franknu Posted April 11, 2007 Share Posted April 11, 2007 ok, i have this code for the users to update the database the only problem is that it is only displaying user_Name and password and i want the user to make changes to the whole raw in the database, but it only can change user-name and password because it is the only value that is showing in the text area i am only displaying partial part of the code where the problems is $Contact2 = (isset($_POST['Contact2']) ? $_POST['Contact2']:''); $Picture2 = (isset($_POST['Picture2']) ? $_POST['Picture2']:''); $Picture3 = (isset($_POST['Picture3']) ? $_POST['Picture3']:''); $Picture4 = (isset($_POST['Picture4']) ? $_POST['Picture4']:''); $User_Name = (isset($_POST['User_Name']) ? $_POST['User_Name']:''); $Password = (isset($_POST['Password']) ? $_POST['Password']: ''); $User_Name=strtolower($_POST['User_Name']); $Password=strtolower($_POST['Password']); $usercheck = mysql_query("SELECT * FROM business_info where User_Name='$User_Name' AND Password='$Password'",$db); $userrow = mysql_fetch_array($usercheck); $num_rows = mysql_num_rows($usercheck); $query = "SELECT * FROM business_info where BusinessName='$BusinessName' AND User_Name='$User_Name' AND Password='$Password'"; $result = mysql_query($query); while ($row = mysql_fetch_assoc($result)) { $BusinessName= $row['BusinessName']; $Keyword = $row['Keyword']; $Picture1 = $row['Picture1']; $Headline = $row['Headline']; $Slogan =$row['Slogan']; $Slogan2 = $row['Slogan2']; $Description1 =$row['Description1']; $Description2 = $row['Description2']; $Description3= $row['Description3']; $Contact2 = $row['Contact2']; $Picture2 = $row['Picture2']; $Picture3 = $row['Picture3']; $Categories=$row['Categories']; $Business_Address= $row['Business_Address']; $make=$row['make']; $type=$row['type']; $Tel= $row['Tel']; $Website=$row['Website']; } if ($num_rows == 0 || $num_rows > 1) { print "<p><b>username and/or password not found. Try again?</b></p>"; } else { Quote Link to comment Share on other sites More sharing options...
MadTechie Posted April 11, 2007 Share Posted April 11, 2007 from the code i can't workout what you want to do! ??? Quote Link to comment Share on other sites More sharing options...
mjlogan Posted April 11, 2007 Share Posted April 11, 2007 Watch out for SQL injection. 1;DROP TABLE business_info in the password field Quote Link to comment Share on other sites More sharing options...
franknu Posted April 11, 2007 Author Share Posted April 11, 2007 i want to display the values that are in the database, so i can update the database, when the user type in his User_Name AND Password. It is displaying User_Name and Password values in the text field but i want all the values for business_info table Quote Link to comment Share on other sites More sharing options...
trq Posted April 11, 2007 Share Posted April 11, 2007 This code is all over the place. Can you explain why your running two queries in a row that fatch the same data? <?php $usercheck = mysql_query("SELECT * FROM business_info where User_Name='$User_Name' AND Password='$Password'",$db); $userrow = mysql_fetch_array($usercheck); $num_rows = mysql_num_rows($usercheck); $query = "SELECT * FROM business_info where BusinessName='$BusinessName' AND User_Name='$User_Name' AND Password='$Password'"; $result = mysql_query($query); ?> The second one of course will fetch nothing because $BussinessName is not defined anywhere. Well, not anywhere we can see anyway. Also, you assume your queries actually work. There is no error checking at all. The proper syntz for a SELECT should be something like... <?php if ($result = mysql_query($sql)) { if (mysql_num_rows($result)) { // it is now safe to call mysql_fetch_assoc() while ($row = mysql_fetch_assoc($result)) { // display data. } } } ?> Other than that, we need to see the code which displays this form your talking about. Quote Link to comment Share on other sites More sharing options...
franknu Posted April 11, 2007 Author Share Posted April 11, 2007 ok now i am getting this error : Problem with the query: SELECT * FROM business_info WHERE BusinessName = '' AND User_Name = 'franknu' AND Password='abc123' Query was empty here is the changes i made $Picture4 = (isset($_POST['Picture4']) ? $_POST['Picture4']:''); $User_Name = (isset($_POST['User_Name']) ? $_POST['User_Name']:''); $Password = (isset($_POST['Password']) ? $_POST['Password']: ''); $User_Name=strtolower($_POST['User_Name']); $Password=strtolower($_POST['Password']); $usercheck = mysql_query("SELECT * FROM business_info where User_Name='$User_Name' AND Password='$Password'",$db); $userrow = mysql_fetch_array($usercheck); $num_rows = mysql_num_rows($usercheck); //$query = "SELECT * FROM business_info where //BusinessName='$BusinessName' AND //User_Name='$User_Name' AND // Password='$Password'"; $result = mysql_query($query); if ($result = mysql_query($query)) { if (mysql_num_rows($result)) { while ($row = mysql_fetch_assoc($result)) { $BusinessName= $row['BusinessName']; $Keyword = $row['Keyword']; $Picture1 = $row['Picture1']; $Headline = $row['Headline']; $Slogan =$row['Slogan']; $Slogan2 = $row['Slogan2']; $Description1 =$row['Description1']; $Description2 = $row['Description2']; $Description3= $row['Description3']; $Contact2 = $row['Contact2']; $Picture2 = $row['Picture2']; $Picture3 = $row['Picture3']; $Categories=$row['Categories']; $Business_Address= $row['Business_Address']; $make=$row['make']; $type=$row['type']; $Tel= $row['Tel']; $Website=$row['Website']; } } } if ($num_rows == 0 || $num_rows > 1) { print "<p><b>username and/or password not found. Try again?</b></p>"; } else { echo" <table border='0'>"; echo"<tr>"; Quote Link to comment Share on other sites More sharing options...
franknu Posted April 11, 2007 Author Share Posted April 11, 2007 Maybe do i have to get A GET[ ]somewhere please help Quote Link to comment Share on other sites More sharing options...
trq Posted April 11, 2007 Share Posted April 11, 2007 Look at what your doing. You dont define $query anywhere, your still trying to run multiple queries to essentially get the same data and you still have not shown us your form. <?php $User_Name = (isset($_POST['User_Name']) ? strtolower($_POST['User_Name']):''); $Password = (isset($_POST['Password']) ? strtolower($_POST['Password']): ''); $query = "SELECT * FROM business_info where User_Name='$User_Name' AND `Password`='$Password'" if ($result = mysql_query($query)) { if (mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); $BusinessName= $row['BusinessName']; $Keyword = $row['Keyword']; $Picture1 = $row['Picture1']; $Headline = $row['Headline']; $Slogan =$row['Slogan']; $Slogan2 = $row['Slogan2']; $Description1 =$row['Description1']; $Description2 = $row['Description2']; $Description3= $row['Description3']; $Contact2 = $row['Contact2']; $Picture2 = $row['Picture2']; $Picture3 = $row['Picture3']; $Categories=$row['Categories']; $Business_Address= $row['Business_Address']; $make=$row['make']; $type=$row['type']; $Tel= $row['Tel']; $Website=$row['Website']; } else { echo "<p><b>username and/or password not found. Try again?</b></p>"; } } else { echo "Query failed<br />$query<br />. mysql_error(); } ?> Ive removed the while() loop because I assume you'll only be retrieviing one matching record. Also note the backticks around Password in your query. Password is areserved word in sql and should be avoided. Quote Link to comment Share on other sites More sharing options...
franknu Posted April 11, 2007 Author Share Posted April 11, 2007 i tried that one is givinf me to many parser errors Quote Link to comment Share on other sites More sharing options...
MadTechie Posted April 11, 2007 Share Posted April 11, 2007 change <?php } else { echo "Query failed<br />$query<br />. mysql_error(); } ?> to <?php } else { echo "Query failed<br />$query<br />". mysql_error(); } ?> Quote Link to comment Share on other sites More sharing options...
franknu Posted April 12, 2007 Author Share Posted April 12, 2007 well, i done almost everything with this and nothing seems to change here are the lastest changes made: $Description1 = (isset($_POST['Description1']) ? $_POST['Description1']:''); $Description2 = (isset($_POST['Description2']) ? $_POST['Description2']:''); $Description3= (isset($_POST['Description3']) ? $_POST['Description3']:''); $Contact2 = (isset($_POST['Contact2']) ? $_POST['Contact2']:''); $Picture2 = (isset($_POST['Picture2']) ? $_POST['Picture2']:''); $Picture3 = (isset($_POST['Picture3']) ? $_POST['Picture3']:''); $Picture4 = (isset($_POST['Picture4']) ? $_POST['Picture4']:''); $User_Name = (isset($_POST['User_Name']) ? $_POST['User_Name']:''); $Password = (isset($_POST['Password']) ? $_POST['Password']: ''); $User_Name=strtolower($_POST['User_Name']); $Password=strtolower($_POST['Password']); //$query = "SELECT * FROM business_info where //User_Name='$User_Name' //AND Password='$Password'"; //$usercheck=$query; //$result = mysql_query($query); //$usercheck = mysql_query("SELECT * FROM business_info where //User_Name='$User_Name' //AND Password='$Password'",$db); //$userrow = mysql_fetch_array($usercheck); //$num_rows = mysql_num_rows($usercheck); $query = "SELECT * FROM business_info where User_Name='$User_Name' AND `Password`='$Password'"; if ($result = mysql_query($query)) { if (mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); $BusinessName= $row['BusinessName']; $Keyword = $row['Keyword']; $Picture1 = $row['Picture1']; $Headline = $row['Headline']; $Slogan =$row['Slogan']; $Slogan2 = $row['Slogan2']; $Description1 =$row['Description1']; $Description2 = $row['Description2']; $Description3= $row['Description3']; $Contact2 = $row['Contact2']; $Picture2 = $row['Picture2']; $Picture3 = $row['Picture3']; $Categories=$row['Categories']; $Business_Address= $row['Business_Address']; $make=$row['make']; $type=$row['type']; $Tel= $row['Tel']; $Website=$row['Website']; } else { echo "<p><b>username and/or password not found. Try again?</b></p>"; } } else { echo "Query failed<br />$query<br />". mysql_error(); } echo ' <table border>'; echo'<tr>'; echo'<td>'; echo'<table>'; echo'<tr>'; echo' <td>'; //100 echo 'Home'; echo'</td></tr>'; echo'<tr>'; // new line echo '<td>welcome </td>'; echo'$BusinessName'; it is not selecting from the database Quote Link to comment Share on other sites More sharing options...
MadTechie Posted April 12, 2007 Share Posted April 12, 2007 OK 1. next time please post in the [ code] tags 2. add this to the top of the page. <?php echo "GET="; print_r($_GET); echo "<BR>POST="; print_r($_POST); ?> EDIT: and show us the result Quote Link to comment Share on other sites More sharing options...
franknu Posted April 12, 2007 Author Share Posted April 12, 2007 this is what i am getting GET=Array ( ) POST=Array ( [user_Name] => franknu [Password] => abc123 [submit] => LogMeIn ) Quote Link to comment Share on other sites More sharing options...
trq Posted April 12, 2007 Share Posted April 12, 2007 What output are you getting. eg, does it say username and/or password not found. Try again? or the Query failed... message? Quote Link to comment Share on other sites More sharing options...
franknu Posted April 12, 2007 Author Share Posted April 12, 2007 not it actually is showing the password and user name so i can even make changes to that the problem is on the other values like business name and all the other stuff. it is not showing any values what so ever Quote Link to comment Share on other sites More sharing options...
MadTechie Posted April 12, 2007 Share Posted April 12, 2007 OK.... add <?php print_r($row); ?> at the end Quote Link to comment Share on other sites More sharing options...
trq Posted April 12, 2007 Share Posted April 12, 2007 Like Ive said several times. Post the code that displays the form! Quote Link to comment Share on other sites More sharing options...
MadTechie Posted April 12, 2007 Share Posted April 12, 2007 WITHIN the CODE TAGS please... Quote Link to comment Share on other sites More sharing options...
franknu Posted April 12, 2007 Author Share Posted April 12, 2007 here is my display GET=Array ( ) POST=Array ( [user_Name] => franknu [Password] => abc123 [submit] => LogMeIn ) Array ( [id] => 2669 [businessName] => dsfdsf [slogan] => [business_Address] => [Tel] => [Website] => => [Fax] => [type] => [make] => [Categories] => [Keyword] => [Picture1] => [Headline] => [slogan2] => [Description1] => [Description2] => [Description3] => [Picture2] => [Picture3] => [user_Name] => franknu [Password] => abc123 [Picture4] => [Picture5] => [Picture6] => [Picture7] => [Picture8] => ) Quote Link to comment Share on other sites More sharing options...
franknu Posted April 12, 2007 Author Share Posted April 12, 2007 if i do script doesnt comes up as php it looks harder to read Quote Link to comment Share on other sites More sharing options...
trq Posted April 12, 2007 Share Posted April 12, 2007 Im lost. What are you posting where? I thought you where trying to make a form where users could type there username and password, this form would submit to a script to get all there info from the database and display it in another form for them to edit. What exactly are you trying to do again? Quote Link to comment Share on other sites More sharing options...
MadTechie Posted April 12, 2007 Share Posted April 12, 2007 BusinessName should be appearing can you please Post the code that displays the form! within the[ code] tags Quote Link to comment Share on other sites More sharing options...
franknu Posted April 12, 2007 Author Share Posted April 12, 2007 ok here is my codes $query = "SELECT * FROM business_info where User_Name='$User_Name' AND `Password`='$Password'"; if ($result = mysql_query($query)) { if (mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); $BusinessName= $row['BusinessName']; $Keyword = $row['Keyword']; $Picture1 = $row['Picture1']; $Headline = $row['Headline']; $Slogan =$row['Slogan']; $Slogan2 = $row['Slogan2']; $Description1 =$row['Description1']; $Description2 = $row['Description2']; $Description3= $row['Description3']; $Contact2 = $row['Contact2']; $Picture2 = $row['Picture2']; $Picture3 = $row['Picture3']; $Categories=$row['Categories']; $Business_Address= $row['Business_Address']; $make=$row['make']; $type=$row['type']; $Tel= $row['Tel']; $Website=$row['Website']; } else { echo "<p><b>username and/or password not found. Try again?</b></p>"; } } else { echo "Query failed<br />$query<br />". mysql_error(); } echo "GET="; print_r($_GET); echo "<BR>POST="; print_r($_POST); print_r($row); echo ' <table border>'; echo'<tr>'; echo'<td>'; echo'<table>'; echo'<tr>'; echo' <td>'; //100 echo 'Home'; echo'</td></tr>'; echo'<tr>'; // new line echo '<td>welcome </td>'; echo'$BusinessName'; echo '</tr>'; //here echo'</table>'; echo'<table background="../images/fondo2.jpg" >'; echo'<tr>'; echo' <td valign="top">'; echo "<table border='1'background='../images/fondo2.jpg' valign='top'>"; echo"<tr>"; echo" <td>"; echo" <a href= 'http://entrepreneur.com'>Pictures Uploads/change</a>"; echo" </td> </tr> <tr> <td>"; echo" <a href= 'http://entrepreneur.com'>Advertise your website</a>"; echo" </td> </tr><tr> <td></td></tr> <tr> <td>"; echo"<a href='http://69.89.27.201:2082/horde/index.php/'>Email</a> </td></tr> <tr> <td></td> </tr> <tr> <td>"; echo"<a href='http://www.nasdaq.com'>Stock Market</a></td>"; echo" </tr> </table> </td> <td valign='top'> <center><table border='1'> <tr>"; //145 echo"<td><a href=\'update.php?update=true\'>update</a></td>"; echo"<td><a href=\'keyword.php?keyword=true\'>Add Key words</a></td>"; echo"<td><a href='http://www.ccbill.com'>CCBILL</a></td> </tr></table> </center> "; $sql = "SELECT * FROM business_info WHERE BusinessName = '$BusinessName' AND User_Name = '$User_Name' AND Password='$Password'"; $result = mysql_query($query) or die ("Problem with the query: <pre>$sql</pre><br>" . mysql_error()); $res2 = mysql_fetch_assoc($result); $query="UPDATE business_info SET BusinessName= '$BusinessName', `Slogan`=('$_POST[$Slogan]'), Business_Address = ('$_POST[business_Address]'), Tel=('$_POST[Tel]'), Website= ('$_POST[Website]'), Email = ('$_POST[Email]'), Fax= ('$_POST[Fax]'), `type`='$type', make = '$make', Categories = ('$_POST[Categories]'), Keyword = ('$_POST[Keyword]'), Picture1 = ('$_POST[Picture1]'), Headline = ('$_POST[Headline]'), Slogan2 = ('$_POST[slogan2]'), Description1 = ('$_POST[Description1]'), Description2 = ('$POST[Description2]'), Description3 = ('$_POST[Description3]'), Picture2 = ('$_POST[Picture2]'), Picture3 = ('$_POST[Picture3]'), `Password`= '$Password' WHERE User_Name = '$User_Name'"; $result = mysql_query($query) or die ("Problem with the query: <pre>$query</pre><br>" . mysql_error()); echo'<table bgcolor="ffffff">'; echo'<tr><td> <table><tr> </tr> </table> </td></tr><tr><td></td> </tr><tr><td> <table> <tr> <td><table bgcolor="ffffff"> <tr> <td> <table> '; //208 echo'<form action="'. $_SERVER['PHP_SELF'].'" method="post" enctype="multipart/form-data">'; echo'<tr>'; echo'<td> Busiess Info </td></tr><tr> <td> <table> <tr> <td> Business Name </td> <td>'; echo '<input type="text" name="BusinessName" value="' . stripslashes($_POST['BusinessName']) .'">'; echo '</td>'; echo'</tr> <tr> <td> Slogan </td> <td>'; echo'<input type="text" NAME="Slogan" value="'. stripslashes($_POST['Slogan']).'" >'; echo"</td> <td> Website </td> <td>"; echo'<input type="text" name="Website" value="' . stripslashes($_POST['Website']). '" >'; echo' </td>'; echo"</tr> <tr> <td> Tel </td> <td>"; echo'<input type="text" name="Tel" value="' . stripslashes ($_POST['Tel']). '" >'; echo"</td>"; echo"<td> Key Words </td> <td>"; echo'<input type="text" name="Keyword" value="' . stripslashes($_POST['Keyword']). '" >'; echo"</td> </tr> <tr> <td> Fax </td> <td>"; echo '<input type="text" name="Fax" value="' . stripslashes($_POST['Fax']). '">'; echo"</td> <td> Address </td> <td>"; echo '<input type="text" name="Business_Address" value="' . stripslashes($_POST['Business_Address']) .'">'; echo"</td> </tr></table> </td></tr><tr> <td><table><tr> <td> </td> <td> </td> <td></td><td> </td><td> Category</td><td>"; echo '<textarea rows="5" cols="65" name="Categories">' . stripslashes($_POST['Categories']) . '</textarea>'; echo" </td></tr></table><table> <tr><td>Business Webpage</td> </tr><tr><td>Headline</td> </tr><tr><td>"; echo '<input type="text" name="Headline" value="' . stripslashes($_POST['Headline']).'" >'; echo" </td>"; echo" </tr>"; echo"<tr>"; echo" <td> Slogan </td> </tr> <tr>"; echo '<td> <input type="text" name="Slogan2" value="' . stripslashes($_POST['Slogan2']). '" >'; echo'</td></tr><tr> <td> About US </td> </tr><tr><td>'; echo '<textarea rows="5" cols="65" name="Description1">' . stripslashes($_POST['Description1']) . '</textarea>'; echo'</td> </tr> <tr> <td> Products / Services </td> </tr> <tr> <td>'; echo '<textarea rows="5" cols="65" name="Description2">' . stripslashes($_POST['Description2']) . '</textarea>'; echo'</td> </tr> <tr> <td> Areas Served </td> </tr> <tr> <td>'; echo '<textarea rows="5" cols="65" name="Description3">' . stripslashes($_POST['Description3']) . '</textarea>'; echo'</td> </tr> <tr> <td> <table>'; echo"<table>"; echo"<tr> <td>"; echo" Picture1"; echo' <input name="Picture1" type="file" value="' . stripslashes($_POST['Picture1']).'" >'; echo'</td>'; echo'<td> '; echo"</td>"; echo"</tr>"; echo"<tr> <td>"; echo" Picture2"; echo" <input name='Picture2' type='file' value=''></td> <td> <img src='dfdfd.jpg'></td>"; echo"</tr>"; echo"<tr> <td>"; echo" Picture3"; echo" <input name='Picture3' type='file' value=''></td> <td> <img src='dfdfd.jpg'></td>"; echo"</tr>"; echo"<tr> <td>"; echo" Picture4"; echo" <input name='Picture4' type='file' value=''></td> <td> <img src='dfdfd.jpg'></td>"; echo"</tr>"; echo"<tr> <td>"; echo" Picture5"; echo" <input name='Picture5' type='file' value=''></td> <td> <img src='dfdfd.jpg'></td>"; echo"</tr>"; echo"<tr> <td>"; echo" Picture6"; echo" <input name='Picture6' type='file' value=''></td> <td> <img src='dfdfd.jpg'></td>"; echo"</tr>"; echo"<tr> <td>"; echo" Video"; echo" <input name='video' type='file' value=''></td> <td> <img src='dfdfd.jpg'></td>"; echo"</tr>"; echo"<tr> <td>"; echo"Sound"; echo" <input name='sound' type='file' value=''></td> <td> <img src='dfdfd.jpg'></td>"; echo"</tr>"; echo"<tr> <td>"; echo"You Tube"; echo" <input name='tube' type='file' value=''></td> <td> <img src='dfdfd.jpg'></td>"; echo"</tr>"; echo" <tr> <td bgcolor='c0c0c0'>"; echo"<br> <br> User Name"; echo"<input type='text' name='User_Name' value='$User_Name'>"; echo" Password"; echo" <input type='text' name='Password' value='$Password'>"; echo"</td> </tr></tr> </table> </table> </td> </tr> <tr> <td>"; echo"<input type='submit' value='Update my database' name='submit' />"; echo" <input type='reset' value='Reset fields' />"; echo"<td> </form> </table> </td> <td></td></tr> </table> </td> Quote Link to comment Share on other sites More sharing options...
trq Posted April 12, 2007 Share Posted April 12, 2007 I'm sorry, but that code makes little to no sense. Explain exactly what you are trying to do. Quote Link to comment Share on other sites More sharing options...
franknu Posted April 12, 2007 Author Share Posted April 12, 2007 ok, i want the users to update the data that is on the database once they type in the user_name and Password. The problem is that when the user log in there is not data to update all the fields are blank except for the User_Name and Password Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.