Jump to content

Update Help


Clinton

Recommended Posts

When I hit the update button it kicks me out (kills my session) and takes me to the login page instead of pointing out missing items or updating the fields. Any ideas?  ???

 

<?

// connect to database
include("inc/connect.php");

// include auth and nav
include("inc/auth.php");
include("inc/nav.php");

?>

<?

$rn=("SELECT * FROM users WHERE
username='" . $_SESSION['username']."'");

$rz=mysql_query($rn);

while($row=mysql_fetch_array($rz))
{
if($row["Status"]=="0"){
echo ("<br>Have a great day! <a href='logout.php'>Close</a>");
}else{
?>

<?php

//This code runs if the form has been submitted
if (isset($_POST['submit'])) {

//This makes sure they did not leave any fields blank
if (!$_POST['password'] | !$_POST['password2'] | !$_POST['First'] | !$_POST['MI'] | !$_POST['Last'] | !$_POST['Email'] | !$_POST['Phone'] | !$_POST['CellPhone'] ) {
die('You did not complete all of the required fields');
}

// this makes sure both passwords entered match
if ($_POST['password'] != $_POST['password2']) {
die('Your passwords did not match.
');
}

// now we update the database
$insert = "(UPDATE users SET First = '".$_POST['First']."', MI = '".$_POST['MI']."', Last = '".$_POST['Last']."', Email = '".$_POST['Email']."', Phone = '".$_POST['Phone']."', CellPhone = '".$_POST['CellPhone']."', password = '".$_POST['password']."')
WHERE username = '" . $_SESSION['username']."')";
$add_member = mysql_query($insert);
?>


<h1>Done!</h1>
<p>Thank you, you have successfully updated your information.</a>.</p>

<?php
}
else
{
?>


<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<p>
<table border="0">
<tr><td>First Name:</td><td>
<input type="text" name="First" maxlength="60" value="<? echo $row['First']; ?>">
</td></tr>
<tr><td>Middle Initial:</td><td>
<input type="text" name="MI" maxlength="60" value="<? echo $row['MI']; ?>">
</td></tr>
<tr><td>Last Name:</td><td>
<input type="text" name="Last" maxlength="60" value="<? echo $row['Last']; ?>">
</td></tr>
<tr><td>E-mail:</td><td>
<input type="text" name="Email" maxlength="100" value="<? echo $row['Email']; ?>">
</td></tr>
<tr><td>Home Phone:</td><td>
<input type="text" name="Phone" maxlength="60" value="<? echo $row['Phone']; ?>">
</td></tr>
<tr><td>Cell Phone:</td><td>
<input type="text" name="CellPhone" maxlength="60" value="<? echo $row['CellPhone']; ?>">
</td></tr>
<tr><td>Username:</td><td>
<? echo $row['username']; ?>
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="password" maxlength="10" value="<? echo $row['password']; ?>">
</td></tr>
<tr><td>Confirm Password:</td><td>
<input type="password" name="password2" maxlength="10">
</td></tr>
<tr><th colspan=2><input type="submit" name="submit" value="Update"></th></tr> </table>
</form>

<?php
}}}
?>

 

 

Link to comment
Share on other sites

try

$insert = "UPDATE users SET First = '".$_POST['First']."',
		MI = '".$_POST['MI']."', 
		Last = '".$_POST['Last']."',
		Email = '".$_POST['Email']."', 
		Phone = '".$_POST['Phone']."', 
		CellPhone = '".$_POST['CellPhone']."',
		password = '".$_POST['password']."'
		WHERE username = '" . $_SESSION['username']."'";

 

note: its not proper to directly put the post data in your query that code is prone to injection

Link to comment
Share on other sites

I'm using an included. Auth.

 

<?
// start session
session_start();

// convert username and password from _POST or _SESSION
if($_POST){
$_SESSION['username']=$_POST["username"];
$_SESSION['password']=$_POST["password"];
}

// query for a user/pass match
$result=mysql_query("select * from users
where username='" . $_SESSION['username'] . "' and password='" . $_SESSION['password'] . "'");

// retrieve number of rows resulted
$num=mysql_num_rows($result);

// print login form and exit if failed.
if($num < 1){
echo "<br><br><br><br><br><center><b>Please login:</b><br>
<font size='1'>Register <a href='inc/register.php'>Here</a></font><br><br>

<form method=POST action=index.php>
Username: <input type=text name=\"username\"><br>
Password: <input type=password name=\"password\"><br><br>
<input type=submit value=Login>
</center></form>";

exit;
}
?>

Link to comment
Share on other sites

try

<?
session_start();

// convert username and password from _POST or _SESSION
if($_POST){
$_SESSION['username']=$_POST["username"];
$_SESSION['password']=$_POST["password"];
}

// query for a user/pass match
$result=mysql_query("select * from users
where username='" . $_SESSION['username'] . "' and password='" . $_SESSION['password'] . "'");

print_r(mysql_fetch_array($result));
// retrieve number of rows resulted
$num=mysql_num_rows($result);

// print login form and exit if failed.
if($num < 1){
echo "<br><br><br><br><br><center><b>Please login:</b><br>
<font size='1'>Register <a href='inc/register.php'>Here</a></font><br><br>

<form method='POST' action='index.php'>
Username: <input type='text' name='username'><br>
Password: <input type='password' name='password'><br><br>
<input type='submit' value='Login'>
</center>
</form>";

exit;
}
?>

 

and tell us what you got

Link to comment
Share on other sites

Same thing happens except this show up at the top of the page now:

 

Array ( [0] => 1 [iD] => 1 [1] => Clinton [First] => Clinton [2] => J [MI] => J [3] => Andersen [Last] => Andersen [4] => [Title] => [5] => binaryblaster@gmail.com => binaryblaster@gmail.com [6] => (801) 555-5555 [Phone] => (801) 555-5555 [7] => (801) 555-5555 [CellPhone] => (801) 555-5555 [8] => clintonandersen [username] => clintonandersen [9] => testing [password] => testing [10] => 2 [status] => 2 )

Link to comment
Share on other sites

try ;)

<?
session_start();

// convert username and password from _POST or _SESSION
if($_POST){
$_SESSION['username']=$_POST["username"];
$_SESSION['password']=$_POST["password"];
}

// query for a user/pass match
$result=mysql_query("select * from users
where username='" . $_SESSION['username'] . "' and password='" . $_SESSION['password'] . "'");

// retrieve number of rows resulted
$num=mysql_num_rows($result);

// print login form and exit if failed.
if($num <= 0){ //you can also try     if($num == 0){ 
echo "<br><br><br><br><br><center><b>Please login:</b><br>
<font size='1'>Register <a href='inc/register.php'>Here</a></font><br><br>

<form method='POST' action='index.php'>
Username: <input type='text' name='username'><br>
Password: <input type='password' name='password'><br><br>
<input type='submit' value='Login'>
</center>
</form>";

exit;
}
?>

Link to comment
Share on other sites

I mean that is kills the session. I have to login again to continue.

auth was the one we were just working on.

nav is the one I have on all my pages that basically contains all my navigation items. Here's nav

 

<?
$db=mysql_connect ("localhost", "", "") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("anderse_inventory");

$rn=("SELECT Status FROM users WHERE
username='" . $_SESSION['username']."'");

$rz=mysql_query($rn);

while($row=mysql_fetch_array($rz))
{
if($row["Status"]=="0"){
echo ("The Administrator has not yet approved your account. You will be notified when this occurs");
}else{
?>

<html>

<head>

<META http-equiv="REFRESH" content="60"; url="nav.php">

<SCRIPT TYPE="text/javascript">
<!--
function popup(mylink, windowname)
{
if (! window.focus)return true;
var href;
if (typeof(mylink) == 'string')

href=mylink;
else
href=mylink.href;
window.open(href, windowname, 'width=600,height=300,scrollbars=yes');
return false;
}
//-->
</SCRIPT>

</head>

<center>

<table border="0" width="100%">
<tr>

<?
$dbh=mysql_connect ("localhost", "", "") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("anderse_inventory");

$rnq=("SELECT First,MI,Last,Status FROM users WHERE
username='" . $_SESSION['username']."'");

$rs=mysql_query($rnq);

while( $row = mysql_fetch_array($rs))
{
echo("<td align=LEFT valign=TOP bgcolor=#000000>");
echo("Welcome, <br>");
echo(" ".$row["First"]);
echo(" ".$row["MI"]);
echo(". ".$row["Last"]."<br>");
echo("<font size=2><a href='logout.php'>Logout</a>&nbsp &nbsp <a href='options.php'>My Account</a></font>");

}
?>
</td><td align=CENTER>
<?
$ztime = date("H:i d-M-y", strtotime("now + 6 hour"));
$ptime = date("H:i d-M-y", strtotime("now -3 hour"));
$mtime = date("H:i d-M-y", strtotime("now -2 hour"));
$ctime = date("H:i d-M-y", strtotime("now -1 hour"));
$atime = date("H:i d-M-y");

?>

<body bgcolor="#3366FF" text="#99FF00" link="#00FF99" vlink="#00FF99" alink="#00FF99">

<font size=4>Salt Lake City Explosive Division (8321)</font><br>
<font color=green>3350 Directors Row, Suite 600 &nbsp Salt Lake City, UT &nbsp 84104-4585 &nbsp <br>Office: 801-908-5350 &nbsp Fax: 866-636-2629<br></font>
<font color=green size=4>Pacific Time: </font><? echo $ptime;?>
<font color=#FFCC33>&nbsp&nbsp Mountain Time: </font> <? echo $mtime;?>
<font color=green>&nbsp&nbsp Central Time: </font> <? echo $ctime;?>
<font color=green>&nbsp&nbsp Atlantic Time: </font> <? echo $atime;?>
<font color=green>&nbsp&nbsp Zulu Time: </font> <? echo $ztime;?><br>

</center>
</td>
</tr>
</table>


<style>
<!--
.skin0{
position:absolute;
width:165px;
border:1px solid red;
background-color:menu;
font-family:Verdana;
line-height:20px;
cursor:default;
font-size:14px;
z-index:100;
visibility:hidden;
}

.menuitems{
padding-left:10px;
padding-right:10px;
}
-->
</style>



<div id="ie5menu" class="skin0" onMouseover="highlightie5(event)" onMouseout="lowlightie5(event)" onClick="jumptoie5(event)" display:none>
<div class="menuitems" url="index.php">Home</div>
<div class="menuitems" url="keyper.php">Personnel</div>
<div class="menuitems" url="calendar.php">Calendar</div>
<div class="menuitems" url="inventory.php">Inventory</a></div>
<div class="menuitems" url="hotels.php">D.B. Hotels</a></div>
<div class="menuitems" url="options.php">Edit Personal Info</div>
<div class="menuitems" url="admin.php">Admin Area</div>
<div class="menuitems" url="logout.php">Logout</div>
</div>

<script language="JavaScript1.2">

var display_url=0

var ie5=document.all&&document.getElementById
var ns6=document.getElementById&&!document.all
if (ie5||ns6)
var menuobj=document.getElementById("ie5menu")

function showmenuie5(e){

var rightedge=ie5? document.body.clientWidth-event.clientX : window.innerWidth-e.clientX
var bottomedge=ie5? document.body.clientHeight-event.clientY : window.innerHeight-e.clientY

if (rightedge<menuobj.offsetWidth)

menuobj.style.left=ie5? document.body.scrollLeft+event.clientX-menuobj.offsetWidth : window.pageXOffset+e.clientX-menuobj.offsetWidth
else

menuobj.style.left=ie5? document.body.scrollLeft+event.clientX : window.pageXOffset+e.clientX

if (bottomedge<menuobj.offsetHeight)
menuobj.style.top=ie5? document.body.scrollTop+event.clientY-menuobj.offsetHeight : window.pageYOffset+e.clientY-menuobj.offsetHeight
else
menuobj.style.top=ie5? document.body.scrollTop+event.clientY : window.pageYOffset+e.clientY

menuobj.style.visibility="visible"
return false
}

function hidemenuie5(e){
menuobj.style.visibility="hidden"
}

function highlightie5(e){
var firingobj=ie5? event.srcElement : e.target
if (firingobj.className=="menuitems"||ns6&&firingobj.parentNode.className=="menuitems"){
if (ns6&&firingobj.parentNode.className=="menuitems") firingobj=firingobj.parentNode //up one node
firingobj.style.backgroundColor="highlight"
firingobj.style.color="yellow"
if (display_url==1)
window.status=event.srcElement.url
}
}

function lowlightie5(e){
var firingobj=ie5? event.srcElement : e.target
if (firingobj.className=="menuitems"||ns6&&firingobj.parentNode.className=="menuitems"){
if (ns6&&firingobj.parentNode.className=="menuitems") firingobj=firingobj.parentNode //up one node
firingobj.style.backgroundColor="#3366FF"
firingobj.style.color="#99FF00"
window.status=''
}
}

function jumptoie5(e){
var firingobj=ie5? event.srcElement : e.target
if (firingobj.className=="menuitems"||ns6&&firingobj.parentNode.className=="menuitems"){
if (ns6&&firingobj.parentNode.className=="menuitems") firingobj=firingobj.parentNode
if (firingobj.getAttribute("target"))
window.open(firingobj.getAttribute("url"),firingobj.getAttribute("target"))
else
window.location=firingobj.getAttribute("url")
}
}

if (ie5||ns6){
menuobj.style.display=''
document.oncontextmenu=showmenuie5
document.onclick=hidemenuie5
}

</script>

<?
}}
?>

Link to comment
Share on other sites

Yes.

 

I have a logout.php page that kills the session.

 

<?
// logout.php

// you must start session before destroying it
session_start();
session_destroy();

echo "You have been successfully logged out.

<br><br>
You will now be returned to the login page.

<META HTTP-EQUIV=\"refresh\" content=\"2; URL=index.php\"> ";
?>

Link to comment
Share on other sites

lol ;D ;D ;D ;D ;D ;D ;D ;D ;D

session_start();

session_destroy(); <----

 

you cant have any session value there every session you passed on that page is being destroyed right before you access them

 

session_destroy();  <-- is used when your logging out or something like that

Link to comment
Share on other sites

:) My bad: (This is also the page that's supposed to update the db)

 

<?

// connect to database
include("inc/connect.php");

// include auth and nav
include("inc/auth.php");
include("inc/nav.php");

?>

<?

$rn=("SELECT * FROM users WHERE
username='" . $_SESSION['username']."'");

$rz=mysql_query($rn);

while($row=mysql_fetch_array($rz))
{
if($row["Status"]=="0"){
echo ("<br>Have a great day! <a href='logout.php'>Close</a>");
}else{

?>



<?php
//This code runs if the form has been submitted
if (isset($_POST['submit'])) {

//This makes sure they did not leave any fields blank
if (!$_POST['password'] | !$_POST['password2'] | !$_POST['First'] | !$_POST['MI'] | !$_POST['Last'] | !$_POST['Email'] | !$_POST['Phone'] | !$_POST['CellPhone'] ) {
die('You did not complete all of the required fields');
}

// this makes sure both passwords entered match
if ($_POST['password'] != $_POST['password2']) {
die('Your passwords did not match.
');
}

// now we update the database
$insert = "UPDATE users SET First = '".$_POST['First']."',
MI = '".$_POST['MI']."',
Last = '".$_POST['Last']."',
Email = '".$_POST['Email']."',
Phone = '".$_POST['Phone']."',
CellPhone = '".$_POST['CellPhone']."',
password = '".$_POST['password']."'
WHERE username = '" . $_SESSION['username']."'";

$update = mysql_query($insert);
?>


<h1>Done!</h1>
<p>Thank you, you have successfully updated your information.</a>.</p>

<?php
}
else
{
?>


<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<p>
<table border="0">
<tr><td>First Name:</td><td>
<input type="text" name="First" maxlength="60" value="<? echo $row['First']; ?>">
</td></tr>
<tr><td>Middle Initial:</td><td>
<input type="text" name="MI" maxlength="60" value="<? echo $row['MI']; ?>">
</td></tr>
<tr><td>Last Name:</td><td>
<input type="text" name="Last" maxlength="60" value="<? echo $row['Last']; ?>">
</td></tr>
<tr><td>E-mail:</td><td>
<input type="text" name="Email" maxlength="100" value="<? echo $row['Email']; ?>">
</td></tr>
<tr><td>Home Phone:</td><td>
<input type="text" name="Phone" maxlength="60" value="<? echo $row['Phone']; ?>">
</td></tr>
<tr><td>Cell Phone:</td><td>
<input type="text" name="CellPhone" maxlength="60" value="<? echo $row['CellPhone']; ?>">
</td></tr>
<tr><td>Username:</td><td>
<? echo $row['username']; ?>
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="password" maxlength="10" value="<? echo $row['password']; ?>">
</td></tr>
<tr><td>Confirm Password:</td><td>
<input type="password" name="password2" maxlength="10">
</td></tr>
<tr><th colspan=2><input type="submit" name="submit" value="Update"></th></tr> </table>
</form>

<?php
}}}
?>

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.