franknu Posted April 9, 2007 Share Posted April 9, 2007 ok i have a form where the user type in user name and password to update the a form the problem is that it is not showing values in the form when the user login the only one that work is where it says user name and password i dont understand why i will insert full code so u guys can see it $User_Name=strtolower($_POST['User_Name']); $Password=strtolower($_POST['Password']); $usercheck = mysql_query("SELECT * FROM business_info where User_Name='$User_Name' AND Password='$Password'",$db); $userrow = mysql_fetch_array($usercheck); $num_rows = mysql_num_rows($usercheck); $query = "SELECT * FROM business_info where BusinessName='$BusinessName' AND User_Name='$User_Name' AND Password='$Password'"; $result = mysql_query($query); while ($row = mysql_fetch_assoc($result)) { $BusinessName= $row['BusinessName']; $Keyword = $row['Keyword']; $Picture1 = $row['Picture1']; $Headline = $row['Headline']; $Slogan =$row['Slogan']; $Slogan2 = $row['Slogan2']; $Description1 =$row['Description1']; $Description2 = $row['Description2']; $Description3= $row['Description3']; $Contact2 = $row['Contact2']; $Picture2 = $row['Picture2']; $Picture3 = $row['Picture3']; $Categories=$row['Categories']; $Business_Address= $row['Business_Address']; $make=$row['make']; $type=$row['type']; $Tel= $row['Tel']; $Website=$row['Website']; } if ($num_rows!=1) { print "<p><b>username and/or password not found. Try again?</b></p>"; } else { echo" <table border='0'>"; echo"<tr>"; echo"<td valign='top'>"; echo"<table border='0'>"; echo"<tr>"; echo" <td bgcolor='cococo'>"; echo"<a href='index.php'>"; //100 echo"Home"; echo"<font color='cococo'>ddddddddddddddddddddd</font> </a>"; echo"</td></tr>"; echo"<tr>"; echo "<td>welcome $BusinessName, "; echo"<font color='ffffff'>dddddddddddddddddddfffffffffffffffffffdd</font> </td>"; echo "</tr>"; echo" </table> <table background='../images/fondo2.jpg' border='1' valign='top'>"; echo"<tr>"; echo" <td valign='top'>"; echo "<table border='1'background='../images/fondo2.jpg' valign='top'>"; echo"<tr>"; echo" <td>"; echo" <a href= 'http://entrepreneur.com'>Pictures Uploads/change</a>"; echo" </td> </tr> <tr> <td>"; echo" <a href= 'http://entrepreneur.com'>Advertise your website</a>"; echo" </td> </tr><tr> <td></td></tr> <tr> <td>"; echo"<a href='http://69.89.27.201:2082/horde/index.php/'>Email</a> </td></tr> <tr> <td></td> </tr> <tr> <td>"; echo"<a href='http://www.nasdaq.com'>Stock Market</a></td>"; echo" </tr> </table> </td> <td valign='top'> <center><table border='1'> <tr>"; //145 echo"<td><a href=\'update.php?update=true\'>update</a></td>"; echo"<td><a href=\'keyword.php?keyword=true\'>Add Key words</a></td>"; echo"<td><a href='http://www.ccbill.com'>CCBILL</a></td> </tr></table> </center> "; $sql = "SELECT * FROM business_info WHERE BusinessName = '$BusinessName' AND User_Name = '$User_Name'"; $result = mysql_query($query) or die ("Problem with the query: <pre>$sql</pre><br>" . mysql_error()); $res2 = mysql_fetch_assoc($result); { $query="UPDATE business_info SET BusinessName= ('$BusinessName'), `Slogan`=('$_POST[$Slogan]'), Business_Address = ('$_POST[business_Address]'), Tel=('$_POST[Tel]'), Website= ('$_POST[Website]'), Email = ('$_POST[Email]'), Fax= ('$_POST[Fax]'), `type`='$type', make = '$make', Categories = ('$_POST[Categories]'), Keyword = ('$_POST[Keyword]'), Picture1 = ('$_POST[Picture1]'), Headline = ('$_POST[Headline]'), Slogan2 = ('$_POST[slogan2]'), Description1 = ('$_POST[Description1]'), Description2 = ('$POST[Description2]'), Description3 = ('$_POST[Description3]'), Picture2 = ('$_POST[Picture2]'), Picture3 = ('$_POST[Picture3]'), `Password`= '$Password' WHERE User_Name = '$User_Name'"; $result = mysql_query($query) or die ("Problem with the query: <pre>$query</pre><br>" . mysql_error()); } echo'<table bgcolor="ffffff">'; echo'<tr><td> <table><tr> </tr> </table> </td></tr><tr><td></td> </tr><tr><td> <table> <tr> <td><table bgcolor="ffffff"> <tr> <td> <table> '; //208 echo'<form action="'. $_SERVER['PHP_SELF'].'" method="post" enctype="multipart/form-data">'; echo'<tr>'; echo'<td> Busiess Info </td></tr><tr> <td> <table> <tr> <td> Business Name </td> <td>'; echo'<input type="text" NAME="BusinessName" value="'. stripslashes($_POST['BusinessName']).'" >'; echo '</td>'; echo'</tr> <tr> <td> Slogan </td> <td>'; echo'<input type="text" NAME="Slogan" value="'. stripslashes($_POST['Slogan']).'" >'; echo"</td> <td> Website </td> <td>"; echo'<input type="text" name="Website" value="' . stripslashes($_POST['Website']). '" >'; echo' </td>'; echo"</tr> <tr> <td> Tel </td> <td>"; echo'<input type="text" name="Tel" value="' . stripslashes ($_POST['Tel']). '" >'; echo"</td>"; echo"<td> Key Words </td> <td>"; echo'<input type="text" name="Keyword" value="' . stripslashes($_POST['Keyword']). '" >'; echo"</td> </tr> <tr> <td> Fax </td> <td>"; echo '<input type="text" name="Fax" value="' . stripslashes($_POST['Fax']). '">'; echo"</td> <td> Address </td> <td>"; echo '<textarea rows="1" cols="1" name="Business_Address">' . stripslashes($_POST['Business_Address']) . '</textarea>'; echo"</td> </tr></table> </td></tr><tr> <td><table><tr> <td> </td> <td> </td> <td></td><td> </td><td> Category</td><td>"; echo '<textarea rows="5" cols="65" name="Categories">' . stripslashes($_POST['Categories']) . '</textarea>'; echo" </td></tr></table><table> <tr><td>Business Webpage</td> </tr><tr><td>Headline</td> </tr><tr><td>"; echo '<input type="text" name="Headline" value="' . stripslashes($_POST['Headline']).'" >'; echo" </td>"; echo" </tr>"; echo"<tr>"; echo" <td> Slogan </td> </tr> <tr>"; echo '<td> <input type="text" name="Slogan2" value="' . stripslashes($_POST['Slogan2']). '" >'; echo'</td></tr><tr> <td> About US </td> </tr><tr><td>'; echo '<textarea rows="5" cols="65" name="Description1">' . stripslashes($_POST['Description1']) . '</textarea>'; echo'</td> </tr> <tr> <td> Products / Services </td> </tr> <tr> <td>'; echo '<textarea rows="5" cols="65" name="Description2">' . stripslashes($_POST['Description2']) . '</textarea>'; echo'</td> </tr> <tr> <td> Areas Served </td> </tr> <tr> <td>'; echo '<textarea rows="5" cols="65" name="Description3">' . stripslashes($_POST['Description3']) . '</textarea>'; echo'</td> </tr> <tr> <td> <table>'; echo"<table>"; echo"<tr> <td>"; echo" Picture1"; echo' <input name="Picture1" type="file" value="' . stripslashes($_POST['Picture1']).'" >'; echo'</td>'; echo'<td> '; echo"</td>"; echo"</tr>"; echo"<tr> <td>"; echo" Picture2"; echo" <input name='Picture2' type='file' value=''></td> <td> <img src='dfdfd.jpg'></td>"; echo"</tr>"; echo"<tr> <td>"; echo" Picture3"; echo" <input name='Picture3' type='file' value=''></td> <td> <img src='dfdfd.jpg'></td>"; echo"</tr>"; echo"<tr> <td>"; echo" Picture4"; echo" <input name='Picture4' type='file' value=''></td> <td> <img src='dfdfd.jpg'></td>"; echo"</tr>"; echo"<tr> <td>"; echo" Picture5"; echo" <input name='Picture5' type='file' value=''></td> <td> <img src='dfdfd.jpg'></td>"; echo"</tr>"; echo"<tr> <td>"; echo" Picture6"; echo" <input name='Picture6' type='file' value=''></td> <td> <img src='dfdfd.jpg'></td>"; echo"</tr>"; echo"<tr> <td>"; echo" Video"; echo" <input name='video' type='file' value=''></td> <td> <img src='dfdfd.jpg'></td>"; echo"</tr>"; echo"<tr> <td>"; echo"Sound"; echo" <input name='sound' type='file' value=''></td> <td> <img src='dfdfd.jpg'></td>"; echo"</tr>"; echo"<tr> <td>"; echo"You Tube"; echo" <input name='tube' type='file' value=''></td> <td> <img src='dfdfd.jpg'></td>"; echo"</tr>"; echo" <tr> <td bgcolor='c0c0c0'>"; echo"<br> <br> User Name"; echo"<input type='text' name='User_Name' value='$User_Name'>"; echo" Password"; echo" <input type='text' name='Password' value='$Password'>"; echo"</td> </tr></tr> </table> </table> </td> </tr> <tr> <td>"; echo"<input type='submit' value='Update my database' name='submit' />"; echo" <input type='reset' value='Reset fields' />"; Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted April 9, 2007 Share Posted April 9, 2007 Please edit you post and surround you code with the tags. This will make your post much easier to read. Ken Quote Link to comment Share on other sites More sharing options...
neel_basu Posted April 9, 2007 Share Posted April 9, 2007 Add This at the top of your code echo "<pre>"; print_r($_POST); echo "</pre>"; And Show the Output Quote Link to comment Share on other sites More sharing options...
franknu Posted April 9, 2007 Author Share Posted April 9, 2007 i got this Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING Quote Link to comment Share on other sites More sharing options...
franknu Posted April 9, 2007 Author Share Posted April 9, 2007 the add things is the value= passoword ans user name is showing the values but not the others Quote Link to comment Share on other sites More sharing options...
franknu Posted April 9, 2007 Author Share Posted April 9, 2007 hey this print_r($_POST); echo ""; gave me on my display Array ( [user_Name] => franknu [Password] => abc123 [submit] => LogMeIn ) Quote Link to comment Share on other sites More sharing options...
neel_basu Posted April 9, 2007 Share Posted April 9, 2007 SECURITY ISSUE I WANNA HIGHLIGHT THE ATTENTION OF THE MODERATORS AND ADMINISTRATORS OF PHPFREAKS IN THIS POST OF MINE The posts is Sometime parsing some HTML Codes as HTML but its not Safe to PHPFREAKS. PLEASE Fix This. e.g. Using htmlspecialchars() while Inserting the values In the Database. IN My above I wrote <pre></pre>But It parsed It as a HTML Code To ~franknu Use This echo "<pre>"; print_r($_POST); echo "</pre>"; --------------------- <pre>This Line Is In pre Another Line in pre Look Although I've Used pre code blocks here Its not showing</pre>Another line out of the pre Quote Link to comment Share on other sites More sharing options...
franknu Posted April 9, 2007 Author Share Posted April 9, 2007 ok that is the new display Array ( [user_Name] => franknu [Password] => abc123 [submit] => LogMeIn ) if i type all the info it will work fine my problems is when i log out and then try to log in again. not info show in the value except the one that say User_Name and Password Quote Link to comment Share on other sites More sharing options...
neel_basu Posted April 9, 2007 Share Posted April 9, 2007 Post the code for log Out Quote Link to comment Share on other sites More sharing options...
franknu Posted April 9, 2007 Author Share Posted April 9, 2007 i dont have any code for log out i did some exactly just like the user_Name AND Password and nothing Quote Link to comment Share on other sites More sharing options...
neel_basu Posted April 9, 2007 Share Posted April 9, 2007 my problems is when i log out and then try to log in again. So how you are logging out Quote Link to comment Share on other sites More sharing options...
franknu Posted April 9, 2007 Author Share Posted April 9, 2007 just closing the window or browser i mean it updates all the info with not problem in the database, it is just when i need to log in again let say to make new changes Quote Link to comment Share on other sites More sharing options...
kenrbnsn Posted April 9, 2007 Share Posted April 9, 2007 SECURITY ISSUE I WANNA HIGHLIGHT THE ATTENTION OF THE MODERATORS AND ADMINISTRATORS OF PHPFREAKS IN THIS POST OF MINE That's what the tags do which is why you should ALWAYS use them when entering code snippets. Ken Quote Link to comment Share on other sites More sharing options...
neel_basu Posted April 9, 2007 Share Posted April 9, 2007 Thanks So what it shows when you try to login again. Quote Link to comment Share on other sites More sharing options...
franknu Posted April 9, 2007 Author Share Posted April 9, 2007 something i think my be interesting it is when i do the post dispaly it is not showing all the values it show say something like this Array ( [businessName] => tyrtytr [slogan] => [Website] => [Tel] => [Keyword] => [Fax] => [business_Address] => [Categories] => [Headline] => [slogan2] => [Description1] => [Description2] => [Description3] => [user_Name] => franknu [Password] => abc123 [submit] => Update my database ) Quote Link to comment Share on other sites More sharing options...
franknu Posted April 9, 2007 Author Share Posted April 9, 2007 when i try to login again it shows not value in the text box Quote Link to comment Share on other sites More sharing options...
neel_basu Posted April 9, 2007 Share Posted April 9, 2007 Cause these Fields Are Blank ?? [slogan] [Website] [Tel] [Keyword] [Fax] [business_Address] [Categories] [Headline] [slogan2] [Description1] [Description2] [Description3] this fields were not filled Up in the HTML form Quote Link to comment Share on other sites More sharing options...
franknu Posted April 9, 2007 Author Share Posted April 9, 2007 well it should show the data that is in the database when i login but it is not even showing them. i mean if put values in there i will go right into the database... and it will show it for example Array ( [businessName] => tyrtytr [slogan] => rtytry [Website] => dfdfdf [Tel] => dfd [Keyword] => fddf [Fax] => df [business_Address] => df [Categories] => fdf [Headline] => df [slogan2] => dfd [Description1] => df [Description2] => dfd [Description3] => dfd [user_Name] => franknu [Password] => abc123 [submit] => Update my database ) that is what shows if i typew in values and hit update the database bottom but let say i close the window and try to log in again the it wont show me the values that are in the databse exept for the user_name and password Quote Link to comment Share on other sites More sharing options...
neel_basu Posted April 9, 2007 Share Posted April 9, 2007 Honestly I was being Confused. I'vent go through all your long codes.first of all let me make sure wheather what I am thinking is correct or not ?? Your script Is for updating the database. Its first updating the database and the select * from table to show all the update Values ?? am I right ?? and Please Clarify Whats your problem. Quote Link to comment Share on other sites More sharing options...
franknu Posted April 9, 2007 Author Share Posted April 9, 2007 yes that is right,... and my problem is that after i update all the info and then i login again it is not show any values which means that if i hit the update bottom i will delete all the info that is on the database. The odd Thing is that it shows the value for User_Name and Password.. it is just not showing it for all the other stuff Quote Link to comment Share on other sites More sharing options...
boo_lolly Posted April 9, 2007 Share Posted April 9, 2007 you're not going to be able to logout successfully by simply closing your browser. every browser handles it differently. my suggestion would be to logout by using a link that will unset the session data. and on each page, you should be checking to see if the user is logged in by using something like: if(!isset($_SESSION['username'] || !isset($_SESSION['password'])){ die('you do not have access to this page. please login'); } of course, this is only after you've verified their username and password with your sql query and logged them in successfully. Quote Link to comment Share on other sites More sharing options...
neel_basu Posted April 9, 2007 Share Posted April 9, 2007 Replace if ($num_rows!=1) { print "<p><b>username and/or password not found. Try again?</b></p>"; } By if ($num_rows == 0 || $num_rows > 1) { print "<p><b>username and/or password not found. Try again?</b></p>"; } Quote Link to comment Share on other sites More sharing options...
neel_basu Posted April 9, 2007 Share Posted April 9, 2007 { $query="UPDATE business_info SET BusinessName= ('$BusinessName'), `Slogan`=('$_POST[$Slogan]'), Business_Address = ('$_POST[business_Address]'), Tel=('$_POST[Tel]'), Website= ('$_POST[Website]'), Email = ('$_POST[Email]'), Fax= ('$_POST[Fax]'), `type`='$type', make = '$make', Categories = ('$_POST[Categories]'), Keyword = ('$_POST[Keyword]'), Picture1 = ('$_POST[Picture1]'), Headline = ('$_POST[Headline]'), Slogan2 = ('$_POST[slogan2]'), Description1 = ('$_POST[Description1]'), Description2 = ('$POST[Description2]'), Description3 = ('$_POST[Description3]'), Picture2 = ('$_POST[Picture2]'), Picture3 = ('$_POST[Picture3]'), `Password`= '$Password' WHERE User_Name = '$User_Name'"; $result = mysql_query($query) or die ("Problem with the query: <pre>$query</pre><br>" . mysql_error()); } This '{' and '}' Is for what ?? I didn't find any if or else or while or any other construct before this code block Quote Link to comment Share on other sites More sharing options...
franknu Posted April 9, 2007 Author Share Posted April 9, 2007 ok. i Deleted the { } i am getting the same result however that is not where i think the problem is because this update the database and it is doing its job it is when i login that it is not showing the values from the database Quote Link to comment Share on other sites More sharing options...
neel_basu Posted April 9, 2007 Share Posted April 9, 2007 I am going through your script line by line. and Posting the errors I find. Look Over here if ($num_rows!=1) { print "<p><b>username and/or password not found. Try again?</b></p>"; } else { Closing Braces Of else e.g. '}' of else not found Use this instead of teh previous one $usercheck = mysql_query("SELECT * FROM business_info where User_Name='$User_Name' AND Password='$Password'",$db)or die(mysql_error()); and $result = mysql_query($query) or die(mysql_error()); Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.