lee2010 Posted October 19, 2010 Share Posted October 19, 2010 Hi everyone, i'm pretty new to php and i'm having a little trouble getting one of my forms to work. The form is a profile and I want the users data saved into a .XML document. (in this case a file named after there username in the "usersprofile" directory containing this information). here is my php code in my header: <?php session_start(); if(!file_exists('users/' . $_SESSION['username'] . '.xml')){ header('Location: login.php'); die; } if(isset($_POST['update'])){ $realname = $_POST['realname']); $location = $_POST['location']; $mobnumber = $_POST['mobnumber']; $instmsg = $_POST['instmsg']; $xml = new SimpleXMLElement('<user></user>'); $xml->addChild('realname', $realname); $xml->addChild('location', $location); $xml->addChild('mobnumber', $mobnumber); $xml->addChild('instmsg', $instmsg); $xml->asXML('usersprofile/' . $username . '.xml'); header('Location: success.php'); die; } } ?> and here is my html for the form itself <h1>Edit Profile</h1> <p>Username: <?php echo $_SESSION['username']; ?></p> <p>Current email: <?php echo $_SESSION['email']; ?></p> //Doesn't Work <form method="post" action=""> //Doesn't need an action as this is sorted in the header <p>Real Name: <input type="text" name="rname" /></p> <p>Location: <input type="text" name="location" /></p> <p>Mobile Number: <input type="text" name="mobnumber" /></p> <p>Instant Mesenger: <input type="text" name="instmsg" /></p> <p><input type="submit" name="update" value="Update Profile" /></p> </form> I can't even view the page as i get a 500 Internal Server Error when trying to access this page. Im not sure what im doing wrong and any help would be really appreciated Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted October 19, 2010 Share Posted October 19, 2010 500 Internal Server Error may mean the file permissions are wrong. chmod to 755 Quote Link to comment Share on other sites More sharing options...
harkly Posted October 19, 2010 Share Posted October 19, 2010 Also, you have a few extra characters in your code, an extra ) & } I removed them <?php session_start(); if(!file_exists('users/' . $_SESSION['username'] . '.xml')){ header('Location: login.php'); die; } if(isset($_POST['update'])){ $realname = $_POST['realname']; $location = $_POST['location']; $mobnumber = $_POST['mobnumber']; $instmsg = $_POST['instmsg']; $xml = new SimpleXMLElement('<user></user>'); $xml->addChild('realname', $realname); $xml->addChild('location', $location); $xml->addChild('mobnumber', $mobnumber); $xml->addChild('instmsg', $instmsg); $xml->asXML('usersprofile/' . $username . '.xml'); header('Location: success.php'); die; } ?> Quote Link to comment Share on other sites More sharing options...
lee2010 Posted October 19, 2010 Author Share Posted October 19, 2010 Thanks a lot for your replies! I have it working fine now I have one more question if you guys would be good enough to help. My edit profile page allows users to edit there details shown in my first post but is it possible for there existing data they have input there to be shown should they wish to come back in the future and edit it. For example if they changed there real name to Lee and saved it, then went back to the edit profile page all of the fields are currently blank, I would like the Real name field to show Lee in this case. I've been looking at the GET command but as my users details are saved in a .XML document I'm getting confused how that would be written. Any help would be greatly appreciated Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted October 19, 2010 Share Posted October 19, 2010 Is there a requirement to store data in an XML file? If not, use a database and output XML if/when necessary. Wherever you store the info, file or database, you have to retrieve that data to fill the user's profile form. I much rather pull data from a database and update the database, than parse XML and then update XML. Quote Link to comment Share on other sites More sharing options...
lee2010 Posted October 19, 2010 Author Share Posted October 19, 2010 Thanks for your reply, There is no requirement, however as I'm fairly new to PHP I assumed using a .XML to save data would be easier (I'm probably wrong here), if I'm wrong and using a MySQL database would be easier then I would happily alter my code to use that approach. Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted October 19, 2010 Share Posted October 19, 2010 I would say in most cases using a database to store and retrieve data would be better (easier/faster) than storing the data in any format of flat file, XML or other. The exceptions might be in cases where the database is very small and/or the data rarely changes. Quote Link to comment Share on other sites More sharing options...
lee2010 Posted October 19, 2010 Author Share Posted October 19, 2010 I'm in the process of transferring to a MySQL database and everything was working fine and now its suddenly stopped and I've lost me temper with it for tonight My form validation has stopped working out of the blue and my database has stopped receiving certain fields from the registration form (e.g. the user name and email fields remain blank) when users submit there registration, only the password is hashed and stored : / There's a lot of code to look through and I have no idea where the issue is, argh it's so frustrating! Quote Link to comment Share on other sites More sharing options...
lee2010 Posted October 19, 2010 Author Share Posted October 19, 2010 Is anyone able to spot my error from these two sections of code In the header: <script language="JavaScript" type="text/javascript"> <!-- function checkform ( form ) { // ** START ** if (form.username.value == "") { alert( "Please enter a username." ); form.username.focus(); return false ; } // ** END ** // ** START ** if (form.email.value == "") { alert( "Please enter your email address." ); form.email.focus(); return false ; } // ** END ** // ** START ** if (form.password.value == "") { alert( "Please enter a password." ); form.password.focus(); return false ; } // ** END ** // ** START ** if (form.c_password.value == "") { alert( "Please confirm your password." ); form.c_confirm.focus(); return false ; } // ** END ** // ** START ** if (form.password.value != (form.c_password.value) { alert( "Passwords do not match" ); form.password.focus(); return false ; } // ** END ** return true ; } //--> </script> In the content: <h1>Register</h1> <form id="register" method="post" action="process_r.php" onsubmit="return checkform(this);"> <p>Username <input type="text" id="username" size="20" /></p> <p>Email <input type="text" id="email" size="20" /></p> <p>Password <input type="password" id="password" size="20" /></p> <p>Confirm Password <input type="password" id="c_password" size="20" /></p> <p><input type="submit" name="register" value="Register" /></p> </form> And here's my process_r which the registration posts to: <?PHP //Database Information $dbhost = "localhost"; $dbname = "database"; $dbuser = "database"; $dbpass = "password"; //Connect to database mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error()); mysql_select_db($dbname) or die(mysql_error()); $username = $_POST['username']; $email = $_POST['email']; $password = md5($_POST['password']; $c_password = md5($_POST['c_password']); // check for existing username $checkuser = mysql_query("SELECT username FROM users WHERE username='$username'"); $username_exist = mysql_num_rows($checkuser); if($username_exist > 0){ echo "I'm sorry but the username you specified has already been taken. Please pick another one."; unset($username); include 'register.php'; exit(); } // lf no errors // Query to insert the data into the database. $query = "INSERT INTO users (username, email, password) VALUES('$username', '$email', '$password')"; mysql_query($query) or die(mysql_error()); mysql_close(); echo "You have successfully Registered"; ?> Currently only the password is making it to the database and the form validation isn't working. Any help would be massively appreciated Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted October 19, 2010 Share Posted October 19, 2010 Nothing is actually making it to the database because none of your form fields have a name= attribute. What you're seeing in the password field is an md5 hash of an empty string. If you were to put the following code a the top of the process_r.php script, you'd see that the only value making it into the $_POST array will be that of the submit button. echo '<pre>'; print_r($_POST); echo '</pre>'; Quote Link to comment Share on other sites More sharing options...
lee2010 Posted October 19, 2010 Author Share Posted October 19, 2010 Ah yes, I got confused between the ID tag and the name tag which explains why it suddenly stopped working as I changed it from Name to ID for some reason. I also have the validation working as well as this little bugger was causing the problems: // ** START ** if (form.password.value != (form.c_password.value) { alert( "Passwords do not match" ); form.password.focus(); return false ; } // ** END ** Need to do a check to see if these passwords match and I gather this isn't the way to do it as it stopped the validation working! Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted October 19, 2010 Share Posted October 19, 2010 Javascript != validation. You need to be using server-side validation. Javascript is purely for user convenience. And frankly, many people find it more annoying than convenient, especially with alert()s popping up. Quote Link to comment Share on other sites More sharing options...
lee2010 Posted October 19, 2010 Author Share Posted October 19, 2010 I've just read into this and I'm going to add server side validation as well and possibly change the alert pop-ups to text based errors, less annoying as you said Quote Link to comment Share on other sites More sharing options...
lee2010 Posted October 20, 2010 Author Share Posted October 20, 2010 I'm having trouble with my login script, when i enter my login details i get this error Parse error: syntax error, unexpected T_STRING in C:\xampp\htdocs\process_l.php on line 19 Here is my process_l.php <?php //Database Information $dbhost = "localhost"; $dbname = "database"; $dbuser = "database"; $dbpass = "password"; //Connect to database mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error()); mysql_select_db($dbname) or die(mysql_error()); session_start(); $username = $_POST[‘username’]; $password = md5($_POST[‘password’]); $query = “select * from users where username=’$username’ and password=’$password’”; $result = mysql_query($query); if (mysql_num_rows($result) != 1) { $error = “Bad Login”; include “login.php”; } else { $_SESSION[‘username’] = “$username”; include “account.php”; } ?> Can anyone see the problem? Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted October 20, 2010 Share Posted October 20, 2010 You're using the wrong quotes, both single and double. Those are curly quotes, but you need to be using standard, normal straight quotes. Quote Link to comment Share on other sites More sharing options...
lee2010 Posted October 20, 2010 Author Share Posted October 20, 2010 Ah yes I have it working now (again lol)! I now have the ability for users to register and login with a username and password, once logged in they have a profile which I want them to fill in, e.g. name, mobile number, location etc, i have the form which does this all set up but when they return to the profile page all of the fields are blank, here's my table html <form method="post" action=""> //Left action blank for the moment while I get the rest of my code working <p>Real Name: <input type="text" name="real_name" /></p> <p>Location: <input type="text" name="location" /></p> <p>Mobile Number: <input type="text" name="mobile_number" /></p> <p>Instant Mesenger: <input type="text" name="instant_messaging" /></p> <p><input type="submit" name="update" value="Update Profile" /></p> </form> If anyone could let me know the code to pull data from the database that would be great, I've been looking at value="<?PHP print $real_name;?>" But I'm not sure if that's the correct way of doing it Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.