ianhaney50 Posted July 10, 2015 Share Posted July 10, 2015 (edited) Hi Now am stuck on editing the profile, hopefully the updating of the other fields work but for now am testing the updating of the image as thought that would be most difficult to do, the errors I ma getting is below Notice: Undefined index: photo in /home/sites/broadwaymediadesigns.co.uk/public_html/sites/directory-site/edit-data.php on line 32 Notice: Undefined index: companyname in /home/sites/broadwaymediadesigns.co.uk/public_html/sites/directory-site/edit-data.php on line 37 Notice: Undefined index: photo in /home/sites/broadwaymediadesigns.co.uk/public_html/sites/directory-site/edit-data.php on line 46 Notice: Undefined index: photo in /home/sites/broadwaymediadesigns.co.uk/public_html/sites/directory-site/edit-data.php on line 51 Sorry, there was a problem uploading your file.You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE id=65' at line 1 The coding I have is below is from edit-data.php <?php ini_set('display_startup_errors',1); ini_set('display_errors',1); error_reporting(-1); require_once("functions.php"); require_once("db-const.php"); include 'includes/header.php'; if (logged_in() == false) { redirect_to("login.php"); exit; } else { if (isset($_GET['id']) && $_GET['id'] != "") { $id = $_GET['id']; } else { $id = $_SESSION['user_id']; } $db = mysqli_connect("" , "", "") or die("Check connection parameters!"); // Optionally skip select_db and use: mysqli_connect(host,user,pass,dbname) mysqli_select_db($db,"") or die(mysqli_error($db)); if (mysqli_connect_error()) { die ('Failed to connect to MySQL'); } //This is the directory where images will be saved $target = "uploads/"; $target = $target . basename( $_FILES['photo']['name']); // Prepared statements are better, but at least escape things before tossing them into a query $id = mysqli_real_escape_string($db, $id); $companyname = mysqli_real_escape_string($db, $_POST['companyname']); $email = mysqli_real_escape_string($db, $_POST['email']); $address1 = mysqli_real_escape_string($db, $_POST['address1']); $address2 = mysqli_real_escape_string($db, $_POST['address2']); $town = mysqli_real_escape_string($db, $_POST['town']); $county = mysqli_real_escape_string($db, $_POST['county']); $postcode = mysqli_real_escape_string($db, $_POST['postcode']); $telnumber = mysqli_real_escape_string($db, $_POST['telnumber']); $category = mysqli_real_escape_string($db, $_POST['category']); $pic = ($_FILES['photo']['name']); $sql1 = "UPDATE users SET companyname='$companyname', email='$email', address1='$address1', address2='$address2', town='$town', county='$county', postcode='$postcode', telnumber='$telnumber', photo='$pic', WHERE id=$id;"; //Writes the photo to the server if(move_uploaded_file($_FILES['photo']['tmp_name'], $target)) { //Tells you if its all ok echo "The file ". basename( $_FILES['photo']['name']). " has been uploaded, and your information has been added to the directory"; } else { //Gives and error if its not echo "Sorry, there was a problem uploading your file."; } } $query1 = mysqli_query($db, $sql1) or die (mysqli_error($db)); header("location:profile.php?id={$_SESSION['user_id']}"); ?> <?php include 'includes/footer.php'; ?> Below is the coding from the edit-profile.php file <?php ini_set('display_startup_errors', 1); ini_set('display_errors', 1); error_reporting(-1); require_once "functions.php"; require_once "db-const.php"; $title = "Edit My Account Profile - Directory Site"; $pgDesc = ""; $pgKeywords = ""; include 'includes/header.php'; if (logged_in() == false) { redirect_to("login.php"); exit; } else { if (isset($_GET['id']) && $_GET['id'] != "") { $id = $_GET['id']; } else { $id = $_SESSION['user_id']; } $db = mysqli_connect("" , "", "") or die("Check connection parameters!"); // Optionally skip select_db and use: mysqli_connect(host,user,pass,dbname) mysqli_select_db($db,"") or die(mysqli_error($db)); if (mysqli_connect_error()) { die ('Failed to connect to MySQL'); } } // Prepared statements are better, but at least escape things before tossing them into a query $id = mysqli_real_escape_string($db, $id); $sql = "SELECT u.id, u.companyname, u.email, u.address1, u.address2, u.town, u.county, u.postcode, u.telnumber, u.category, u.photo FROM users AS u WHERE u.id= {$id}"; $query = mysqli_query($db, $sql) or die (mysqli_error($db)); $rows = array(); while ($row = mysqli_fetch_assoc($query)) { $rows[] = $row; } // We'll just use the first row for the form since most of the data will be the same $row = $rows[0]; ?> <!--CONTENT--> <div id="column-whole"> <form method="post" action="edit-data.php"> <input type="hidden" name="id" value="<?php echo $row['id']; ?>"> <label>Company Name :</label> <input type="text" name="name" required="required" placeholder="Please Enter Company Name" value="<?php echo $row['companyname']; ?>" /> <br /><br /> <label>Email :</label> <input type="email" name="email" required="required" placeholder="Please Enter Email" value="<?php echo $row['email']; ?>" /> <br /><br /> <label>Address Line 1 :</label> <input type="text" name="address1" required="required" placeholder="Please Enter Address Line 1" value="<?php echo $row['address1'];?>" /> <br /><br /> <label>Address Line 2 :</label> <input type="text" name="address2" required="required" placeholder="Please Enter Address Line 2" value="<?php echo $row['address2'];?>" /> <br /><br /> <label>Town :</label> <input type="text" name="town" required="required" placeholder="Please Enter Town" value="<?php echo $row['town'];?>" /> <br /><br /> <label>County :</label> <input type="text" name="county" required="required" placeholder="Please Enter County" value="<?php echo $row['county'];?>" /> <br /><br /> <label>Postcode :</label> <input type="text" name="postcode" required="required" placeholder="Please Enter Postcode" value="<?php echo $row['postcode'];?>" /> <br /><br /> <label>Telephone Number :</label> <input type="text" name="telnumber" required="required" placeholder="Please Enter Telephone Number" value="<?php echo $row['telnumber'];?>" /> <br /><br /> <label>Category :</label> <input type="text" name="category" required="required" placeholder="Please Enter Chosen Category" value="<?php echo $row['category'];?>" /> <br /><br /> <label>Upload Image :</label> <input type="hidden" name="size" value="350000"> <input type="file" name="photo" /> <br /><br /> <input type="submit" name="submit value" value="Update"> </form> </div> <!--CONTENT--> <?php include 'includes/footer.php'; ?> Edited July 10, 2015 by ianhaney50 Quote Link to comment Share on other sites More sharing options...
QuickOldCar Posted July 10, 2015 Share Posted July 10, 2015 In your form the company name is set as name so.... $companyname = mysqli_real_escape_string($db, $_POST['name']); You should really be checking if these are actually set, trimmed and not blank. Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted July 11, 2015 Share Posted July 11, 2015 (edited) editing a profile and creating/inserting a profile (your last thread) only differ in the following - 1) retrieve an existing database recored to populate the form fields (you can unconditionally do this. if there is existing data, populate the form fields, if there isn't existing data, don't populate the form fields.) 2) update, rather than insert a database record (there's a single UPDATE ... ON DUPLICATE KEY UPDATE ... query that can do this for you without using any different php logic.) 3) not sending a signup email your form and php code should be be almost identical (you can in fact use the same code for both, with a small amount of logic, to handle not sending the signup email when updating). so, from what you learned from doing the last thread, why are you having basic problems with form field names not matching, a <form ... tag that won't allow an upload to work, and undefined index errors? learning actually requires that you look at and think about what you are doing. just repeatedly dumping a list of errors and code on a help forum for someone to tell you where to put your fingers on the keyboard and what to type to fix them isn't you learning anything. it's us doing your work via a proxy. Edited July 11, 2015 by mac_gyver 1 Quote Link to comment Share on other sites More sharing options...
mac_gyver Posted July 11, 2015 Share Posted July 11, 2015 here's the form you posted in your other thread, modified to work for either registering a new user or editing/updating an existing user - <form method="post" action="<?=htmlentities($_SERVER['PHP_SELF']);?>" enctype="multipart/form-data"> <?php if(!isset($row) || !$row){ // not set at all or false (no row fetched) ?> <label>Username:</label> <input type="text" name="username" required="required" placeholder="Please Enter your chosen username"/> <br /> <label>Password:</label> <input type="password" name="password" required="required" placeholder="Please Enter your chosen password"/> <br /> <?php } else { ?> <input type="hidden" name="id" value="<?php echo $row['id']; ?>"> <?php } ?> <label>Company Name: </label> <input type="text" name="companyname" required="required" placeholder="Please Enter your company name" value="<?php echo isset($row['companyname']) ? $row['companyname'] : ''; ?>" /> <br /> <label>Email: </label> <input type="email" name="email" required="required" placeholder="Please Enter your email" value="<?php echo isset($row['email']) ? $row['email'] : ''; ?>" /> <br /> <label>Address Line 1: </label> <input type="text" name="address1" required="required" placeholder="Please Enter the first line of your address" value="<?php echo isset($row['address1']) ? $row['address1'] : '';?>" /> <br /> <label>Address Line 2: </label> <input type="text" name="address2" required="required" placeholder="Please Enter the second line of you address" value="<?php echo isset($row['address2']) ? $row['address2'] : '';?>" /> <br /> <label>Town: </label> <input type="text" name="town" required="required" placeholder="Please Enter your town" value="<?php echo isset($row['town']) ? $row['town'] : '';?>" /> <br /> <label>County: </label> <input type="text" name="county" required="required" placeholder="Please Enter your county" value="<?php echo isset($row['county']) ? $row['county'] : '';?>" /> <br /> <label>Postcode: </label> <input type="text" name="postcode" required="required" placeholder="Please Enter your postcode" value="<?php echo isset($row['postcode']) ? $row['postcode'] : '';?>" /> <br /> <label>Telephone Number: </label> <input type="text" name="telnumber" required="required" placeholder="Please Enter your landline number" value="<?php echo isset($row['telnumber']) ? $row['telnumber'] : '';?>" /> <br /> <label>Category: </label> <input type="text" name="category" required="required" placeholder="Please Enter your chosen category" value="<?php echo isset($row['category']) ? $row['category'] : '';?>" /> <br /> <label>Upload Image: </label> <input type="hidden" name="size" value="350000"> <input type="file" name="photo" /> <br /><br /> <?php if(!isset($row) || !$row){ // not set at all or false (no row fetched) ?> <div class="box"> <label>I agree to the <a href="#" target="_blank">terms</a></label> </div> <input type="checkbox" class="checkbox" id="the-terms" value="I Agree"> <input type="submit" name="submit" value="Register" disabled="disabled" id="submitBtn" /> <a class="haveaccount" href="login.php">I already have an account...</a> <?php } else { ?> <input type="submit" name="submit" value="Update"> <?php } ?> </form> if you made any changes to the form in the other thread after you posted it, you will need to make those same changes in order to use this. note: my post above this one contains a typo, the query would be an INSERT ... ON DUPLICATE KEY UPDATE... Quote Link to comment Share on other sites More sharing options...
ianhaney50 Posted July 11, 2015 Author Share Posted July 11, 2015 sussed it, I got it all working perfect now Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.