AshleighCo Posted September 4, 2013 Share Posted September 4, 2013 (edited) Registration and login work fine. Update also updates the information to the database. However if 2 people with the same first name register on the database it automatically defaults both those accounts to the last person who has the same first name that registered on the database instead of updating and showing the information for that particular user. So if Joe - joe@xxx.co.za registers and then another Joe - joe@sss.co.za then when Joe (sss) logins in he can see all Joe(xxx) information and when he updates his details it updates Joe (xxx) account instead of showing and updating Joe (sss) account. I think there is a problem with the session "id" and the update "id" that's causing this problem but I just can't see where it is.... can anyone assist with this? It's not using the email address as the "id" but is using the "name"..... Here's the code: The start session coding: <?phpsession_start();$toplinks = "";if (isset($_SESSION['id'])) {// Put stored session variables into local php variable $userid = $_SESSION['id']; $email = $_SESSION['email'];$toplinks = '<a href="member_account.php?id=' . $userid . '">Enter CV step-by-step</a> |<a href="view_personal_details.php?id=' . $userid . '">View Personal Details</a> |<a href="view_your_cv.php?id=' . $userid . '">View CV</a> |<a href="edit_your_cv.php?id=' . $userid . '">Edit CV</a> |<a href="change_password.php?id=' . $userid . '">Change Password</a> |<a href="logout.php">Log Out</a>';} else {echo 'Please <a href="login.php">log in</a> to access your account'; exit();}?> And the update coding is: <?phpinclude_once "connect_to_mysql.php";echo print_r($_POST);$id = $_SESSION['id'];if (isset($_POST['email'])){$update='';if(isset($_POST['title']) and trim($_POST['title']) <> '') $update .= "title = '" . mysql_real_escape_string($_POST['title']) . "',";if(isset($_POST['name']) and trim($_POST['name']) <> '') $update .= "name = '" . mysql_real_escape_string($_POST['name']) . "',";if(isset($_POST['surname']) and trim($_POST['surname']) <> '') $update .= "surname = '" . mysql_real_escape_string($_POST['surname']) . "',";if(isset($_POST['identityno']) and trim($_POST['identityno']) <> '') $update .= "identityno = '" . mysql_real_escape_string($_POST['identityno']) . "',";if(isset($_POST['gender']) and trim($_POST['gender']) <> '') $update .= "gender = '" . mysql_real_escape_string($_POST['gender']) . "',";if(isset($_POST['birthdate']) and trim($_POST['birthdate']) <> '') $update .= "birthdate = '" . mysql_real_escape_string($_POST['birthdate']) . "',";if(isset($_POST['ethnicity']) and trim($_POST['ethnicity']) <> '') $update .= "ethnicity = '" . mysql_real_escape_string($_POST['ethnicity']) . "',";if(isset($_POST['nationality']) and trim($_POST['nationality']) <> '') $update .= "nationality = '" . mysql_real_escape_string($_POST['nationality']) . "',";if(isset($_POST['email']) and trim($_POST['email']) <> '') $update .= "email = '" . mysql_real_escape_string($_POST['email']) . "',";if(isset($_POST['homeaddress']) and trim($_POST['homeaddress']) <> '') $update .= "homeaddress = '" . mysql_real_escape_string($_POST['homeaddress']) . "',";if(isset($_POST['province']) and trim($_POST['province']) <> '') $update .= "province = '" . mysql_real_escape_string($_POST['province']) . "',";if(isset($_POST['suburb']) and trim($_POST['suburb']) <> '') $update .= "suburb = '" . mysql_real_escape_string($_POST['suburb']) . "',";if(isset($_POST['hometele']) and trim($_POST['hometele']) <> '') $update .= "hometele = '" . mysql_real_escape_string($_POST['hometele']) . "',";if(isset($_POST['celltele']) and trim($_POST['celltele']) <> '') $update .= "celltele = '" . mysql_real_escape_string($_POST['celltele']) . "',";if(isset($_POST['creditclear']) and trim($_POST['creditclear']) <> '') $update .= "creditclear = '" . mysql_real_escape_string($_POST['creditclear']) . "',";if(isset($_POST['criminalrecord']) and trim($_POST['criminalrecord']) <> '') $update .= "criminalrecord = '" . mysql_real_escape_string($_POST['criminalrecord']) . "',";if(isset($_POST['driverslicense']) and trim($_POST['driverslicense']) <> '') $update .= "driverslicense = '" . mysql_real_escape_string($_POST['driverslicense']) . "',";if(isset($_POST['owntransport']) and trim($_POST['owntransport']) <> '') $update .= "owntransport = '" . mysql_real_escape_string($_POST['owntransport']) . "',";if(isset($_POST['medicalconditions']) and trim($_POST['medicalconditions']) <> '') $update .= "medicalconditions = '" . mysql_real_escape_string($_POST['medicalconditions']) . "',";$update=substr($update,0,-1);$sql = "UPDATE cic_candidates set $update WHERE id = '" . mysql_real_escape_string($id) . "'";mysql_query($sql);echo $sql;echo '<center>';echo '<strong><font color=black family=tahoma size=5><br /><br /><br /><br />Successful!<br /><br /><br /> Your account info has been updated...<br /><br /><br />To view your updated information at <font color=blue>View Personal Details</font> - <a href="view_personal_details.php?id=' . $userid . '">click here<br /></a><br /><br />To return to your <font color=blue>Edit Personal Details</font> page - <a href="edit_personal_details.php?id=' . $userid . '">click here</a><br /><br /></font></strong>';mysql_close();exit();}?> Edited September 4, 2013 by AshleighCo Quote Link to comment https://forums.phpfreaks.com/topic/281844-update-is-inserting-information-into-wrong-id/ Share on other sites More sharing options...
Barand Posted September 4, 2013 Share Posted September 4, 2013 I don't see session_start() at top of the update page. Quote Link to comment https://forums.phpfreaks.com/topic/281844-update-is-inserting-information-into-wrong-id/#findComment-1448125 Share on other sites More sharing options...
AshleighCo Posted September 5, 2013 Author Share Posted September 5, 2013 The above coding is all in one page and the start session coding is above the update coding: The start session coding: <?phpsession_start();$toplinks = "";if (isset($_SESSION['id'])) {// Put stored session variables into local php variable $userid = $_SESSION['id']; $email = $_SESSION['email'];$toplinks = '<a href="member_account.php?id=' . $userid . '">Enter CV step-by-step</a> |< a href="view_personal_details.php?id=' . $userid . '">View Personal Details</a> |< a href="view_your_cv.php?id=' . $userid . '">View CV</a> |< a href="edit_your_cv.php?id=' . $userid . '">Edit CV</a> |< a href="change_password.php?id=' . $userid . '">Change Password</a> |< a href="logout.php">Log Out</a>';} else {echo 'Please <a href="login.php">log in</a> to access your account'; exit();}?> Thanks for your help.... Quote Link to comment https://forums.phpfreaks.com/topic/281844-update-is-inserting-information-into-wrong-id/#findComment-1448241 Share on other sites More sharing options...
akphidelt2007 Posted September 5, 2013 Share Posted September 5, 2013 It's obviously coming from your code that retrieves the id from the user table. Post your query that fetches this data. Quote Link to comment https://forums.phpfreaks.com/topic/281844-update-is-inserting-information-into-wrong-id/#findComment-1448348 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.