Jump to content

Recommended Posts

Registration and login work fine. Update also updates the information to the database. However if 2 people with the same first name register on the database it automatically defaults both those accounts to the last person who has the same first name that registered on the database instead of updating and showing the information for that particular user. So if Joe - joe@xxx.co.za registers and then another Joe - joe@sss.co.za then when Joe (sss) logins in he can see all Joe(xxx) information and when he updates his details it updates Joe (xxx) account instead of showing and updating Joe (sss) account. I think there is a problem with the session "id" and the update "id" that's causing this problem but I just can't see where it is.... can anyone assist with this? It's not using the email address as the "id" but is using the "name"..... Here's the code:

 

The start session coding:

<?php
session_start();
$toplinks = "";
if (isset($_SESSION['id'])) {
// Put stored session variables into local php variable
    $userid = $_SESSION['id'];
    $email = $_SESSION['email'];
$toplinks = '<a href="member_account.php?id=' . $userid . '">Enter CV step-by-step</a> |
<a href="view_personal_details.php?id=' . $userid . '">View Personal Details</a> |
<a href="view_your_cv.php?id=' . $userid . '">View CV</a> |
<a href="edit_your_cv.php?id=' . $userid . '">Edit CV</a> |
<a href="change_password.php?id=' . $userid . '">Change Password</a> |
<a href="logout.php">Log Out</a>';
} else {
echo 'Please <a href="login.php">log in</a> to access your account';
    exit();
}
?>

 

 

And the update coding is:

 

<?php
include_once "connect_to_mysql.php";
echo print_r($_POST);
$id = $_SESSION['id'];
if (isset($_POST['email'])){
$update='';
if(isset($_POST['title']) and trim($_POST['title']) <> '') $update .= "title = '" . mysql_real_escape_string($_POST['title']) . "',";
if(isset($_POST['name']) and trim($_POST['name']) <> '') $update .= "name = '" . mysql_real_escape_string($_POST['name']) . "',";
if(isset($_POST['surname']) and trim($_POST['surname']) <> '') $update .= "surname = '" . mysql_real_escape_string($_POST['surname']) . "',";
if(isset($_POST['identityno']) and trim($_POST['identityno']) <> '') $update .= "identityno = '" . mysql_real_escape_string($_POST['identityno']) . "',";
if(isset($_POST['gender']) and trim($_POST['gender']) <> '') $update .= "gender = '" . mysql_real_escape_string($_POST['gender']) . "',";
if(isset($_POST['birthdate']) and trim($_POST['birthdate']) <> '') $update .= "birthdate = '" . mysql_real_escape_string($_POST['birthdate']) . "',";
if(isset($_POST['ethnicity']) and trim($_POST['ethnicity']) <> '') $update .= "ethnicity = '" . mysql_real_escape_string($_POST['ethnicity']) . "',";
if(isset($_POST['nationality']) and trim($_POST['nationality']) <> '') $update .= "nationality = '" . mysql_real_escape_string($_POST['nationality']) . "',";
if(isset($_POST['email']) and trim($_POST['email']) <> '') $update .= "email = '" . mysql_real_escape_string($_POST['email']) . "',";
if(isset($_POST['homeaddress']) and trim($_POST['homeaddress']) <> '') $update .= "homeaddress = '" . mysql_real_escape_string($_POST['homeaddress']) . "',";
if(isset($_POST['province']) and trim($_POST['province']) <> '') $update .= "province = '" . mysql_real_escape_string($_POST['province']) . "',";
if(isset($_POST['suburb']) and trim($_POST['suburb']) <> '') $update .= "suburb = '" . mysql_real_escape_string($_POST['suburb']) . "',";
if(isset($_POST['hometele']) and trim($_POST['hometele']) <> '') $update .= "hometele = '" . mysql_real_escape_string($_POST['hometele']) . "',";
if(isset($_POST['celltele']) and trim($_POST['celltele']) <> '') $update .= "celltele = '" . mysql_real_escape_string($_POST['celltele']) . "',";
if(isset($_POST['creditclear']) and trim($_POST['creditclear']) <> '') $update .= "creditclear = '" . mysql_real_escape_string($_POST['creditclear']) . "',";
if(isset($_POST['criminalrecord']) and trim($_POST['criminalrecord']) <> '') $update .= "criminalrecord = '" . mysql_real_escape_string($_POST['criminalrecord']) . "',";
if(isset($_POST['driverslicense']) and trim($_POST['driverslicense']) <> '') $update .= "driverslicense = '" . mysql_real_escape_string($_POST['driverslicense']) . "',";
if(isset($_POST['owntransport']) and trim($_POST['owntransport']) <> '') $update .= "owntransport = '" . mysql_real_escape_string($_POST['owntransport']) . "',";
if(isset($_POST['medicalconditions']) and trim($_POST['medicalconditions']) <> '') $update .= "medicalconditions = '" . mysql_real_escape_string($_POST['medicalconditions']) . "',";

$update=substr($update,0,-1);

$sql = "UPDATE cic_candidates set $update WHERE id = '" . mysql_real_escape_string($id) . "'";
mysql_query($sql);

echo $sql;

echo '<center>';
echo '<strong><font color=black family=tahoma size=5><br /><br /><br /><br />Successful!<br /><br /><br /> Your account info has been updated...<br /><br /><br />
To view your updated information at <font color=blue>View Personal Details</font> - <a href="view_personal_details.php?id=' . $userid . '">click here<br /></a><br /><br />To return to your <font color=blue>Edit Personal Details</font> page - <a href="edit_personal_details.php?id=' . $userid . '">click here</a><br /><br /></font></strong>';

mysql_close();
exit();
}
?>

Edited by AshleighCo

The above coding is all in one page and the start session coding is above the update coding:

 

The start session coding:

<?php
session_start();
$toplinks = "";
if (isset($_SESSION['id'])) {
// Put stored session variables into local php variable
    $userid = $_SESSION['id'];
    $email = $_SESSION['email'];
$toplinks = '<a href="member_account.php?id=' . $userid . '">Enter CV step-by-step</a> |
< a href="view_personal_details.php?id=' . $userid . '">View Personal Details</a> |
< a href="view_your_cv.php?id=' . $userid . '">View CV</a> |
< a href="edit_your_cv.php?id=' . $userid . '">Edit CV</a> |
< a href="change_password.php?id=' . $userid . '">Change Password</a> |
< a href="logout.php">Log Out</a>';
} else {
echo 'Please <a href="login.php">log in</a> to access your account';
    exit();
}
?>

 

Thanks for your help....

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.