Jump to content

probleme with update users data

ChristianeGuise

By ChristianeGuise
in PHP Coding Help

Recommended Posts

ChristianeGuise Newbie

ChristianeGuise

Posted
Posted

Bonjour everyone

I created a database for a login site no problem with the registration.php and the login.php for  users BUT i have a problem with the login for administrator concerning the restrictions but the huge problem is my update.php scripts one for users and one for the administrator.

the database is as followed

Table users

username varchar (20)

user_id int (11) primary key auto_increment

pwd varchar (40)

email varchar (50)

admin enum ('N','Y') default N

level_access int (1)

created timestamp

 

all not null

then here is the update script for the administrator

where I got the error

Data truncated for column 'admin' at row 1

 

<?php require_once('../Connections/ichingQuery.php'); ?>
<?php
if (!isset($_SESSION)) {
  session_start();
}
$MM_authorizedUsers = 'username';
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $Username, $UserGroup) { 
  // For security, start by assuming the visitor is NOT authorized. 
  $isValid = False; 

  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 
  // Therefore, we know that a user is NOT logged in if that Session variable is blank. 
  if (!empty($Username)) { 
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 
    // Parse the strings into arrays. 
    $arrUsers = Explode(",", $strUsers); 
    $arrGroups = Explode(",", $strGroups); 
    if (in_array($Username, $arrUsers)) { 
      $isValid = true; 
    } 
    // Or, you may restrict access to only certain users based on their username. 
    if (in_array($UserGroup, $arrGroups)) { 
      $isValid = true; 
    } 
    if (($strUsers == "") && true) { 
      $isValid = true; 
    } 
  } 
  return $isValid; 
}

$MM_restrictGoTo = "memberVisitor.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   
  $MM_qsChar = "?";
  $MM_referrer = $_SERVER['PHP_SELF'];
  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
  if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) 
  $MM_referrer .= "?" . $QUERY_STRING;
  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
  header("Location: ". $MM_restrictGoTo); 
  exit;
}
?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

$name = $_SESSION['MM_Username'];
mysql_select_db($database_ichingQuery, $ichingQuery);


$colname_getUser = "-1";
if (isset($_GET['user_id'])) {
  $colname_getUser = (get_magic_quotes_gpc()) ? $_GET['user_id'] : addslashes($_GET['user_id']);
}
mysql_select_db($database_ichingQuery, $ichingQuery);

$query_getUser = sprintf("SELECT username FROM users WHERE user_id = '$colname_getUser'");
$getUser = mysql_query($query_getUser, $ichingQuery) or die(mysql_error());
$row_getUser = mysql_fetch_assoc($getUser);
$totalRows_getUser = mysql_num_rows($getUser);

// Validate form input
$MM_flag="MM_update";
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "updateUser")) {

$updateSQL = sprintf("UPDATE users SET admin=%s WHERE user_id= '$colname_getUser'",
                       GetSQLValueString($_POST['username'], "text"),
                       GetSQLValueString($_POST['admin'], "text"),
                       GetSQLValueString($_POST['user_id'], "int"));


  mysql_select_db($database_ichingQuery, $ichingQuery);
  $Result1 = mysql_query($updateSQL, $ichingQuery) or die(mysql_error());
echo "Hello from Christiane";
  $updateGoTo = "userList.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
    $updateGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $updateGoTo));
}
?>
<h1>Update Users' Details </h1>
<?php
if ($error) {
  echo '<ul>';
  foreach ($error as $alert) {
    echo "<li class='warning'>$alert</li>\n";
    }
  echo '</ul>';
  // remove escape characters from POST array
if (get_magic_quotes_gpc()) {
  function stripslashes_deep($value) {
    $value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value);
    return $value;
    }
  $_POST = array_map('stripslashes_deep', $_POST);
  }
  } 
  ?>
<form action="<?php echo $editFormAction; ?>" id="updateUser" method="POST" name="updateUser">

	 <div align="center">
        <label for="username"><b>UserName:</b><br />
    </label>
    <input value="<?php if (isset($_POST['username'])) {
echo $_POST['username'];} else {
echo $row_getUser['username'];} ?>" type="text" size="40" name="username" id="username" />
  <br />
   <label for="access"><b>Access Level:</b><br />
    </label>
    <input value="<?php if (isset($_POST['level_access'])) {
echo $_POST['level_access'];} else {
echo $row_getUser['level_access'];} ?>" type="text" size="10" name="access" id="access" />
  <br />
  <br /><span class="radioLabel"><b>Administrator: </b>    </span>
      <input <?php if (!$_POST && !(strcmp($row_getUser['admin'],"Y"))) {echo "checked=\"checked\"";} elseif ($_POST && !(strcmp($_POST['admin'], "y"))) {echo "checked=\"checked\"";} ?> name="type" type="radio" value="Y" id="adm" />
    <label for="adm">Yes</label>
  <input <?php if (!$_POST && !(strcmp($row_getUser['admin'],"N"))) {echo "checked=\checked\""; }
elseif ($_POST && !(strcmp($_POST['admin'],"N"))) {echo "checked=\checked\"";} ?> name="type" type="radio" id="noAdm" value="N" />
    <label for="noAdm">No</label>
<br /><br />

    <input name="update" type="submit" id="update" value="Update Details" />
<input name="userID" type="hidden" id="userID" value="<?php echo $row_getUser['userID']; ?>" />
  </div>
	 <input type="hidden" name="MM_update" value="updateUser">

        </form>
<?php
mysql_free_result($getUser);
?>

please help

merci

Link to comment
https://forums.phpfreaks.com/topic/202336-probleme-with-update-users-data/
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.