php user edit not updating all fields?

[MSUK1]

when i submit it, the only field that updates is the email field.

 

UserEdit.php file

 

<?
/**
* UserEdit.php
*
* This page is for users to edit their account information
* such as their password, email address, etc. Their
* usernames can not be edited. When changing their
* password, they must first confirm their current password.
*
*/
include("include/session.php");
?>

<html>
<title>Edit Your Details</title>
<link rel="stylesheet" type="text/css" href="../assets/css/styles.css" />
<link rel="stylesheet" type="text/css" href="../assets/css/forms.css" />
<link rel="stylesheet" type="text/css" href="../assets/css/layout.css" />
<link rel="stylesheet" type="text/css" href="../assets/css/style.css" />
<style>
#form6 input{	
	margin:0;	
	width:250px;
	border:1px solid #ddd;		
	padding:3px 5px 3px 25px;
	}		


input{
font:100% Trebuchet MS, Arial, Helvetica, Sans-Serif;
line-height:160%;
color:#FFF;
}				
#form6 input{background:#000;
}
</style>
<body>

<?
/**
* User has submitted form without errors and user's
* account has been edited successfully.
*/
if(isset($_SESSION['useredit'])){
   unset($_SESSION['useredit']);
   
   echo "<h1>User Account Edit Success!</h1>";
   echo "<p><b>$session->username</b>, your account has been successfully updated. "
       ."<a href=\"index.php\">Main</a>.</p>";
}
else{
?>

<?
/**
* If user is not logged in, then do not display anything.
* If user is logged in, then display the form to edit
* account information, with the current email address
* already in the field.
*/
if($session->logged_in){
?>

<h2>User Account Edit : <? echo $session->firstname; ?></h2>
<?
if($form->num_errors > 0){
   echo "<td><font size=\"2\" color=\"#ff0000\">".$form->num_errors." error(s) found</font></td>";
}
?>
<form id="form6" action="process.php" method="POST">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr>
<td>Email:</td>
<td><input type="text" name="email" maxlength="50" value="
<?
if($form->value("email") == ""){
   echo $session->userinfo['email'];
}else{
   echo $form->value("email");
}
?>">
</td>
<td><? echo $form->error("email"); ?></td>
</tr>
<tr>
<td>Phone:</td>
<td><input type="text" name="tel" maxlength="50" value="
<?
if($form->value("tel") == ""){
   echo $session->userinfo['tel'];
}else{
   echo $form->value("tel");
}
?>">
</td>
<td><? echo $form->error("tel"); ?></td>
</tr>
<tr>
<td>Address:</td>
<td>
<input type="text" name="address" maxlength="50" value="
<?
if($form->value("address") == ""){
   echo $session->userinfo['address'];
}else{
   echo $form->value("address");
}
?>" style="height: 138px">
</td>
<td><? echo $form->error("address"); ?></td>
</tr>
<tr>
<td>Company:</td>
<td><input type="text" name="company" maxlength="50" value="
<?
if($form->value("company") == ""){
   echo $session->userinfo['company'];
}else{
   echo $form->value("company");
}
?>">
</td>
<td><? echo $form->error("company"); ?></td>
</tr>
<tr><td colspan="2" align="right">
<input type="hidden" name="subedit" value="1">
<input type="submit" value="Edit Account"></td></tr>
<tr><td colspan="2" align="left"></td></tr>
</table>
</form>

<?
}
}

?>

</body>
</html>

 

sends to session.php

   /**
    * editAccount - Attempts to edit the user's account information
    * including the password, which it first makes sure is correct
    * if entered, if so and the new password is in the right
    * format, the change is made. All other fields are changed
    * automatically.
    */
   function editAccount($subcurpass, $subnewpass, $subemail, $subtel, $subaddress, $subcompany){
      global $database, $form;  //The database and form object

     /* New password entered */
      if($subnewpass){
         /* Current Password error checking */
         $field = "curpass";  //Use field name for current password
         if(!$subcurpass){
            $form->setError($field, "* Current Password not entered");
         }
         else{
            /* Check if password too short or is not alphanumeric */
            $subcurpass = stripslashes($subcurpass);
            if(strlen($subcurpass) < 4 ||
               !eregi("^([0-9a-z])+$", ($subcurpass = trim($subcurpass)))){
               $form->setError($field, "* Current Password incorrect");
            }
            /* Password entered is incorrect */
            if($database->confirmUserPass($this->username,md5($subcurpass)) != 0){
               $form->setError($field, "* Current Password incorrect");
            }
         }
         
         /* New Password error checking */
         $field = "newpass";  //Use field name for new password
         /* Spruce up password and check length*/
         $subpass = stripslashes($subnewpass);
         if(strlen($subnewpass) < 4){
            $form->setError($field, "* New Password too short");
         }
         /* Check if password is not alphanumeric */
         else if(!eregi("^([0-9a-z])+$", ($subnewpass = trim($subnewpass)))){
                     $form->setError($field, "* New Password not alphanumeric");
         }
      }
      /* Change password attempted */
      else if($subcurpass){
         /* New Password error reporting */
         $field = "newpass";  //Use field name for new password
         $form->setError($field, "* New Password not entered");
      }
      
      /* Email error checking */
      $field = "email";  //Use field name for email
      if($subemail && strlen($subemail = trim($subemail)) > 0){
         /* Check if valid email address */
         $regex = "^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*"
                 ."@[a-z0-9-]+(\.[a-z0-9-]{1,})*"
                 ."\.([a-z]{2,}){1}$";
         if(!eregi($regex,$subemail)){
            $form->setError($field, "* Email invalid");
         }
         $subemail = stripslashes($subemail);
      }
      
      /* Errors exist, have user correct them */
      if($form->num_errors > 0){
         return false;  //Errors with form
      }
      
      /* Update password since there were no errors */
      if($subcurpass && $subnewpass){
         $database->updateUserField($this->username,"password",md5($subnewpass));
      }
      
      /* Change Email */
      if($subemail){
         $database->updateUserField($this->username,"email",$subemail);
      }
      /* Change Email */
      if($subtel){
         $database->updateUserField($this->username,"tel",$subtel);
      }
      /* Change Email */
      if($subaddress){
         $database->updateUserField($this->username,"address",$subaddress);
      }
      /* Change Email */
      if($subcompany){
         $database->updateUserField($this->username,"company",$subcompany);
      }
      
      /* Success! */
      return true;
   }

 

sends to database.php

   /**
    * updateUserField - Updates a field, specified by the field
    * parameter, in the user's row of the database.
    */
   function updateUserField($username, $field, $value){
      $q = "UPDATE ".TBL_USERS." SET ".$field." = '$value' WHERE username = '$username'";
      return mysql_query($q, $this->connection);
   }

 

think thats all you should need?

[BlueSkyIS]

i dont' see editAccount() function executed anywhere. are we missing some code?

[MSUK1]

   /**
    * procEditAccount - Attempts to edit the user's account
    * information, including the password, which must be verified
    * before a change is made.
    */
   function procEditAccount(){
      global $session, $form;
      /* Account edit attempt */
      $retval = $session->editAccount($_POST['curpass'], $_POST['newpass'], $_POST['email']);

      /* Account edit successful */
      if($retval){
         $_SESSION['useredit'] = true;
         header("Location: ".$session->referrer);
      }
      /* Error found with form */
      else{
         $_SESSION['value_array'] = $_POST;
         $_SESSION['error_array'] = $form->getErrorArray();
         header("Location: ".$session->referrer);
      }
   }
};

 

sorry, and i think i have found my problem, forgetting to add them all to $_POST['nextfield'] for example?