davidjmorin Posted October 18, 2019 Share Posted October 18, 2019 Hey guys, Im trying to get a page to update profiles working and have been unsuccessful. Its a basic form with a server.php to process the updates. Server.php $username = mysqli_real_escape_string($db, $_POST['username']); $email = mysqli_real_escape_string($db, $_POST['email']); $password_1 = mysqli_real_escape_string($db, $_POST['password_1']); $password_2 = mysqli_real_escape_string($db, $_POST['password_2']); $location = mysqli_real_escape_string($db, $_POST['location']); $class = mysqli_real_escape_string($db, $_POST['class']); $id = mysqli_real_escape_string($db, $_POST['id']); if (empty($username)) { array_push($errors, "Username is required"); } if (empty($email)) { array_push($errors, "Email is required"); } if (empty($password_1)) { array_push($errors, "Password is required"); } if ($password_1 != $password_2) { array_push($errors, "The two passwords do not match"); } if (count($errors) == 0) { $password = password_hash($password_1, PASSWORD_DEFAULT); $query = "(UPDATE accounts SET password='".$password."', username='".$username."', email='".$email."', role='".$role."', class='".$class."' )"; mysqli_query($db, $query); $_SESSION['username'] = $username; $_SESSION['success'] = "Update Successful for user: " . $username; header('location: index.php'); } } update.php <?php session_start(); if (!isset($_SESSION['loggedin'])) { header('Location: ../login.php'); exit(); } if($_SESSION['class'] == 'user') { // Jump to user page header('Location:../user/home.php'); } ?> <html> <head> <meta name="viewport" content="width=device-width, initial-scale=1" /> <title>New User Registration</title> <link rel="stylesheet" type="text/css" href="../css/style.css"> <link href="../css/navbar.css" rel="stylesheet" type="text/css"> </head> <body> <?php include "../assets/navbar.php" ?> <div class="header"> <h2>Update User Info</h2> </div> <form method="post" action="server.php" class="form2"> <?php include('errors.php'); ?> <?php if (isset($_SESSION['success']) && ! empty($_SESSION['success'])) { echo "<div class='success'>" . htmlentities($_SESSION['success']) . "</div>"; unset($_SESSION['success']); } $id = $_REQUEST['id']; $username = $_REQUEST['username']; $location = $_REQUEST['role']; $email = $_REQUEST['email']; $password = $_REQUEST['password']; $class = $_REQUEST['class']; ?> <div class="input-group"> <input type="hidden" name="id" placeholder="<?php echo $id; ?>" value="<?php echo $id; ?>"> </div> <div class="input-group"> <input type="text" name="username" placeholder="<?php echo $username; ?>" value="<?php echo $username; ?>"> </div> <div class="input-group"> <input type="email" name="email" placeholder="Email Address?" value="<?php echo $email; ?>"> </div> <div class="input-group"> <input list="location" name="location" class="form-control" placeholder="<?php echo $location; ?>" required> <datalist id="location"> <option value="Manny"> <option value="Nate"> <option value="Jay"> <option value="Imran"> <option value="Sanat"> <option value="Minahan"> </datalist> </div> <div class="input-group"> <input list="class" name="class" class="form-control" placeholder="<?php echo $class; ?>" required> <datalist id="class"> <option value="user"> <option value="admin"> <option value="disabled"> </datalist> </div> <div class="input-group"> <input type="password" placeholder="Password" name="password_1"> </div> <div class="input-group"> <input type="password" placeholder="Confirm Location" name="password_2"> </div> <div class="input-group"> <button type="submit" class="btn" name="reg_user">Update</button> </div> </form> </body> </html> When I process the update it gives me a success message but the data in the table is not updated at all. Any suggestions on what im doing wrong here? Quote Link to comment Share on other sites More sharing options...
Barand Posted October 18, 2019 Share Posted October 18, 2019 Are you trying to add a new user to the table or update an existing user's data? Either way, it's wrong. The query as it is would set every record to have identical contents as there is no WHERE clause to limit it to update a particular record. If you want add a new user you need an INSERT query. You aren't doing any checking to confirm the query did actually work, you just assume it did and output a success message. Easiest way to check for errors is to add the following line of code just before the line that creates your mysqli connection... mysqli_report(MYSQLI_REPORT_ERROR|MYSQLI_REPORT_STRICT); Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.