thunderstorm654 Posted April 8, 2007 Share Posted April 8, 2007 I have got a login system using sessions, and wanted to have a page where once the user is logged in, they can see and change/edit their details. I have currently got two pages, modify_user.php and do_modify_user.php to try and do this, but i keep getting an error on do_modify_user.php that the query was empty. Below is the code for do_modify_user.php: <?php session_start(); include('login.functions.php'); check_user(); $user = $_SESSION['valid_user']; require_once('connection.php'); $first_name = $_POST["updateFirstName"]; $last_name = $_POST["updateLastName"]; $gender = $_POST["updateGender"]; $email_address = $_POST["updateEmail"]; $address = $_POST["updateAddress"]; $dob = $_POST["updateDOB"]; $query_update = mysql_query("UPDATE member SET first_name = ".$first_name.", last_name = ".$last_name.", gender = ".$gender.", address_line_one = ".$address.", dob = ".$dob." WHERE email_address = '{$user}'"); $update_result = mysql_query($query_update); if($update_result) { // if update was successful, echo '<h2 id="mainhead">Thank you!</h2> <p>Your details were updated successfully.</p> <p><a href="admin_home.php">Back to Administrator Home></p>'; } else { // if it did not insert ok echo '<h2 id="mainhead">Error</h2> <p class="error">Your details were not updated successfully due to a system error, please go back and try again.</p>'; echo '<p>' . mysql_error() . '<br /><br />Query: ' . $query_update . '</p>'; // debugging message } ?> it does not update anything (checked in the database), and the page just says Error Your details were not updated successfully due to a system error, please go back and try again. Query was empty Query: I'm not sure if you need to see the code for modify_user.php or not, so pasted it below anyway, i've put the html in thats for the layout of my site so ignore those bits...: modify_user.php: <?php session_start(); include('login.functions.php'); check_user(); $user = $_SESSION['valid_user']; require_once('connection.php'); $get_memberdetails_sql = "SELECT * FROM member WHERE email_address = '{$user}'"; $result = mysql_query($get_memberdetails_sql); $get_memberdetails_res = mysql_fetch_array($result); $first_name = $get_memberdetails_res['first_name']; $last_name = $get_memberdetails_res['last_name']; $gender = $get_memberdetails_res['gender']; $email_address = $get_memberdetails_res['email_address']; $address_line_one = $get_memberdetails_res['address_line_one']; $dob = $get_memberdetails_res['dob']; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Incredible Shoes Running Club :: Update Your Details</title> <meta http-equiv="Content-Language" content="English" /> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <link rel="stylesheet" type="text/css" href="style.css" media="screen" /> </head> <body> <div id="wrap"> <div id="top"></div> <div id="content"> <div class="header"> <h1><a href="index.php">The Incredible Shoes Running Club</a></h1> </div> <div class="breadcrumbs"> <a href="index.php">Home </a> · <a href="admin_home.php">Administrators </a> · <b>Today's date is <?php echo date('D j F, Y ');?>· <a href="logout.php">Logout</a></b> </div> <div class="middle"> <h2>Add Race Results.</h2> <form action="do_modify_user.php" id="update" name="update" method="post"> <?php echo "Your Email Address: ".$user; ?> <p>First Name <input name="updateFirstName" type="text" id="updateFirstName" value = "<?php echo $first_name;?>"/> </p> <p>Last Name <input name="updateLastName" type="text" id="updateLastName" value = "<?php echo $last_name;?>"/>" </p> <p>Gender <input name="updateGender" type="text" id="updateGender" value = "<?php echo $gender;?>"/>" </p> <p>Email Address <input name="updateEmail" type="text" id="updateEmail" value = "<?php echo $email_address;?>"/>" </p> <p>Address Line One <input name="updateAddress" type="text" id="updateAddress" value = "<?php echo $address_line_one;?>"/>" </p> <p>Date of Birth (YYYY-MM-DD) <input name="updateDOB" type="text" id="updateDOB" value = "<?php echo $dob;?>"/>" </p> <input name="update" type="submit" id="update" value="Update Details" /> <input type="hidden" name="MM_UPDATE" value="updateForm" /> </p> <p align="center"> </p> </form> </div> <div id="clear"></div> </div> <div id="bottom"></div> </div> <div id="footer"> Copyright Incredible Shoes Running Club 2007</a> </div> </body> </html> Apologies for the hefty amounts of code, it appears to be do_modify_user.php that is causing me the problem , any ideas? im not very experienced with php and mysql, so I've probably done something obviously wrong with the update query but I just can't see what Any help greatly appreciated Link to comment https://forums.phpfreaks.com/topic/46119-solved-member-logged-in-updating-their-details/ Share on other sites More sharing options...
esukf Posted April 8, 2007 Share Posted April 8, 2007 You are missing single quotes around the string values in your update statement. $sql = "UPDATE member SET first_name = '".$first_name."', etc You should use mysql_real_escape_string() to clean the POST values. Link to comment https://forums.phpfreaks.com/topic/46119-solved-member-logged-in-updating-their-details/#findComment-224144 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.