {
	$qry = "SELECT * FROM members WHERE login='$login'";
	$result = mysql_query($qry);
	if($result) {
		if(mysql_num_rows($result) > 0) {
			$errmsg_arr[] = 'Login ID already in use';
			$errflag = true;
		}
		@mysql_free_result($result);
	}
	else {
		die("Query failed");
	}
}

//If there are input validations, redirect back to the registration form
if($errflag) {
	$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
	session_write_close();
	header("location: register-form.php");
	exit();
}

//Create INSERT query
$qry = "INSERT INTO members(firstname, middlename, lastname, phone, email, login, passwd) VALUES('$fname','$mname','$lname','$phone','$email','$login','".md5($_POST['password'])."')";
$result = @mysql_query($qry);

//Check whether the query was successful or not
if($result) {
	header("location: register-success.php");
	exit();
}else {
	die("Query failed");
}
?>

[kickstart]

Hi

 

You are probably no connecting to the database.

 

Copy this (from the working script) to the top of the non working script to replace require_once('config.php');:-

 

//Start session
session_start();

//Include database connection details
require_once('config.php');

//Array to store validation errors
$errmsg_arr = array();

//Validation error flag
$errflag = false;

//Connect to mysql server
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
	die('Failed to connect to server: ' . mysql_error());
}

//Select database
$db = mysql_select_db(DB_DATABASE);
if(!$db) {
	die("Unable to select database");
}

 

Change:-

 

$void = mysql_query($sql,$conn) or die(mysql_error());

 

to

 

$void = mysql_query($sql,$link) or die(mysql_error());

 

All the best

 

Keith

[bigbenbuilders]

okay here is what I get

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

 

here is the code

 

<?php
//Start session
   session_start();
   
   //Include database connection details
   require_once('config.php');
   
   //Array to store validation errors
   $errmsg_arr = array();
   
   //Validation error flag
   $errflag = false;
   
   //Connect to mysql server
   $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
   if(!$link) {
      die('Failed to connect to server: ' . mysql_error());
   }
   
   //Select database
   $db = mysql_select_db(DB_DATABASE);
   if(!$db) {
      die("Unable to select database");
   }

if ($_REQUEST['Save'])
{
	$error = false;
	if ($_REQUEST['SESS_FIRST_NAME'] == '')
	{
		$error = true;
	}
	if ($_REQUEST['SESS_MIDDLE_NAME'] == '')
	{
		$error = true;
	}
	if ($_REQUEST['SESS_LAST_NAME'] == '')
	{
		$error = true;
	}
	if ($_REQUEST['SESS_PHONE_NAME'] == '')
	{
		$error = true;
	}
	if ($_REQUEST['SESS_EMAIL_NAME'] == '')
	{
		$error = true;
	}
	if (!$error)
{
$_SESSION['SESS_FIRST_NAME'] = $_REQUEST['SESS_FIRST_NAME'];
$_SESSION['SESS_MIDDLE_NAME'] = $_REQUEST['SESS_MIDDLE_NAME'];
$_SESSION['SESS_LAST_NAME'] = $_REQUEST['SESS_LAST_NAME'];
$_SESSION['SESS_PHONE_NAME'] = $_REQUEST['SESS_PHONE_NAME'];
$_SESSION['SESS_EMAIL_NAME'] = $_REQUEST['SESS_EMAIL_NAME'];
$sql = "UPDATE members SET firstname = '".mysql_real_escape_string($_SESSION['SESS_FIRST_NAME'])."', middlename = '".mysql_real_escape_string($_SESSION['SESS_MIDDLE_NAME'])."', lastname = '".mysql_real_escape_string($_SESSION['SESS_LAST_NAME'])."', phone = '".mysql_real_escape_string($_SESSION['SESS_PHONE_NAME'])."', email = '".mysql_real_escape_string($_SESSION['SESS_EMAIL_NAME'])."' WHERE member_id = ".mysql_real_escape_string($_SESSION['SESS_USER_ID'])."";
$void = mysql_query($sql,$link) or die(mysql_error());
}
}


?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Member Index</title>
<link href="loginmodule.css" rel="stylesheet" type="text/css" />
</head>
<body>
<h1>Welcome <?php echo $_SESSION['SESS_FIRST_NAME'];?></h1>
<a href="member-index.php">Home</a> | <a href="logout.php">Logout</a>

<form>
<p><input type='text' name='SESS_FIRST_NAME' value='<?php echo $_SESSION['SESS_FIRST_NAME'];?>' />
<input type='text' name='SESS_MIDDLE_NAME' value='<?php echo $_SESSION['SESS_MIDDLE_NAME'];?>' />
<input type='text' name='SESS_LAST_NAME' value='<?php echo $_SESSION['SESS_LAST_NAME'];?>' /> </p>
<p><input type='text' name='SESS_PHONE_NAME' value='<?php echo $_SESSION['SESS_PHONE_NAME'];?>' /></p>
<p><input type='text' name='SESS_EMAIL_NAME' value='<?php echo $_SESSION['SESS_EMAIL_NAME'];?>' /></p>
<input type='submit' name='Save' value='Save' />
</form>

</body>
</html>

[kickstart]

Hi

 

Is member_id a numeric field?

 

Change this:-

 

$void = mysql_query($sql,$link) or die(mysql_error());

 

to this:-

 

$void = mysql_query($sql,$link) or die($sql."  ".mysql_error());

 

And see / post the actual sql.

 

All the best

 

Keith

[bigbenbuilders]

now I get this

 

UPDATE members SET firstname = 'fred', middlename = 'Paul', lastname = 'Ricketts', phone = '(260) 459-2459', email = 'a@uavmedia.com' WHERE member_id = You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

[merck_delmoro]

go to this link and try to study php script and learn how to connect it to your database

 

http://www.w3schools.com/php/default.asp

[kickstart]

Hi

 

Looks like you have nothing in $_SESSION['SESS_USER_ID'], hence when you try and assign a column to it you land up with some invalid SQL (ie, it just has WHERE member_id =).

 

All the best

 

Keith

[bigbenbuilders]

isn't this member_id = ".mysql_real_escape_string($_SESSION['SESS_USER_ID' telling it that member_id is string for SESS_USER_ID ?

[kickstart]

Hi

 

No, it is telling it to update the row(s) on which column member_id has a value which is stored in $_SESSION['SESS_USER_ID']. However as $_SESSION['SESS_USER_ID'] hasn't been set up it has no value, and this has rendered the sql invalid (you can't use just where member_id = ).

 

All the best

 

Keith

[bigbenbuilders]

here is the auth file that you had me not include

 

<?php
//Start session
session_start();

//Check whether the session variable SESS_MEMBER_ID is present or not
if(!isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) == '')) {
	header("location: access-denied.php");
	exit();
}
?>

[kickstart]

Hi

 

Afraid I didn't say to remove that. The code I put was to replace the require of config.php (as it contained config.php anyway).

 

All the best

 

Keith

[bigbenbuilders]

my bad misunderstood...put it back in and did check errors and this is what I get

 

Notice: Undefined index: SESS_USER_ID in /hsphere/local/home/member-profile.php on line 57