$Three3 Posted February 6, 2010 Share Posted February 6, 2010 Hey I am stuck on this code. I cannot seem to figure out why this is not working. I have been on it for a couple of hours now and I just need a pair of fresh eyes to look at this. Here is the code: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>Update Your Information</title> </head> <body> <?php //Check to see if form has been submitted if (isset($_POST['submiited'])) { //Intialize errors array $errors = array() ; //Validate all information received if (empty($_POST['first_name'])) { $errors[] = '<p>You must enter a first name.</p>' ; } else { $fn = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['first_name']))) ; } if (empty($_POST['last_name'])) { $errors[] = '<p>You must enter a last name.</p>' ; } else { $ln = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['last_name']))) ; } if (empty($_POST['email'])) { $errors[] = '<p>You must enter an email.</p>' ; } else { $email = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['email']))) ; } if (empty($_POST['current_password'])) { $errors[] = '<p>You must enter your current password.</p>' ; } else { $current_password = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['current_password']))) ; } if (!empty($_POST['pass1'])) { if ($_POST['pass1'] != $_POST['pass2']) { $errors[] = '<p>Your new password does not match the confirm new password. Please try again.</p>' ; } else { $pass = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['pass1']))) ; } } else { $errors[] = '<p>You must enter a new password.</p>' ; } //Check to see if there were any errors if (empty($errors)) { //Connect to the database if ($dbc = mysqli_connect('localhost', 'root', 'Sophia211', 'sitename')) { //Create the query for getting the user_id $query = "SELECT user_id FROM users WHERE email = '$email' AND pass = SHA1('$current_password')" ; $result = mysqli_query($dbc, $query) ; if ($result) { $row = mysqli_fetch_array($result, MYSQLI_NUM) ; //Create the UPDATE query $query = "UPDATE users SET first_name = '$fn', last_name = '$ln', email = '$email', pass = '$pass' WHERE user_id = '$row[0]' LIMIT 1" ; $result = mysqli_query($dbc, $query) ; if (mysqli_affected_rows($dbc) == 1) { //The users information has succesfully been updated echo '<p>Thank You! You have successfully updated your personal information.</p>' ; } else { echo '<p><font color ="FF0000">There was an error with the update. Please try again.</font></p>' ; } } else { echo '<p><font color ="FF0000">There was an error validating your information. Please try again.</font></p>' ; } } else { echo '<p><font color ="FF0000">There was an error connection to the database. Please contact the system adminastrator.</font></p>' ; } } else { //There were errors with the validation checks echo '<p><font color ="FF0000">The following errors have occurred:</font></p><br />' ; foreach ($errors as $message) { echo '-<b> $message</b><br />' ; } } } //End of IF SUBMITTED //Display the form echo '<form action="update2.php" method="post"> <p>First Name: <input name="first_name" type="text" size="20" maxlength="20" /></p> <p>Last Name: <input name="last_name" type="text" size="20" maxlength="20" /></p> <p>Email: <input name="email" type="text" size="30" maxlength="80" /></p> <p>Current Password: <input name="current_password" type="password" size="20" maxlength="20" /></p> <p>New Password: <input name="pass1" type="password" size="20" maxlength="20" /></p> <p>Confrim New Password: <input name="pass2" type="password" size="20" maxlength="20" /></p> <p><input name="submit" type="submit" value="Update" /></p> <input name="submitted" type="hidden" value="true" /> </form>' ; ?> </body> </html> When I click on submit it gives me no errors whatsoever and displays the form again. If I click on the submit button with no information in the text boxes it is not giving me any errors that it is supposed to be. I have made plenty of these kind of scripts before but I have no idea why this one is not working. I really appreciate the help on this. Thanks in advance for the help. Link to comment https://forums.phpfreaks.com/topic/191201-need-help-with-this-simple-problem/ Share on other sites More sharing options...
tmh766 Posted February 6, 2010 Share Posted February 6, 2010 submiited is spelled wrong if (isset($_POST['submiited'])) { Link to comment https://forums.phpfreaks.com/topic/191201-need-help-with-this-simple-problem/#findComment-1008113 Share on other sites More sharing options...
$Three3 Posted February 7, 2010 Author Share Posted February 7, 2010 Awesome thanks a lot man. That worked perfectly. Now I have one more problem though. When this page loads you get the html form. When I am testing it the first time for example with the following values: First Name: John Last Name: Smith Email: [email protected] Current Password: 1234 New Password: 123456 Confirm New: 123456 Everything works perfectly and I get the message saying everything has worked successfully. But when I put the exact same values in again but just change the passwords around like: First Name: John Last Name: Smith Email: [email protected] Current Password: 123456 New Password: 1234 Confirm New: 1234 It gives me an error saying "There was an error with the update. Please try again." Any help on this is greatly appreciated. Here is the PHP code again: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>Update Your Information</title> </head> <body> <?php //Check to see if form has been submitted if (isset($_POST['submitted'])) { //Connect to the database if (!$dbc = mysqli_connect('localhost', 'root', 'Sophia211', 'sitename')) { echo '<p><font color ="FF0000">There was an error connection to the database. Please contact the system adminastrator.</font></p>' ; } //Intialize errors array $errors = array() ; //Validate all information received if (empty($_POST['first_name'])) { $errors[] = 'You must enter a first name.' ; } else { $fn = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['first_name']))) ; } if (empty($_POST['last_name'])) { $errors[] = 'You must enter a last name.' ; } else { $ln = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['last_name']))) ; } if (empty($_POST['email'])) { $errors[] = 'You must enter an email.' ; } else { $email = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['email']))) ; } if (empty($_POST['current_password'])) { $errors[] = 'You must enter your current password.' ; } else { $current_password = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['current_password']))) ; } if (!empty($_POST['pass1'])) { if ($_POST['pass1'] != $_POST['pass2']) { $errors[] = 'Your new password does not match the confirm new password. Please try again.' ; } else { $pass = mysqli_real_escape_string($dbc, trim(strip_tags($_POST['pass1']))) ; } } else { $errors[] = 'You must enter a new password.' ; } //Check to see if there were any errors if (empty($errors)) { //Create the query for getting the user_id $query = "SELECT user_id FROM users WHERE email = '$email' AND pass = SHA1('$current_password')" ; $result = mysqli_query($dbc, $query) ; if ($result) { $row = mysqli_fetch_array($result, MYSQLI_NUM) ; //Create the UPDATE query $query = "UPDATE users SET first_name = '$fn', last_name = '$ln', email = '$email', pass = '$pass' WHERE user_id = '$row[0]' LIMIT 1" ; $result = mysqli_query($dbc, $query) ; if (mysqli_affected_rows($dbc) == 1) { //The users information has succesfully been updated echo '<p>Thank You! You have successfully updated your personal information.</p>' ; } else { echo '<p><font color ="FF0000">There was an error with the update. Please try again.</font></p>' ; } } else { echo '<p><font color ="FF0000">There was an error validating your information. Please try again.</font></p>' ; } } else { //There were errors with the validation checks echo '<p><font color ="FF0000"><b>The following errors have occurred:</b></font></p>' ; foreach ($errors as $message) { echo "- <b>$message</b><br />" ; } } } //End of IF SUBMITTED //Display the form echo '<form action="update2.php" method="post"> <p>First Name: <input name="first_name" type="text" size="20" maxlength="20" /></p> <p>Last Name: <input name="last_name" type="text" size="20" maxlength="20" /></p> <p>Email: <input name="email" type="text" size="30" maxlength="80" /></p> <p>Current Password: <input name="current_password" type="password" size="20" maxlength="20" /></p> <p>New Password: <input name="pass1" type="password" size="20" maxlength="20" /></p> <p>Confirm New Password: <input name="pass2" type="password" size="20" maxlength="20" /></p> <p><input name="submit" type="submit" value="Update" /></p> <input name="submitted" type="hidden" value="true" /> </form>' ; ?> </body> </html> Link to comment https://forums.phpfreaks.com/topic/191201-need-help-with-this-simple-problem/#findComment-1008365 Share on other sites More sharing options...
$Three3 Posted February 7, 2010 Author Share Posted February 7, 2010 Never mind figured it out. When updating the database I was forgetting to apply the SHA1 function to the new password. Works great now. Link to comment https://forums.phpfreaks.com/topic/191201-need-help-with-this-simple-problem/#findComment-1008371 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.