joeysarsenal Posted October 25, 2007 Share Posted October 25, 2007 Hello Everyone, im not to sure how to go about explaining this but ill try. I have a login script. Is it possible that once the user has logged in to automatically choose his // her id and POST the information up on the screen because at the moment all i have is a drop down box displaying all the user id, which i dont want to give users that much power. Thanks in advanced people. Let me know if you need to see some script. Just wanted to know if its possible and how to go about doing so. Quote Link to comment Share on other sites More sharing options...
fenway Posted October 25, 2007 Share Posted October 25, 2007 Not sure what you mean... editing a record? There must be hundreds of example of this "typical" php/mysql interaction. Quote Link to comment Share on other sites More sharing options...
joeysarsenal Posted October 27, 2007 Author Share Posted October 27, 2007 hmm what i mean is that. Ok say u logged in how can i write a code to edit personal information and password. Because at the moment all i have is that u click edit user. Then it supplys all the member_ids which gives the person using the editing tool to much power. Quote Link to comment Share on other sites More sharing options...
fenway Posted October 27, 2007 Share Posted October 27, 2007 hmm what i mean is that. Ok say u logged in how can i write a code to edit personal information and password. Because at the moment all i have is that u click edit user. Then it supplys all the member_ids which gives the person using the editing tool to much power. Yes, I understand... you want record editing. Quote Link to comment Share on other sites More sharing options...
peranha Posted October 28, 2007 Share Posted October 28, 2007 This will select the information from the SQL database and put it in a table for editing. <HTML> <HEAD> <TITLE>Users Personal Information</TITLE> </HEAD> <BODY> <?PHP // open connection $connection = mysql_connect($server, $user, $pass) or die ("Unable to connect!"); // select database mysql_select_db($db) or die ("Unable to select database!"); // create query $query = "SELECT username, password, firstname, lastname, address, city, state, ZIP, phone, date, userlevel FROM table where username = 'username"; // execute query $result = mysql_query($query) or die ("Error in query: $query. ".mysql_error()); // see if any rows were returned if (mysql_num_rows($result) > 0) { // yes // print them one after another echo "<table aling=left cellpadding=1 border=1 bgcolor=lightblue>"; while($row = mysql_fetch_row($result)) { ?> <form action="useredit1.php" method="post"> <TR><TD>Password:</TD><TD> <input type="password" name="password" value="<?PHP echo $row[1]; ?>"></TD></TR> <TR><TD>First Name:</TD><TD> <input type="text" name="firstname" value="<?PHP echo $row[2]; ?>"></TD></TR> <TR><TD>Last Name:</TD><TD> <input type="text" name="lastname" value="<?PHP echo $row[3]; ?>"></TD></TR> <TR><TD>Address:</TD><TD> <input type="text" name="address" value="<?PHP echo $row[4]; ?>"></TD></TR> <TR><TD>City:</TD><TD> <input type="text" name="city" value="<?PHP echo $row[5]; ?>"></TD></TR> <TR><TD>State:</TD><TD> <input type="text" name="state" value="<?PHP echo $row[6]; ?>"></TD></TR> <TR><TD>Zip Code:</TD><TD> <input type="text" name="zip" value="<?PHP echo $row[7]; ?>"></TD></TR> <TR><TD>Phone:</TD><TD> <input type="text" name="phone" value="<?PHP echo $row[8]; ?>"></TD></TR> <TR><TD size=6><input type="submit" name="submit" value="submit"></TD></TR> <?PHP } echo "</table>"; } else { // no // print status message echo "No rows found!"; } // close connection mysql_close($connection); ?> </BODY> </HTML> This will make sure all required fields are filled in, and process if they are. <HTML> <HEAD> <TITLE>Users Personal Information</TITLE> </HEAD> <BODY> <?php // open connection $connection = mysql_connect($server, $user, $pass) or die ("Unable to connect!"); // escape input values for greater safety $password = empty($_POST['password']) ? die ("ERROR: Enter User Password") : mysql_escape_string($_POST['password']); $firstname = empty($_POST['firstname']) ? die ("ERROR: Enter User First Name") : mysql_escape_string($_POST['firstname']); $lastname = empty($_POST['lastname']) ? die ("ERROR: Enter User Last Name") : mysql_escape_string($_POST['lastname']); $address = empty($_POST['address']) ? die ("ERROR: Enter User Address") : mysql_escape_string($_POST['address']); $city = empty($_POST['city']) ? die ("ERROR: Enter User City") : mysql_escape_string($_POST['city']); $state = empty($_POST['state']) ? die ("ERROR: Enter Users State") : mysql_escape_string($_POST['state']); $zip = empty($_POST['zip']) ? die ("ERROR: Enter Users Zip Code") : mysql_escape_string($_POST['zip']); $phone = empty($_POST['phone']) ? die ("ERROR: Enter Users phone number") : mysql_escape_string($_POST['phone']); // select database mysql_select_db($db) or die ("Unable to select database!"); // create query $query = "UPDATE rel_users SET password='$password', firstname='$firstname', lastname='$lastname', address='$address', city='$city', state='$state', zip='$zip', phone='$phone' WHERE username = 'username'"; // execute query $result = mysql_query($query) or die ("Error in query: $query. ".mysql_error()); // close connection mysql_close($connection); ?> You will need to change the username to what every function you use to store the user name. This is also if you are using a MYSQL database. Quote Link to comment Share on other sites More sharing options...
joeysarsenal Posted October 28, 2007 Author Share Posted October 28, 2007 Thank you so much. <form action="useredit1.php" method="post"> What would go within useredit1.php Quote Link to comment Share on other sites More sharing options...
peranha Posted October 28, 2007 Share Posted October 28, 2007 First part of the code is useredit.php and the second part of the code is useredit1.php Quote Link to comment Share on other sites More sharing options...
peranha Posted October 28, 2007 Share Posted October 28, 2007 Sorry, I created 2 pages out of it, but you can make 1 in needed. instead of useredit1.php, put in the name of your page. Quote Link to comment Share on other sites More sharing options...
joeysarsenal Posted October 28, 2007 Author Share Posted October 28, 2007 thanks for the help uve been very helpfull. Ill give it a shot and let u know how i go Quote Link to comment Share on other sites More sharing options...
joeysarsenal Posted October 28, 2007 Author Share Posted October 28, 2007 Error in query: SELECT * login, passwd, firsname, lastname, address, city, email, postcode FROM members where login = 'login. You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'login, passwd, firsname, lastname, address, city, email, postcode FROM members w' at line 1 i seem to be getting that error, i had to change a couple things but yer it didnt like the query. <HTML> <HEAD> <TITLE>Users Personal Information</TITLE> </HEAD> <BODY> <?PHP $server = "localhost"; $user = "root"; $pass = ""; $db = "plaincart"; // open connection $connection = mysql_connect($server, $user, $pass) or die ("Unable to connect!"); // select database mysql_select_db($db) or die ("Unable to select database!"); // create query $query = "SELECT login, passwd, firsname, lastname, address, city, email, postcode FROM members where login = 'login"; // execute query $result = mysql_query($query) or die ("Error in query: $query. ".mysql_error()); Quote Link to comment Share on other sites More sharing options...
trq Posted October 28, 2007 Share Posted October 28, 2007 $query = "SELECT login, passwd, firsname, lastname, address, city, email, postcode FROM members where login = 'login'"; Quote Link to comment Share on other sites More sharing options...
joeysarsenal Posted October 28, 2007 Author Share Posted October 28, 2007 k that resolved that problem. I have another one. How to i link this code to a form, because when i run it it justs gives me this. No rows found! ERROR: Enter User Password Quote Link to comment Share on other sites More sharing options...
trq Posted October 28, 2007 Share Posted October 28, 2007 How to i link this code to a form, because when i run it it justs gives me this. No rows found! ERROR: Enter User Password You need to be alot more specific. What exactly do you want to link to a form? Explain exactly what it is your wanting to do. Do you want to create an area where logged in users can edit there details? If so... are your users logged in via sessions? Quote Link to comment Share on other sites More sharing options...
joeysarsenal Posted October 28, 2007 Author Share Posted October 28, 2007 yes i want logged in users to edit there details via a button "edit details" yes used sessions, although its not the best code in the world. Below is my login code. <?php //Start session session_start(); //Connect to mysql server $link=mysql_connect("localhost","root",""); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } //Select database $db=mysql_select_db("plaincart"); if(!$db) { die("Unable to select database"); } //Sanitize the value received from login field //to prevent SQL Injection if(!get_magic_quotes_gpc()) { $login=mysql_real_escape_string($_POST['login']); }else { $login=$_POST['login']; } //Create query $qry="SELECT member_id FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'"; $result=mysql_query($qry); //Check whether the query was successful or not //Check for a certain username if($result) { if(mysql_num_rows($result)>0) { //Login Successful session_regenerate_id(); $member=mysql_fetch_assoc($result); $_SESSION['SESS_MEMBER_ID']=$member['member_id']; session_write_close(); header("location: ../Loginsucces.htm"); exit(); }else { //Login failed header("location: ../loginfailed.htm"); exit(); } }else { die("Query failed"); } ?> Quote Link to comment Share on other sites More sharing options...
trq Posted October 28, 2007 Share Posted October 28, 2007 All you need do is simply make a edit details link that points to an edit.php script. As an example, that script might look something like.... <?php session_start(); if (isset($_POST['submit'])) { $email = mysql_real_escape_string($_POST['email']); $sql = "UPDATE users SET email = '$email' WHERE userid = '{$_SESSION['SESS_MEMBER_ID']}'"; if (mysql_query($sql)) { if (mysql_affected_rows()) { // success header ("Location http://yourserver.com/index.php"); } else { // failed. echo "No records updated" } } else { echo mysql_error() . "<br />$sql"; } } else { $sql = "SELECT email FROM users WHERE userid = '{$_SESSION['SESS_MEMBER_ID']}'"; if ($result = mysql_query($sql)) { if (mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); echo "<form method='post'>"; echo " <input type='text' name='email' value='{$row['email']}'>"; echo " <input type='submit' name='submit'>"; echo "</form>"; } } else { mysql_error() . "<br />$sql"; } } ?> Quote Link to comment Share on other sites More sharing options...
joeysarsenal Posted October 28, 2007 Author Share Posted October 28, 2007 ill have a play around with it it ill let u know how i go u guys have been very helpfull ty Quote Link to comment Share on other sites More sharing options...
joeysarsenal Posted October 28, 2007 Author Share Posted October 28, 2007 one more question.. When i use the code i was given previously. it runs fine. But doesnt give me a form to enter my details, and doesnt know what username to edit. I know i can use sessions to edit, but is it really needed. Quote Link to comment Share on other sites More sharing options...
trq Posted October 28, 2007 Share Posted October 28, 2007 I know i can use sessions to edit, but is it really needed. Unless you want users to be able to edit other users details then yes, sessions are required. The code I posted should display a form, unless a form has been submitted to it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.