cadac Posted October 25, 2011 Share Posted October 25, 2011 I am still quite new to php and mysql but i've managed to setup a login system, where a member can register and login to our website. Once they have logged in they can view the secure section of the site and also view their profile. This profile stores the information that relates to the database, ie personal details etc. I am able to retrieve the data using php and display it in a form using the echo commands but I want my members to be able to update their information if necessary. I have tried many solutions to no avail. I have started an update script in which once the form is submitted the data is stored successfully into the database but i don't know how to retrieve that data and display it on the profile page again where they submitted their new information. Hope this all makes sense. Here is my php code: <?php // connect to your MySQL database here require_once "config2.php"; $conn = mysql_connect($dbhost, $dbuser, $dbpass) or die ('Error connecting to mysql'); mysql_select_db($dbname); // the values you want to change to $id = "1"; $fname = $_POST['firstname']; $lname = $_POST['lastname']; $address = $_POST['address']; $address2 = $_POST['address2']; $county = $_POST['county']; $postcode = $_POST['postcode']; $email = $_POST['email']; $telephone = $POST['telephone']; $login = $_POST['login']; // Build sql command to update just one record or "row" $sqlCommand = "UPDATE members SET firstname='$fname', lastname='$lname', address='$address', address2='$address2', county='$county', postcode='$postcode', telephone='$telephone', email='$email', login='$login' WHERE member_id='$id' LIMIT 1"; // Execute the query here now $query = mysql_query($sqlCommand) or die (mysql_error()); // Replace sql command to Select the data now $sqlCommand = "SELECT firstname, lastname, address, address2, county, postcode, email, telephone, login FROM members WHERE member_id='$id' LIMIT 1"; $query = mysql_query($sqlCommand) or die (mysql_error()); ?? ?> I know the code isn't the best thought out but it works, just can't get the information they entered back to the previous form Any help would be great appreciated ) [attachment deleted by admin] Quote Link to comment Share on other sites More sharing options...
cadac Posted October 25, 2011 Author Share Posted October 25, 2011 Oops forgot to put the code in tags! Also forgot to say that the members are stored in a session until the browser closes. Ideally, i'd like for them to update their details on the myprofile.php page without going to another page if that is possible? Thanks Quote Link to comment Share on other sites More sharing options...
Buddski Posted October 25, 2011 Share Posted October 25, 2011 From your code, you will need to reset your session variables with this new information as well as the database.. Quote Link to comment Share on other sites More sharing options...
cadac Posted October 25, 2011 Author Share Posted October 25, 2011 Thanks, how would i got about resetting the session and the database, do I use the session_unset() would i have to declare my values again? - still learning lol Quote Link to comment Share on other sites More sharing options...
Buddski Posted October 25, 2011 Share Posted October 25, 2011 You COULD just do $_SESSION['SESS_FIRST_NAME'] = $fname; // do this for each of the posted elements that need to be reset // After your query has succeeded.. I have also notices that you arent escaping your database inputs, you definitely should mysql_real_escape_string() The last thing you need is somebody attacking your site via SQL Injection. Quote Link to comment Share on other sites More sharing options...
cadac Posted October 25, 2011 Author Share Posted October 25, 2011 I'm trying, think i'm putting the wrong code in. Where should I be putting the session variable? I have attached my login-exec.php file, i've been tweaking the last bit of code and trying to use it for the update? Personally, apart from that no idea how to rectify this.. <?php // connect to your MySQL database here require_once "config2.php"; $conn = mysql_connect($dbhost, $dbuser, $dbpass) or die ('Error connecting to mysql'); mysql_select_db($dbname); // the values you want to change to $id = "1"; $fname = $_POST['firstname']; $lname = $_POST['lastname']; $address = $_POST['address']; $address2 = $_POST['address2']; $county = $_POST['county']; $postcode = $_POST['postcode']; $email = $_POST['email']; $telephone = $POST['telephone']; $login = $_POST['login']; // Build sql command to update just one record or "row" $sqlCommand = "UPDATE members SET firstname='$fname', lastname='$lname', address='$address', address2='$address2', county='$county', postcode='$postcode', telephone='$telephone', email='$email', login='$login' WHERE member_id='$id' LIMIT 1"; // Execute the query here now $query = mysql_query($sqlCommand) or die (mysql_error()); // Replace sql command to Select the data now $sqlCommand = "SELECT firstname, lastname, address, address2, county, postcode, email, telephone, login FROM members WHERE member_id='$id' LIMIT 1"; $query = mysql_query($sqlCommand) or die (mysql_error()); ?? $_SESSION['SESS_FIRST_NAME'] = $fname; $_SESSION['SESS_LAST_NAME'] = $lname; $_SESSION['SESS_ADDRESS'] = $address; $_SESSION['SESS_ADDRESS2'] = $address2; $_SESSION['SESS_COUNTY'] = $county; $_SESSION['SESS_POSTCODE'] = $postcode; $_SESSION['SESS_EMAIL'] = $email; $_SESSION['SESS_TELEPHONE'] = $telephone; $_SESSION['SESS_MOBILE'] = $mobile; $_SESSION['SESS_LOGIN'] = $login; header("location: ../index.php"); ?? ?> [attachment deleted by admin] Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.