Jump to content

Update is inserting information into wrong id

AshleighCo

By AshleighCo
in PHP Coding Help

Recommended Posts

AshleighCo Newbie

AshleighCo

Posted
Posted

Registration and login work fine. Update also updates the information to the database. However if 2 people with the same first name register on the database it automatically defaults both those accounts to the last person who has the same first name that registered on the database instead of updating and showing the information for that particular user. So if Joe - [email protected] registers and then another Joe - [email protected] then when Joe (sss) logins in he can see all Joe(xxx) information and when he updates his details it updates Joe (xxx) account instead of showing and updating Joe (sss) account. I think there is a problem with the session "id" and the update "id" that's causing this problem but I just can't see where it is.... can anyone assist with this? It's not using the email address as the "id" but is using the "name"..... Here's the code:

 

The start session coding:

<?php
session_start();
$toplinks = "";
if (isset($_SESSION['id'])) {
// Put stored session variables into local php variable
    $userid = $_SESSION['id'];
    $email = $_SESSION['email'];
$toplinks = '<a href="member_account.php?id=' . $userid . '">Enter CV step-by-step</a> |
<a href="view_personal_details.php?id=' . $userid . '">View Personal Details</a> |
<a href="view_your_cv.php?id=' . $userid . '">View CV</a> |
<a href="edit_your_cv.php?id=' . $userid . '">Edit CV</a> |
<a href="change_password.php?id=' . $userid . '">Change Password</a> |
<a href="logout.php">Log Out</a>';
} else {
echo 'Please <a href="login.php">log in</a> to access your account';
    exit();
}
?>

 

 

And the update coding is:

 

<?php
include_once "connect_to_mysql.php";
echo print_r($_POST);
$id = $_SESSION['id'];
if (isset($_POST['email'])){
$update='';
if(isset($_POST['title']) and trim($_POST['title']) <> '') $update .= "title = '" . mysql_real_escape_string($_POST['title']) . "',";
if(isset($_POST['name']) and trim($_POST['name']) <> '') $update .= "name = '" . mysql_real_escape_string($_POST['name']) . "',";
if(isset($_POST['surname']) and trim($_POST['surname']) <> '') $update .= "surname = '" . mysql_real_escape_string($_POST['surname']) . "',";
if(isset($_POST['identityno']) and trim($_POST['identityno']) <> '') $update .= "identityno = '" . mysql_real_escape_string($_POST['identityno']) . "',";
if(isset($_POST['gender']) and trim($_POST['gender']) <> '') $update .= "gender = '" . mysql_real_escape_string($_POST['gender']) . "',";
if(isset($_POST['birthdate']) and trim($_POST['birthdate']) <> '') $update .= "birthdate = '" . mysql_real_escape_string($_POST['birthdate']) . "',";
if(isset($_POST['ethnicity']) and trim($_POST['ethnicity']) <> '') $update .= "ethnicity = '" . mysql_real_escape_string($_POST['ethnicity']) . "',";
if(isset($_POST['nationality']) and trim($_POST['nationality']) <> '') $update .= "nationality = '" . mysql_real_escape_string($_POST['nationality']) . "',";
if(isset($_POST['email']) and trim($_POST['email']) <> '') $update .= "email = '" . mysql_real_escape_string($_POST['email']) . "',";
if(isset($_POST['homeaddress']) and trim($_POST['homeaddress']) <> '') $update .= "homeaddress = '" . mysql_real_escape_string($_POST['homeaddress']) . "',";
if(isset($_POST['province']) and trim($_POST['province']) <> '') $update .= "province = '" . mysql_real_escape_string($_POST['province']) . "',";
if(isset($_POST['suburb']) and trim($_POST['suburb']) <> '') $update .= "suburb = '" . mysql_real_escape_string($_POST['suburb']) . "',";
if(isset($_POST['hometele']) and trim($_POST['hometele']) <> '') $update .= "hometele = '" . mysql_real_escape_string($_POST['hometele']) . "',";
if(isset($_POST['celltele']) and trim($_POST['celltele']) <> '') $update .= "celltele = '" . mysql_real_escape_string($_POST['celltele']) . "',";
if(isset($_POST['creditclear']) and trim($_POST['creditclear']) <> '') $update .= "creditclear = '" . mysql_real_escape_string($_POST['creditclear']) . "',";
if(isset($_POST['criminalrecord']) and trim($_POST['criminalrecord']) <> '') $update .= "criminalrecord = '" . mysql_real_escape_string($_POST['criminalrecord']) . "',";
if(isset($_POST['driverslicense']) and trim($_POST['driverslicense']) <> '') $update .= "driverslicense = '" . mysql_real_escape_string($_POST['driverslicense']) . "',";
if(isset($_POST['owntransport']) and trim($_POST['owntransport']) <> '') $update .= "owntransport = '" . mysql_real_escape_string($_POST['owntransport']) . "',";
if(isset($_POST['medicalconditions']) and trim($_POST['medicalconditions']) <> '') $update .= "medicalconditions = '" . mysql_real_escape_string($_POST['medicalconditions']) . "',";

$update=substr($update,0,-1);

$sql = "UPDATE cic_candidates set $update WHERE id = '" . mysql_real_escape_string($id) . "'";
mysql_query($sql);

echo $sql;

echo '<center>';
echo '<strong><font color=black family=tahoma size=5><br /><br /><br /><br />Successful!<br /><br /><br /> Your account info has been updated...<br /><br /><br />
To view your updated information at <font color=blue>View Personal Details</font> - <a href="view_personal_details.php?id=' . $userid . '">click here<br /></a><br /><br />To return to your <font color=blue>Edit Personal Details</font> page - <a href="edit_personal_details.php?id=' . $userid . '">click here</a><br /><br /></font></strong>';

mysql_close();
exit();
}
?>

AshleighCo Newbie

AshleighCo

Posted
  • Author
Posted

The above coding is all in one page and the start session coding is above the update coding:

 

The start session coding:

<?php
session_start();
$toplinks = "";
if (isset($_SESSION['id'])) {
// Put stored session variables into local php variable
    $userid = $_SESSION['id'];
    $email = $_SESSION['email'];
$toplinks = '<a href="member_account.php?id=' . $userid . '">Enter CV step-by-step</a> |
< a href="view_personal_details.php?id=' . $userid . '">View Personal Details</a> |
< a href="view_your_cv.php?id=' . $userid . '">View CV</a> |
< a href="edit_your_cv.php?id=' . $userid . '">Edit CV</a> |
< a href="change_password.php?id=' . $userid . '">Change Password</a> |
< a href="logout.php">Log Out</a>';
} else {
echo 'Please <a href="login.php">log in</a> to access your account';
    exit();
}
?>

 

Thanks for your help....

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.