I honestly think this is unsolvable

[Doug]

Hello,

 

I have hit a brick wall with the following problem. To me it defies logic. I have a MySQL table that has various details in me and to link it to a particular user I use the code below. The problem is it works for on "cat" but not for any other. Even though IT IS THE SAME CODE except for the cat name. Why would this be? The user_id reverts to 1 (even though this user_id does not exist in the table) at the crucial moment. At every other stage I have tested it displays the correct user_id. This only happens when I choose a cat other than the first 5.

 

Any help with this would be most gratefully received.

 

Code below:

 

THe one is th "editing" part so you can edit detials and save them It is where the user_id reverts to 1.

<?php
  
error_reporting(E_ALL);
session_start();

  
  ?>


<?php
  
require_once('appvars.php');
  require_once('connectvars1.php');

  
//$datbase= $_POST['$datbase'];


// Connect to the database
  
$dbc = mysqli_connect(DB_Host, DB_User, DB_Password, DB_Name);

  
$row = $_POST['user_id'];


if (!isset($_GET['user_id'])) {
    
$query = "SELECT * FROM companies WHERE user_id = '" .  $row['user_id'] . "'";


  
}
  else 
{
    $query = "SELECT * FROM companies WHERE user_id = '" . $_GET['user_id'] . "'";
  
}
  $data = mysqli_query($dbc, $query)
or die("Error: ".mysqli_error($dbc));

if (mysqli_num_rows($data) == 1) {
    

  
$row = mysqli_fetch_array($data);
    

}

?>








<?php

require_once('appvars.php');
  require_once('connectvars1.php');

  
// Make sure the user is logged in before going any further.
  
if (!isset($_SESSION['user_id'])) {
    echo '<p class="login">Please <a href="login1.php">log in</a> to access this page.</p>';


exit();
  
}
  



  // Connect to the database

  
$dbc = mysqli_connect(DB_Host, DB_User, DB_Password, DB_Name);
if(!empty($username)) {

echo '<p class="login">This page is already taken please <a href="index5.php"">go home</a> and try again.</p>';

}



if (isset($_POST['submit'])) {
    


// Grab the profile data from the POST
    
$name = mysqli_real_escape_string($dbc, trim($_POST['name']));
    
$phone = mysqli_real_escape_string($dbc, trim($_POST['phone']));

$address1 = mysqli_real_escape_string($dbc, trim($_POST['address1']));
    
$address2 = mysqli_real_escape_string($dbc, trim($_POST['address2']));
    
$postcode = mysqli_real_escape_string($dbc, trim($_POST['postcode']));

$webadd = mysqli_real_escape_string($dbc, trim($_POST['webadd']));

$email = mysqli_real_escape_string($dbc, trim($_POST['email']));
    
$old_picture = mysqli_real_escape_string($dbc, trim($_POST['old_picture']));
    
$new_picture = mysqli_real_escape_string($dbc, trim($_FILES['new_picture']['name']));
    
$new_picture_type = $_FILES['new_picture']['type'];
    $new_picture_size = $_FILES['new_picture']['size']; 


$username = mysqli_real_escape_string($dbc, trim($_POST['username']));

$cat = mysqli_real_escape_string($dbc, trim($_POST['cat']));

$user_id = mysqli_real_escape_string($dbc, trim($_POST['user_id']));

    
if (!empty($_FILES['new_picture']['tmp_name'])) {list($new_picture_width, $new_picture_height) = getimagesize($_FILES['new_picture']['tmp_name']);

}


//list($new_picture_width, $new_picture_height) = getimagesize($_FILES['new_picture']['tmp_name']);
    
$error = false;

    

// Validate and move the uploaded picture file, if necessary
    
if (!empty($new_picture)) {
      if ((($new_picture_type == 'image/gif') || ($new_picture_type == 'image/jpeg') || ($new_picture_type == 'image/pjpeg') ||
        ($new_picture_type == 'image/png')) && ($new_picture_size > 0) && ($new_picture_size <= MM_MAXFILESIZE) &&
        ($new_picture_width <= MM_MAXIMGWIDTH) && ($new_picture_height <= MM_MAXIMGHEIGHT)) {
        if ($_FILES['new_picture']['error'] == 0) {
          

// Move the file to the target upload folder
          
$target = MM_UPLOADPATH . basename($new_picture);
          
if (move_uploaded_file($_FILES['new_picture']['tmp_name'], $target)) {
            

// The new picture file move was successful, now make sure any old picture is deleted
            
if (!empty($old_picture) && ($old_picture != $new_picture)) {
              
            }
          }
          else {
            

// The new picture file move failed, so delete the temporary file and set the error flag
            
@unlink($_FILES['new_picture']['tmp_name']);
            
$error = true;
            echo '<p class="error">Sorry, there was a problem uploading your picture.</p>';

          }
        }
      }
      
else {
        
// The new picture file is not valid, so delete the temporary file and set the error flag
        
@unlink($_FILES['new_picture']['tmp_name']);

        $error = true;
        
echo '<p class="error">Your picture must be a GIF, JPEG, or PNG image file no greater than ' . (MM_MAXFILESIZE / 1024) .
          ' KB and ' . MM_MAXIMGWIDTH . 'x' . MM_MAXIMGHEIGHT . ' pixels in size.</p>';
      }
    }



$error = false;


// Update the profile data in the database
    
if (!$error) {
      if (!empty($name)&& !empty($phone) && !empty($address1) && !empty($address2)) {
        // Only set the picture column if there is a new picture
        if (!empty($new_picture)) {

//if (!empty($postcode)){
          $query = "UPDATE companies SET name = '$name', phone = '$phone', address1 = '$address1', address2 = '$address2', postcode = '$postcode', " .
            " email = '$email', webadd = '$webadd', picture = '$new_picture', username = '$username', cat = '$cat' WHERE user_id = '" . 		$row['user_id'] ."'";
        
}
       
        else {
          
$query = "UPDATE companies set name = '$name', phone = '$phone', address1 = '$address1', address2 = '$address2', postcode = '$postcode', " .
            " email = '$email', webadd = '$webadd', username = '$username', cat = '$cat' WHERE user_id = '" . 		$row['user_id'] ." '";
        }}
        mysqli_query($dbc, $query) or die("<br>Query $query<br>Failed with error: " . mysqli_error($dbc) . '<br>On line: ' . __LINE__); 

        

// Confirm success with the user
echo 'USER ID = ' . $row["user_id"] . ''; ?> <br />
<?php
echo '<p>Your profile has been successfully updated. Would you like to <a href="viewprofile7.php">view your profile</a>?</p>';


        
mysqli_close($dbc);
        exit();
    
  }
      
else {
        echo '<p class="error">You must enter all of the profile data (the picture is optional).</p>';
   
   
    }
  } 

// End of check for form submission
  else {
    

// Grab the profile data from the database
    
$query="SELECT * FROM companies WHERE user_id= '" . $row['user_id'] . "'";

$data = mysqli_query($dbc, $query)
    or die("Error: ".mysqli_error($dbc));
$row = mysqli_fetch_array($data);

    
if ($row != NULL) {
      $name = $row['name'];
      
$phone = $row['phone'];

$address1 = $row['address1'];

$address2 = $row['address2'];

$postcode = $row['postcode'];
      
$email = $row['email'];

$webadd = $row['webadd'];
      
$old_picture = $row['picture'];

$username = $_SESSION['username'];

$cat = $row['cat'];

$user_id = $row['user_id'];
    
}
    else {
      echo '<p class="error">There was a problem accessing your profile.</p>';

    }
  }


  mysqli_close($dbc);


  ?>
<form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">

    <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo MM_MAXFILESIZE; ?>" />
    
<fieldset>
      <legend>Personal Information</legend>

      <label for="name">Name:</label>
      <input type="text" id="name" name="name" value="<?php if (!empty($name)) echo $name; ?>" /><br />

      <label for="phone">Phone:</label>
      <input type="text" id="phone" name="phone" value="<?php if (!empty($phone)) echo $phone; ?>" /><br />

<label for="address1">Address1:</label>
      <input type="text" id="address1" name="address1" value="<?php if (!empty($address1)) echo $address1; ?>" /><br />


      <label for="address2">Address2:</label>
      <input type="text" id="address2" name="address2" value="<?php if (!empty($address2)) echo $address2; ?>" /><br />

      <label for="postcode">Postcode:</label>
      <input type="text" id="postcode" name="postcode" value="<?php if (!empty($postcode)) echo $postcode; ?>" /><br />

      <label for="email">Email:</label>
      <input type="text" id="email" name="email" value="<?php if (!empty($email)) { echo $email; } else { echo 'No email entered';} ?>" /><br />

      <label for="webadd">Web address:</label>
      <input type="text" id="webadd" name="webadd" value="<?php if (!empty($webadd)) { echo $webadd; } else { echo 'No web entered';}  ?>" /><br />


<input type="hidden" name="old_picture" value="<?php if (!empty($old_picture)) echo $old_picture; ?>" />
      <label for="new_picture">Picture:</label>
      <input type="file" id="new_picture" name="new_picture" />
      <?php if (!empty($old_picture)) {
        echo '<img class="profile" src="' . MM_UPLOADPATH . $old_picture . '" alt="Profile Picture" style: height=100px;" />';
      } 

    ?> <br />

<label for="address2">username:</label>
      <input type="text" id="username" name="username" value="<?php if (!empty($username)) echo $username; ?>" /><br />

<label for="cat">cat:</label>
      <input type="text" id="cat" name="cat" value="<?php if (!empty($cat)) {echo $cat; } else { echo 'bakers';} ?>" /><br />


<label for="user_id">User ID:</label>
      <input type="text" id="user_id" name="user_id" value="<?php echo '' . $row['user_id'] . '' ; ?>" /><br />
   
</fieldset>
    
<input type="submit" value="Save Profile" name="submit" />
  
</form>
<?php echo('<p class="login">You are logged in as ' . $_SESSION['username'] . '. <a href="logout3.php">Log out</a>.</p>');
echo '<class = "label">USER ID: ' . $row['user_id'] . '';


?>
<br />


<?php

echo 'Username = ' . $row["username"] . '' ?><br />

<?php

echo 'This category is  ' . $row["cat"] . '' ?> <br />

<p><a href="index5.php">Return to homepage</a></p>


<?php require_once('footer.php');
?>
</body> 

</html>

 

THis is where the data is sent from

 

<?php require_once('top1.php');
?>

<h3>Antique Shops</h3>


<?php require_once('navmenu.php'); ?>



<?php require_once('businessmenu.php'); ?>

<?php require_once('retailrightmenu.php'); ?>

<div id="localareamain">
<?php

require_once('connectvars1.php');

  



// Connect to the database 
  
$dbc = mysqli_connect(DB_Host, DB_User, DB_Password, DB_Name); 

  

// Retrieve the user data from MySQL
  
$query = "SELECT * FROM companies where cat = 'antique'";
  
$result = mysqli_query($dbc, $query);
//$datbase= "antique";

//if records are present


if (mysqli_num_rows($result) > 0) {

//Print list
while ($row = mysqli_fetch_array($result)) {

echo 'Name: ' . $row['name']; ?> <br />
<?php
echo 'Phone: ' . $row['phone']; ?> <br />
<?php
echo 'Address: ' . $row['address1']; ?> <br />
<?php
echo ' ' . $row['address2']; ?> <br />
<?php
echo ' ' . $row['postcode']; ?> <br />

<?php   echo ' ' . $row['username']; ?> <br />

<?php
echo '<a href="editbusprofile9.php?user_id=' . $row["user_id"] .'">Is this business yours? Claim it and add more details </a>';
?> <br />


<hr>
<?php




}

}
?>
</div>
<?php require_once('footer.php');
?>
</div>
</div>
</body>
</html>

[KevinM1]

What debugging have you tried?  Have you echoed out your completed queries?  Echoed the value of 'user_id' at various points in your script?  If you can track the id, you'll be able to find when/where it goes bad.

 

As a general design tip, you should think about breaking your validation and update code into functions.  Instead of having to go through 300+ lines of code in one swoop, it will help you narrow things down.  Very helpful when debugging.

 

Also, take a look at this line at the top:

$query = "SELECT * FROM companies WHERE user_id = '" .  $row['user_id'] . "'";

 

You want $row here, not $row['user_id'].  Why?  Because:

$row = $_POST['user_id'];

 

That could be screwing you up, as $row at that point is a scalar, not an array.  It's also a good lesson in having better variable names.

[.josh]

I have hit a brick wall with the following problem. To me it defies logic. I have a MySQL table that has various details in me and to link it to a particular user I use the code below. The problem is it works for on "cat" but not for any other. Even though IT IS THE SAME CODE except for the cat name. Why would this be? The user_id reverts to 1 (even though this user_id does not exist in the table) at the crucial moment. At every other stage I have tested it displays the correct user_id. This only happens when I choose a cat other than the first 5.

 

How are you "choosing" another cat(egory)? Perhaps you added more selections to a dropdown and forgot to change the selection values?

 

 

[PFMaBiSmAd]

Your code is figuratively and literally all over the place. You have about 50% blank lines, you are requiring the same files twice, you are making a database connection twice, you have unnecessary closing/opening php tags, you have a newline before the first <?php tag that is probably preventing the session variables from working, accessing variables that have not been set... You need to spend some time cleaning up your code first.

 

If the purpose of the posted code is to edit profile information, the $_SESSION['user_id'] should be tested to make sure it isset and that it is the same value as the $_GET['user_id'] or $_POST['user_id'] (whichever one you are actually using to pass the user_id to that page.)

[Doug]

Thank you all. It was $row  not $row['user_id']

 

Yes I will tidy up the code, apologies, remnants of previuos attempts to solve problem!

 

Doug

[PFMaBiSmAd]

In addition to having php's error_reporting set to E_ALL, you need to have display_errors set to on. ini_set("display_errors", "1"); The use of the non-existent $row['user_id'] would produce a php error.