I want to make a single page that users...

[forumnz]

I want to make a single page or set of pages that users can go to to change their profile etc.

Im not sure how exactly to go about this so any help would be greatly appreciated.

[forumnz]

help please

[dbo]

Need some background information on what type of site this is for, what type of information you're updating, etc.

[forumnz]

Ok, sure...

Well its a site that the user can (doesnt need to) login to to see the members area...

When they register they input a username, password, name, age, email, phone, ect.

I want to be able to have a page that they can access when logged in that allows them to change these credentials,
(mainly password and email.)

[dbo]

So how are you determining if a user is currently logged in? Setting a session variable to identify it? What's the primary key for your users information? Auto increment number or their username? Are you storing this in a session variable as well?

[SharkBait]

I assume the information is stored in a Database of sorts? Like MySQL?

[forumnz]

Im using session to deermine users being logged in. An id is the primary key (auto increment number).

[quote]Are you storing this in a session variable as well?[/quote] - dont think so.


And yes SharkBait it all is in a MySQL database.

[dbo]

So if you've got the primary key indexed, and you know the user is logged in you'll just a have a link for "edit information". When a user clicks that you go out and query your database based on that primary key. You prefill your html form with the data you want to allow them to update and when they click the button you just do an sql update command based on that same primary key....

That's the general process... do you have a specific problem?

[forumnz]

Yes, the main problem is that I dont know how to request specific information from a database that can be edited. If that makes sense.

[dbo]

So you have an html form that lets them change email and password thats all for now.

$query = "SELECT `email` FROM `usertable` WHERE `id` = $primary_key";
$result = mysql_query($query);

$row = mysql_fetch_row($result);

$go_flag = false;
if( $row )
{
  $go_flag = true; 
}

if( $go_flag )
{
  echo "<input type='text' id='email' name='email' value='" . $row[0] . "' />\n";
}
else
{
  echo "<input type='text' id='email' name='email' value='' />\n";
}


Filling in the stuff in the appropriate places and making it specific to your problem... but that's how you prefil a form and only select what you want. Likewise when you do the update command you only update the stuff you want to update.

$query = "UPDATE `usertable` SET `email` = $email WHERE `id` = $primarykey";

[forumnz]

Thanks,

and this goes where?

[dbo]

Well that's up to you. I don't know if you like to split up your code so that you have a page that contains primarily only your html and then post the data to a script or if you post it all to the same page.

The first thing I would do is create the html page without prefilling the values and put in whatever security checks you do to verify that the user is in fact logged in before granting access to the page. Once all that passes echo out the userid (primary key). If you can get that far we can easily help you work out the details on the query to select only the values you want editable via your form, help actually prefill the form and finally the update.

Try and get something put together and we can take it from there.

[forumnz]

Do you mean a form that has fields that I want to use?

[dbo]

Yes.

[forumnz]

Ok heres my basic version

[code]<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>

<body>
<p>Edit Profile</p>
<form id="form1" name="form1" method="post" action="edit.php">
<p>Password :
  <input name="password" type="text" id="password" />
  <br />
  Confirm Password :
  <input name="password" type="text" id="password" />
</p>
<p>Email Address :
  <input name="email" type="text" id="email" />
</p>
<p>
  <label>
  <input type="submit" name="Submit" value="Go!" />
  </label>
</p>

</form>
<p>&nbsp; </p>
</body>
</html>
[/code]

[dbo]

Ok, good start. Let's see if we can prefill it now.

What's the name of the file the code you pasted in lives in? Is that the edit.php page or are you posting your data to an external script?

[forumnz]

Its called edit.html

[dbo]

Fair enough, let's call it edit.php and we'll just post the data back to it, okay?

[forumnz]

Sure okay I have renamed it.

[dbo]

What's the name of your session variable that stores your userid?

[forumnz]

Its called "username"

[dbo]

Try this out. Make sure you rename the fields/tablenames appropriately and create your database connection...

[code]

<?php
  session_start();

  $valid = false;
  if( isset($_SESSION['username']) )
  {
    //do whatever appropriate validation is necessary on id
    //if we encounter errors abort?
    $id = $_SESSION['username'];

    //No errors... proceed

    //connect to database

    $query = "SELECT email FROM usertable WHERE userid = $id";
    $result = mysql_query($query);
    $row = mysql_fetch_row($result);

    $email = "";
    if( $row )
    {
      $valid = true;
      $email = $row[0];
    }
    else
    {
      //Invalid username... handle error appropriately
      $valid = false;
    }

    //disconnect from database
  }
  else
  {
    //ERROR - Not logged in....
    //Redirect to login page?
    $valid = false;
  }

  if( !$valid )
  {
      //Errors, redirect....
  }
?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>

<body>
<p>Edit Profile</p>
<form id="form1" name="form1" method="post" action="edit.php">
<p>Password :
  <input name="password" type="text" id="password" />
  <br />
  Confirm Password :
  <input name="password" type="text" id="password" />
</p>
<p>Email Address :
  <?php
      echo "<input name=\"email\" type=\"text\" id=\"email\" value=\"$email\" />\n";
  ?>
</p>
<p>
  <label>
  <input type="submit" name="Submit" value="Go!" />
  </label>
</p>

</form>
<p>&nbsp; </p>
</body>
</html>

[/code]

[forumnz]

Would this work for the connection?

[code]$con = mysql_connect("localhost","#####","#####");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("my_db", $con);[/code]

[dbo]

should

[forumnz]

Ok good, I have edited the right things within that file... This is what happens though...

http://freshlook.co.nz/thing/area/edit.php