bigbenbuilders Posted August 18, 2009 Share Posted August 18, 2009 This form is to edit their profile but when submitted it does not change the information in the database? <?php require_once('auth.php'); if ($_REQUEST['Save']) { $error = false; if ($_REQUEST['SESS_FIRST_NAME'] == '') { $error = true; } if ($_REQUEST['SESS_MIDDLE_NAME'] == '') { $error = true; } if ($_REQUEST['SESS_LAST_NAME'] == '') { $error = true; } if ($_REQUEST['SESS_PHONE_NAME'] == '') { $error = true; } if ($_REQUEST['SESS_EMAIL_NAME'] == '') { $error = true; } if (!$error) { $_SESSION['SESS_FIRST_NAME'] = $_REQUEST['SESS_FIRST_NAME']; $_SESSION['SESS_MIDDLE_NAME'] = $_REQUEST['SESS_MIDDLE_NAME']; $_SESSION['SESS_LAST_NAME'] = $_REQUEST['SESS_LAST_NAME']; $_SESSION['SESS_PHONE_NAME'] = $_REQUEST['SESS_PHONE_NAME']; $_SESSION['SESS_EMAIL_NAME'] = $_REQUEST['SESS_EMAIL_NAME']; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Member Index</title> <link href="loginmodule.css" rel="stylesheet" type="text/css" /> </head> <body> <h1>Welcome <?php echo $_SESSION['SESS_FIRST_NAME'];?></h1> <a href="member-index.php">Home</a> | <a href="logout.php">Logout</a> <form> <p><input type='text' name='SESS_FIRST_NAME' value='<?php echo $_SESSION['SESS_FIRST_NAME'];?>' /> <input type='text' name='SESS_MIDDLE_NAME' value='<?php echo $_SESSION['SESS_MIDDLE_NAME'];?>' /> <input type='text' name='SESS_LAST_NAME' value='<?php echo $_SESSION['SESS_LAST_NAME'];?>' /> </p> <p><input type='text' name='SESS_PHONE_NAME' value='<?php echo $_SESSION['SESS_PHONE_NAME'];?>' /></p> <p><input type='text' name='SESS_EMAIL_NAME' value='<?php echo $_SESSION['SESS_EMAIL_NAME'];?>' /></p> <input type='submit' name='Save' value='Save' /> </form> </body> </html> Quote Link to comment Share on other sites More sharing options...
play_ Posted August 18, 2009 Share Posted August 18, 2009 Where is the query to update the database? Quote Link to comment Share on other sites More sharing options...
kickstart Posted August 18, 2009 Share Posted August 18, 2009 Hi I wrote that to merely update the session fields for you, but nothing in the original post mentioned saving it to a database. It would be quite easy to expand it to, but quite a bit more info would be needed such as the table they are stored on, the column names, they key field (as you do not want people to update this normally), etc. You would want something like (based on guessed tables names, column names and connection):- if (!$error) { $_SESSION['SESS_FIRST_NAME'] = $_REQUEST['SESS_FIRST_NAME']; $_SESSION['SESS_MIDDLE_NAME'] = $_REQUEST['SESS_MIDDLE_NAME']; $_SESSION['SESS_LAST_NAME'] = $_REQUEST['SESS_LAST_NAME']; $_SESSION['SESS_PHONE_NAME'] = $_REQUEST['SESS_PHONE_NAME']; $_SESSION['SESS_EMAIL_NAME'] = $_REQUEST['SESS_EMAIL_NAME']; $sql = "UPDATE UsersTable SET FirstName = '".mysql_real_escape_string($_SESSION['SESS_FIRST_NAME'])."', MiddleName = '".mysql_real_escape_string($_SESSION['SESS_MIDDLE_NAME'])."', LastName = '".mysql_real_escape_string($_SESSION['SESS_LAST_NAME'])."', PhoneName = '".mysql_real_escape_string($_SESSION['SESS_PHONE_NAME'])."', EmailName = '".mysql_real_escape_string($_SESSION['SESS_EMAIL_NAME'])."' WHERE id = ".mysql_real_escape_string($_SESSION['SESS_USER_ID']).""; $void = mysql_query($sql,$conn) or die(mysql_error()); } All the best Keith Quote Link to comment Share on other sites More sharing options...
bigbenbuilders Posted August 18, 2009 Author Share Posted August 18, 2009 now I get this error Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) Quote Link to comment Share on other sites More sharing options...
play_ Posted August 18, 2009 Share Posted August 18, 2009 Is there even a database setup? Quote Link to comment Share on other sites More sharing options...
bigbenbuilders Posted August 24, 2009 Author Share Posted August 24, 2009 here is the config.php file and it connects to the database on the registration sign in etc... <?php define('DB_HOST', ''); define('DB_USER', ''); define('DB_PASSWORD', ''); define('DB_DATABASE', ''); ?> Quote Link to comment Share on other sites More sharing options...
bigbenbuilders Posted August 24, 2009 Author Share Posted August 24, 2009 Here is the complete code that I have now <?php require_once('auth.php'); require_once('config.php'); if ($_REQUEST['Save']) { $error = false; if ($_REQUEST['SESS_FIRST_NAME'] == '') { $error = true; } if ($_REQUEST['SESS_MIDDLE_NAME'] == '') { $error = true; } if ($_REQUEST['SESS_LAST_NAME'] == '') { $error = true; } if ($_REQUEST['SESS_PHONE_NAME'] == '') { $error = true; } if ($_REQUEST['SESS_EMAIL_NAME'] == '') { $error = true; } if (!$error) { $_SESSION['SESS_FIRST_NAME'] = $_REQUEST['SESS_FIRST_NAME']; $_SESSION['SESS_MIDDLE_NAME'] = $_REQUEST['SESS_MIDDLE_NAME']; $_SESSION['SESS_LAST_NAME'] = $_REQUEST['SESS_LAST_NAME']; $_SESSION['SESS_PHONE_NAME'] = $_REQUEST['SESS_PHONE_NAME']; $_SESSION['SESS_EMAIL_NAME'] = $_REQUEST['SESS_EMAIL_NAME']; $sql = "UPDATE members SET firstname = '".mysql_real_escape_string($_SESSION['SESS_FIRST_NAME'])."', middlename = '".mysql_real_escape_string($_SESSION['SESS_MIDDLE_NAME'])."', lastname = '".mysql_real_escape_string($_SESSION['SESS_LAST_NAME'])."', phone = '".mysql_real_escape_string($_SESSION['SESS_PHONE_NAME'])."', email = '".mysql_real_escape_string($_SESSION['SESS_EMAIL_NAME'])."' WHERE member_id = ".mysql_real_escape_string($_SESSION['SESS_USER_ID']).""; $void = mysql_query($sql,$conn) or die(mysql_error()); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Member Index</title> <link href="loginmodule.css" rel="stylesheet" type="text/css" /> </head> <body> <h1>Welcome <?php echo $_SESSION['SESS_FIRST_NAME'];?></h1> <a href="member-index.php">Home</a> | <a href="logout.php">Logout</a> <form> <p><input type='text' name='SESS_FIRST_NAME' value='<?php echo $_SESSION['SESS_FIRST_NAME'];?>' /> <input type='text' name='SESS_MIDDLE_NAME' value='<?php echo $_SESSION['SESS_MIDDLE_NAME'];?>' /> <input type='text' name='SESS_LAST_NAME' value='<?php echo $_SESSION['SESS_LAST_NAME'];?>' /> </p> <p><input type='text' name='SESS_PHONE_NAME' value='<?php echo $_SESSION['SESS_PHONE_NAME'];?>' /></p> <p><input type='text' name='SESS_EMAIL_NAME' value='<?php echo $_SESSION['SESS_EMAIL_NAME'];?>' /></p> <input type='submit' name='Save' value='Save' /> </form> </body> </html> Quote Link to comment Share on other sites More sharing options...
bigbenbuilders Posted August 24, 2009 Author Share Posted August 24, 2009 any ideas guys as I am a newbie and strugling Quote Link to comment Share on other sites More sharing options...
TeNDoLLA Posted August 24, 2009 Share Posted August 24, 2009 I don't think your database server is running at all. Quote Link to comment Share on other sites More sharing options...
bigbenbuilders Posted August 24, 2009 Author Share Posted August 24, 2009 I am able to use the log in Quote Link to comment Share on other sites More sharing options...
bigbenbuilders Posted August 24, 2009 Author Share Posted August 24, 2009 and the register? Quote Link to comment Share on other sites More sharing options...
bigbenbuilders Posted August 24, 2009 Author Share Posted August 24, 2009 it displays the information? Just wont update the database? please help Quote Link to comment Share on other sites More sharing options...
kickstart Posted August 24, 2009 Share Posted August 24, 2009 Hi Is "$conn" set up as the connection? All the best Keith Quote Link to comment Share on other sites More sharing options...
bigbenbuilders Posted August 24, 2009 Author Share Posted August 24, 2009 here is the registration-exe if this helps...please remember that I am new at this...this does work.. <?php //Start session session_start(); //Include database connection details require_once('config.php'); //Array to store validation errors $errmsg_arr = array(); //Validation error flag $errflag = false; //Connect to mysql server $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } //Select database $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } //Function to sanitize values received from the form. Prevents SQL injection function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } //Sanitize the POST values $fname = clean($_POST['fname']); $mname = clean($_POST['mname']); $lname = clean($_POST['lname']); $phone = clean($_POST['phone']); $email = clean($_POST['email']); $emailconfirm = clean($_POST['emailconfirm']); $login = clean($_POST['login']); $password = clean($_POST['password']); $cpassword = clean($_POST['cpassword']); //Input Validations if($fname == '') { $errmsg_arr[] = 'First name missing'; $errflag = true; } if($lname == '') { $errmsg_arr[] = 'Last name missing'; $errflag = true; } if($email == '') { $errmsg_arr[] = 'Email missing'; $errflag = true; } if($emailconfirm == '') { $errmsg_arr[] = 'Confirm Email missing'; $errflag = true; } if($login == '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'Password missing'; $errflag = true; } if($cpassword == '') { $errmsg_arr[] = 'Confirm password missing'; $errflag = true; } if( strcmp($password, $cpassword) != 0 ) { $errmsg_arr[] = 'Passwords do not match'; $errflag = true; } if( strcmp($email, $emailconfirm) != 0 ) { $errmsg_arr[] = 'Emails do not match'; $errflag = true; } //Check for duplicate login ID if($login != '') { $qry = "SELECT * FROM members WHERE login='$login'"; $result = mysql_query($qry); if($result) { if(mysql_num_rows($result) > 0) { $errmsg_arr[] = 'Login ID already in use'; $errflag = true; } @mysql_free_result($result); } else { die("Query failed"); } } //If there are input validations, redirect back to the registration form if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: register-form.php"); exit(); } //Create INSERT query $qry = "INSERT INTO members(firstname, middlename, lastname, phone, email, login, passwd) VALUES('$fname','$mname','$lname','$phone','$email','$login','".md5($_POST['password'])."')"; $result = @mysql_query($qry); //Check whether the query was successful or not if($result) { header("location: register-success.php"); exit(); }else { die("Query failed"); } ?> Quote Link to comment Share on other sites More sharing options...
kickstart Posted August 24, 2009 Share Posted August 24, 2009 Hi You are probably no connecting to the database. Copy this (from the working script) to the top of the non working script to replace require_once('config.php');:- //Start session session_start(); //Include database connection details require_once('config.php'); //Array to store validation errors $errmsg_arr = array(); //Validation error flag $errflag = false; //Connect to mysql server $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } //Select database $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } Change:- $void = mysql_query($sql,$conn) or die(mysql_error()); to $void = mysql_query($sql,$link) or die(mysql_error()); All the best Keith Quote Link to comment Share on other sites More sharing options...
bigbenbuilders Posted August 24, 2009 Author Share Posted August 24, 2009 okay here is what I get You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 here is the code <?php //Start session session_start(); //Include database connection details require_once('config.php'); //Array to store validation errors $errmsg_arr = array(); //Validation error flag $errflag = false; //Connect to mysql server $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } //Select database $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } if ($_REQUEST['Save']) { $error = false; if ($_REQUEST['SESS_FIRST_NAME'] == '') { $error = true; } if ($_REQUEST['SESS_MIDDLE_NAME'] == '') { $error = true; } if ($_REQUEST['SESS_LAST_NAME'] == '') { $error = true; } if ($_REQUEST['SESS_PHONE_NAME'] == '') { $error = true; } if ($_REQUEST['SESS_EMAIL_NAME'] == '') { $error = true; } if (!$error) { $_SESSION['SESS_FIRST_NAME'] = $_REQUEST['SESS_FIRST_NAME']; $_SESSION['SESS_MIDDLE_NAME'] = $_REQUEST['SESS_MIDDLE_NAME']; $_SESSION['SESS_LAST_NAME'] = $_REQUEST['SESS_LAST_NAME']; $_SESSION['SESS_PHONE_NAME'] = $_REQUEST['SESS_PHONE_NAME']; $_SESSION['SESS_EMAIL_NAME'] = $_REQUEST['SESS_EMAIL_NAME']; $sql = "UPDATE members SET firstname = '".mysql_real_escape_string($_SESSION['SESS_FIRST_NAME'])."', middlename = '".mysql_real_escape_string($_SESSION['SESS_MIDDLE_NAME'])."', lastname = '".mysql_real_escape_string($_SESSION['SESS_LAST_NAME'])."', phone = '".mysql_real_escape_string($_SESSION['SESS_PHONE_NAME'])."', email = '".mysql_real_escape_string($_SESSION['SESS_EMAIL_NAME'])."' WHERE member_id = ".mysql_real_escape_string($_SESSION['SESS_USER_ID']).""; $void = mysql_query($sql,$link) or die(mysql_error()); } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Member Index</title> <link href="loginmodule.css" rel="stylesheet" type="text/css" /> </head> <body> <h1>Welcome <?php echo $_SESSION['SESS_FIRST_NAME'];?></h1> <a href="member-index.php">Home</a> | <a href="logout.php">Logout</a> <form> <p><input type='text' name='SESS_FIRST_NAME' value='<?php echo $_SESSION['SESS_FIRST_NAME'];?>' /> <input type='text' name='SESS_MIDDLE_NAME' value='<?php echo $_SESSION['SESS_MIDDLE_NAME'];?>' /> <input type='text' name='SESS_LAST_NAME' value='<?php echo $_SESSION['SESS_LAST_NAME'];?>' /> </p> <p><input type='text' name='SESS_PHONE_NAME' value='<?php echo $_SESSION['SESS_PHONE_NAME'];?>' /></p> <p><input type='text' name='SESS_EMAIL_NAME' value='<?php echo $_SESSION['SESS_EMAIL_NAME'];?>' /></p> <input type='submit' name='Save' value='Save' /> </form> </body> </html> Quote Link to comment Share on other sites More sharing options...
kickstart Posted August 24, 2009 Share Posted August 24, 2009 Hi Is member_id a numeric field? Change this:- $void = mysql_query($sql,$link) or die(mysql_error()); to this:- $void = mysql_query($sql,$link) or die($sql." ".mysql_error()); And see / post the actual sql. All the best Keith Quote Link to comment Share on other sites More sharing options...
bigbenbuilders Posted August 24, 2009 Author Share Posted August 24, 2009 now I get this UPDATE members SET firstname = 'fred', middlename = 'Paul', lastname = 'Ricketts', phone = '(260) 459-2459', email = 'a@uavmedia.com' WHERE member_id = You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 Quote Link to comment Share on other sites More sharing options...
merck_delmoro Posted August 24, 2009 Share Posted August 24, 2009 go to this link and try to study php script and learn how to connect it to your database http://www.w3schools.com/php/default.asp Quote Link to comment Share on other sites More sharing options...
kickstart Posted August 24, 2009 Share Posted August 24, 2009 Hi Looks like you have nothing in $_SESSION['SESS_USER_ID'], hence when you try and assign a column to it you land up with some invalid SQL (ie, it just has WHERE member_id =). All the best Keith Quote Link to comment Share on other sites More sharing options...
bigbenbuilders Posted August 24, 2009 Author Share Posted August 24, 2009 isn't this member_id = ".mysql_real_escape_string($_SESSION['SESS_USER_ID' telling it that member_id is string for SESS_USER_ID ? Quote Link to comment Share on other sites More sharing options...
kickstart Posted August 24, 2009 Share Posted August 24, 2009 Hi No, it is telling it to update the row(s) on which column member_id has a value which is stored in $_SESSION['SESS_USER_ID']. However as $_SESSION['SESS_USER_ID'] hasn't been set up it has no value, and this has rendered the sql invalid (you can't use just where member_id = ). All the best Keith Quote Link to comment Share on other sites More sharing options...
bigbenbuilders Posted August 24, 2009 Author Share Posted August 24, 2009 here is the auth file that you had me not include <?php //Start session session_start(); //Check whether the session variable SESS_MEMBER_ID is present or not if(!isset($_SESSION['SESS_MEMBER_ID']) || (trim($_SESSION['SESS_MEMBER_ID']) == '')) { header("location: access-denied.php"); exit(); } ?> Quote Link to comment Share on other sites More sharing options...
kickstart Posted August 24, 2009 Share Posted August 24, 2009 Hi Afraid I didn't say to remove that. The code I put was to replace the require of config.php (as it contained config.php anyway). All the best Keith Quote Link to comment Share on other sites More sharing options...
bigbenbuilders Posted August 24, 2009 Author Share Posted August 24, 2009 my bad misunderstood...put it back in and did check errors and this is what I get Notice: Undefined index: SESS_USER_ID in /hsphere/local/home/member-profile.php on line 57 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.