Jump to content

Members area (update details) changes to different users

only1perky

By only1perky
in PHP Coding Help

 Share

Recommended Posts

only1perky Member

only1perky

Posted
Posted

Hi guys I'm having a problem with a site i'm working on and need some urgent assistance.

 

Ok here goes,

 

Members login to the members area using a username and password, once logged in they have the option to edit their details. At first this works well and as expected. However if the user should view other users products or services whilst logged in aand then click edit details the recently viewed users details are displayed and not the logged in ones.

 

This is obviously very serious and any help would be grately appreciated.

 

 

Link to comment
Share on other sites
only1perky Member

only1perky

Posted
  • Author
Posted

Hi unfortuently I inherited this site and am a new comer to php so you'll have to be patient with me.

Here is all the code from the edit details page.

 

 

<?

include("../config/config.inc.php");

include("../includes/classes/template_reader.class.php");

include("../includes/classes/authentication.class.php");

$obj_template = new TemplateReader;

$obj_authentication = new Authentication;

$colname_rs_check_exist = "-1";

$obj_authentication->check_login();

$content['links']=$obj_authentication->userlinks();

$content['loginbox']=$obj_authentication->check_loginbox();

include("../includes/classes/category.class.php");

$obj_category = new Category;

$content['categories']=$obj_category->category();

$content['price']=$obj_category->price();

$content['exhibitor_type']=$_SESSION['type'];

$content['name']=$_SESSION['contact'];

 

 

///if we have passed and email addess

if (isset($HTTP_POST_VARS['email'])) {

  $colname_rs_check_exist = (get_magic_quotes_gpc()) ? $HTTP_POST_VARS['email'] : addslashes($HTTP_POST_VARS['email']);

}

 

//old query doesn;t work

//see if the email exists for another user

$query_rs_check_exist = sprintf("SELECT email FROM exhibitors WHERE id != ".$_SESSION['uid']." AND email = '%s' ", $colname_rs_check_exist);

//$query_rs_check_exist = sprintf("SELECT email, id FROM exhibitors WHERE email = '%s' ", $colname_rs_check_exist);

$rs_check_exist = mysql_query($query_rs_check_exist) or die(mysql_error().": $query_rs_check_exist" );

$row_rs_check_exist = mysql_fetch_assoc($rs_check_exist);

$totalRows_rs_check_exist = mysql_num_rows($rs_check_exist);

//get the exhibitors id

//$ex_id = $row_rs_check_exist['id'];

 

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = ""){

  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

 

  switch ($theType) {

    case "text":

      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

      break;   

    case "long":

    case "int":

      $theValue = ($theValue != "") ? intval($theValue) : "NULL";

      break;

    case "double":

      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";

      break;

    case "date":

      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";

      break;

    case "defined":

      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;

      break;

  }

  return $theValue;

}

 

$editFormAction = $HTTP_SERVER_VARS['PHP_SELF'];

if(isset($HTTP_SERVER_VARS['QUERY_STRING'])) {

  $editFormAction .= "?" . $HTTP_SERVER_VARS['QUERY_STRING'];

}

 

//update the user details

if((isset($HTTP_POST_VARS["MM_update"])) && ($HTTP_POST_VARS["MM_update"] == "update") && $totalRows_rs_check_exist < 1) {

 

  if(is_array($HTTP_POST_VARS['category'])){

$craft = implode(",",$HTTP_POST_VARS['category']);

}else{

$craft =$HTTP_POST_VARS['category'];

}

  $updateSQL = sprintf("UPDATE exhibitors SET

business=%s, contact=%s,address1=%s, address2=%s,

address3=%s, city=%s, county=%s, postcode=%s,

telephone=%s, fax=%s, email=%s, url=%s, region=%s,

craft=%s, description=%s, ename=%s, eaddr=%s, commision=%s, creditcards=%s, delivery=%s,

gallery=%s, onlineshop=%s, traning=%s, password=%s WHERE id=%s",

                      GetSQLValueString($HTTP_POST_VARS['business'], "text"),

                      GetSQLValueString($HTTP_POST_VARS['contact'], "text"),

 

                      GetSQLValueString($HTTP_POST_VARS['address1'], "text"),

                      GetSQLValueString($HTTP_POST_VARS['address2'], "text"),

 

                      GetSQLValueString($HTTP_POST_VARS['address3'], "text"),

                      GetSQLValueString($HTTP_POST_VARS['city'], "text"),

                      GetSQLValueString($HTTP_POST_VARS['county'], "text"),

                      GetSQLValueString($HTTP_POST_VARS['postcode'], "text"),

                      GetSQLValueString($HTTP_POST_VARS['telephone'], "text"),

 

                      GetSQLValueString($HTTP_POST_VARS['fax'], "text"),

                      GetSQLValueString($HTTP_POST_VARS['email'], "text"),

                      GetSQLValueString($HTTP_POST_VARS['url'], "text"),

                      GetSQLValueString($HTTP_POST_VARS['region'], "text"),

 

                      GetSQLValueString($craft, "text"),

                      GetSQLValueString($HTTP_POST_VARS['description'], "text"),

  GetSQLValueString($HTTP_POST_VARS['ename'], "text"),

                      GetSQLValueString($HTTP_POST_VARS['eaddr'], "text"),

  GetSQLValueString($HTTP_POST_VARS['commision'], "text"),

 

                      GetSQLValueString(isset($HTTP_POST_VARS['creditcard']) ? "true" : "", "defined","1","0"),

                      GetSQLValueString(isset($HTTP_POST_VARS['delivery']) ? "true" : "", "defined","1","0"),

  GetSQLValueString(isset($HTTP_POST_VARS['gallery']) ? "true" : "", "defined","1","0"),

                      GetSQLValueString(isset($HTTP_POST_VARS['ecommerce']) ? "true" : "", "defined","1","0"),                     

  GetSQLValueString(isset($HTTP_POST_VARS['training']) ? "true" : "", "defined","1","0"),

 

                      GetSQLValueString($HTTP_POST_VARS['password'], "text"),

                      GetSQLValueString($HTTP_POST_VARS['hidden_id'], "int"));

  //die($updateSQL);

 

  $Result1 = mysql_query($updateSQL) or die(mysql_error());

}

?>

<?php

  // added to keep the session variables up to date, after the update behaviour (above) has updated the database

if((isset($HTTP_POST_VARS["MM_update"])) && ($HTTP_POST_VARS["MM_update"] == "update")) { 

  $ex_business = $HTTP_POST_VARS['business'];

  $ex_contact = $HTTP_POST_VARS['contact'];

}

?>

<?php

//select regions

 

$query_rsregion = "SELECT label, val FROM region ORDER BY region.label";

$rsregion = mysql_query($query_rsregion) or die(mysql_error());

$row_rsregion = mysql_fetch_assoc($rsregion);

$totalRows_rsregion = mysql_num_rows($rsregion);

//select crafts

 

$query_rscraft = "SELECT label, val FROM craft ORDER BY craft.label";

$rscraft = mysql_query($query_rscraft) or die(mysql_error());

$row_rscraft = mysql_fetch_assoc($rscraft);

$totalRows_rscraft = mysql_num_rows($rscraft);

//selct exhibitors based on craft type

 

$query_rsrecent = "SELECT exhibitors.id, exhibitors.business, exhibitors.craft, craft.label as c, exhibitors.featured FROM exhibitors, craft WHERE exhibitors.approved = 1 AND craft.val = exhibitors.craft ORDER BY id DESC LIMIT 0, 5";

$rsrecent = mysql_query($query_rsrecent) or die(mysql_error());

$row_rsrecent = mysql_fetch_assoc($rsrecent);

$totalRows_rsrecent = mysql_num_rows($rsrecent);

 

//get the exhibitor details

$colname_rs_exhibitor_ed = "-1";

//die("session is ".$_SESSION['uid']);

if(isset($_SESSION['uid'])){   

$colname_rs_exhibitor_ed = (get_magic_quotes_gpc()) ? $_SESSION['uid'] : addslashes($_SESSION['uid']);

}

//die("id is".$colname_rs_exhibitor_ed);

$query_rs_exhibitor_ed = sprintf("SELECT exhibitors.id, exhibitors.business, exhibitors.contact, exhibitors.exhibitor_type, exhibitors.address1, exhibitors.address2, exhibitors.address3, exhibitors.city, exhibitors.county, exhibitors.postcode, exhibitors.telephone, exhibitors.fax, exhibitors.email, exhibitors.url, exhibitors.region, exhibitors.craft, exhibitors.description, exhibitors.ename, exhibitors.eaddr, exhibitors.commision, exhibitors.creditcards, exhibitors.delivery, exhibitors.gallery, exhibitors.onlineshop, exhibitors.traning, exhibitors.password, craft.label as c, region.label as r FROM exhibitors, craft, region WHERE exhibitors.id = %s AND region.val = exhibitors.region", $colname_rs_exhibitor_ed);

$rs_exhibitor_ed = mysql_query($query_rs_exhibitor_ed) or die(mysql_error());

$row_rs_exhibitor_ed = mysql_fetch_assoc($rs_exhibitor_ed);

$array_exhibitor_ed = mysql_fetch_array($rs_exhibitor_ed);

$totalRows_rs_exhibitor_ed = mysql_num_rows($rs_exhibitor_ed);

 

$query_rs_region = "SELECT label, val FROM region WHERE val <> '%' ORDER BY region.label";

$rs_region = mysql_query($query_rs_region) or die(mysql_error());

$row_rs_region = mysql_fetch_assoc($rs_region);

$totalRows_rs_region= mysql_num_rows($rs_region);

 

$query_rs_craft = "SELECT label, val FROM craft WHERE val <> '%' ORDER BY craft.label";

$rs_craft = mysql_query($query_rs_craft) or die(mysql_error());

$row_rs_craft = mysql_fetch_assoc($rs_craft);

$totalRows_rs_craft = mysql_num_rows($rs_craft);

 

$query_rs_books = "SELECT isbn, title, author, price, (isbn/isbn)*RAND()  AS MyRAND FROM books ORDER BY MyRAND LIMIT 2";

$rs_books = mysql_query($query_rs_books) or die(mysql_error());

$row_rs_books = mysql_fetch_assoc($rs_books);

$totalRows_rs_books = mysql_num_rows($rs_books);

 

$content['loginbox']= $obj_authentication->check_loginbox();

echo $obj_template->showRegForm("../templates/user/indextop.html",$content);

?>

<script language="javascript" type="text/javascript">

<!--

function createRequestObject(){

var request_o; //declare the variable to hold the object.

var browser = navigator.appName; //find the browser name

if(browser == "Microsoft Internet Explorer")

request_o = new ActiveXObject("Microsoft.XMLHTTP");

else

request_o = new XMLHttpRequest();

return request_o; //return the object

}

var http = createRequestObject();

function getCraft(val){

var string = "&cr="+"<?= $row_rs_exhibitor_ed['craft'] ?>"+"&desc="+"<?= $row_rs_exhibitor_ed['description'] ?>"+"&en="+"<?= $row_rs_exhibitor_ed['ename'] ?>"+"&ea="+"<?= $row_rs_exhibitor_ed['eaddr'] ?>"+"&com="+"<?= $row_rs_exhibitor_ed['commision'] ?>";

http.open('get', '../../ajxCommon.php?action=getCraft&id='+val+string);

http.onreadystatechange = handlegetCraftOpts;

http.send(null);

}

function handlegetCraftOpts(){

if(http.readyState == 4){

var response = http.responseText;

document.getElementById('craftdiv').innerHTML = response;

}

}

-->

</script>

 

 

<script language="javascript" type="text/javascript" src="/include.js"></script>

<?php

if((isset($HTTP_POST_VARS["MM_update"])) && ($HTTP_POST_VARS["MM_update"] == "update") && $totalRows_rs_check_exist < 1 ){

?><table width="100%" border="0" cellpadding="1" cellspacing="0" class="lpurpback">

<table width="100%" border="0" cellpadding="2" cellspacing="0" class="dpurpback">

<tr>

<td class="th">Record updated<strong></strong></td>

</tr>

</table>

<table width="100%" border="0" cellpadding="2" cellspacing="4" class="whiteback">

<tr>

<td><p>Your details have been successfully updated, as shown below.</p>

</td>

</tr>

</table>

<?php

}else if((isset($HTTP_POST_VARS["MM_update"])) && ($HTTP_POST_VARS["MM_update"] == "update") && $totalRows_rs_check_exist > 0){

?><table width="100%" border="0" cellpadding="1" cellspacing="0" class="lpurpback">

<table width="100%" border="0" cellpadding="2" cellspacing="0" class="dpurpback">

<tr>

<td class="th">Email address already exists<strong></strong></td>

</tr>

</table>

<table width="100%" border="0" cellpadding="2" cellspacing="4" class="whiteback">

<tr>

<td><p>The email address <?php $HTTP_POST_VARS['email']; ?> is already being used. Your email address is also used as

your user login, so it must be unique.</p><p>Please amend and try again. If the problem persists, contact

uk-craft via the <a href="contact.php">contact form</a>.</p></td>

</tr>

</table>

<?php

}

?><br>

<table width="100%" border="0" cellpadding="1" cellspacing="0" class="lpurpback">

<tr>

    <td>

<table width="100%" border="0" cellpadding="2" cellspacing="0" class="lpurpback">

            <tr>

    <td class="th">Edit Details<a name="form"></a></td>

              </tr>

            </table>

            <table width="100%" border="0" cellpadding="2" cellspacing="4" class="whiteback">

              <tr>

                <td><form action="<?=$editFormAction?>" method="POST" name="update" id="update" onSubmit="return check_required(eval(elarray=[this.business,this.contact,this.city,this.county,this.region,this.url,this.description,this.email,this.password]))">

                    <p><br>

                      <span class="darktitle">Business name: </span><span class="blacksm">The

                      name of your business. Please do <strong>not</strong> add

                      marketing hype (e.g. Somerset Widgets - the best widgets

                      in the World)</span><br>

                      <input name="business" type="text" value="<?=$content['bname']?>" size="50" maxlength="50">

                      <span class="redsm">* required</span> <br>

                      <br>

                      <span class="darktitle">Contact name:</span> <span class="blacksm">This

                      name will not be displayed, for use by uk-craft only.</span><br>

                      <input name="contact" type="text" value="<?=$content['name']?>" size="50" maxlength="50">

                      <span class="redsm">* required</span> <br><br>

  <span class="darktitle">Exhibitor Type  :

<?= ($row_rs_exhibitor_ed['exhibitor_type'] == "Basic") ? "Basic" : "" ?>

<?= ($row_rs_exhibitor_ed['exhibitor_type'] == "Promotional") ? "Promotional" : "" ?>

<?= ($row_rs_exhibitor_ed['exhibitor_type'] == "Premium") ? "Premium" : "" ?>

<?= ($row_rs_exhibitor_ed['exhibitor_type'] == "Platinum") ? "Platinum" : "" ?>

<?= ($row_rs_exhibitor_ed['exhibitor_type'] == "Professional") ? "Professional" : "" ?>

  </span><br><br>

<!--

<input type="radio" name="utype" value="Basic" onClick="getCraft(this.value)" <?= ($row_rs_exhibitor_ed['exhibitor_type'] == "Basic") ? "checked" : "" ?>><span class="blacksm">Basic</span>

<input type="radio" name="utype" value="Promotional" onClick="getCraft(this.value)" <?= ($row_rs_exhibitor_ed['exhibitor_type'] == "Promotional") ? "checked" : "" ?>><span class="blacksm">Promotional</span>

<input type="radio" name="utype" value="Premium" onClick="getCraft(this.value)" <?= ($row_rs_exhibitor_ed['exhibitor_type'] == "Premium") ? "checked" : "" ?>><span class="blacksm">Premium</span>

<input type="radio" name="utype" value="Platinum" onClick="getCraft(this.value)" <?= ($row_rs_exhibitor_ed['exhibitor_type'] == "Platinum") ? "checked" : "" ?>><span class="blacksm">Platinum</span>

<input type="radio" name="utype" value="Professional" onClick="getCraft(this.value)" <?= ($row_rs_exhibitor_ed['exhibitor_type'] == "Professional") ? "checked" : "" ?>><span class="blacksm">Professional</span>

  <span class="redsm">* required</span>-->

                      <span class="darktitle">Address:</span><br>

                      <input type="text" name="address1" size="50" value="<?php echo stripslashes($row_rs_exhibitor_ed['address1']); ?>" maxlength="50"><br>

                      <input name="address2" type="text" value="<?php echo stripslashes($row_rs_exhibitor_ed['address2']); ?>" size="50" maxlength="50"><br>

                      <input name="address3" type="text" value="<?php echo stripslashes($row_rs_exhibitor_ed['address3']); ?>" size="50" maxlength="50"><br>

                      <span class="darktitle">City:</span><br>

                      <input name="city" type="text" value="<?php echo stripslashes($row_rs_exhibitor_ed['city']); ?>" size="30" maxlength="30">

                      <span class="redsm">* required</span> <br>

                      <span class="darktitle">County:</span><br>

                      <input name="county" type="text" value="<?php echo $row_rs_exhibitor_ed['county']; ?>" size="30" maxlength="30">

                      <span class="redsm">* required</span> <br>

                      <span class="darktitle">Postcode:</span> <br>

                      <input name="postcode" type="text" value="<?php echo $row_rs_exhibitor_ed['postcode']; ?>" size="30" maxlength="30">

                      <br>

                      <span class="darktitle">Region:</span><a href="javascript:open_map('update_1')" class="blacksm">

                      map</a><br>

                      <select name="region" id="region">

<?php

do{ 

?>

                        <option value="<?php echo $row_rs_region['val']?>"<?php if (!(strcmp($row_rs_region['val'], $row_rs_exhibitor_ed['region']))) {echo "SELECTED";} ?>><?php echo $row_rs_region['label']?></option>

<?php

}

while ($row_rs_region = mysql_fetch_assoc($rs_region));

$rows = mysql_num_rows($rs_region);

if($rows > 0) {

mysql_data_seek($rs_region, 0);

$row_rs_region = mysql_fetch_assoc($rs_region);

}

?>

                      </select>

                      <span class="redsm">* required</span><br>

                      <span class="darktitle">Telephone number:</span><br>

                      <input name="telephone" type="text" value="<?php echo $row_rs_exhibitor_ed['telephone']; ?>" size="20" maxlength="20">

                      <br>

                      <span class="darktitle">Fax number:</span><br>

                      <input name="fax" type="text" value="<?php echo $row_rs_exhibitor_ed['fax']; ?>" size="20" maxlength="20">

                      <br>

                      <br>

                      <span class="darktitle">Email address: </span><span class="blacksm">Your

                      email address will be used as your username and to send

                      you your password, so you can amend your details</span>.

                      <br>

                      <input name="email" type="text" id="email" value="<?php echo $row_rs_exhibitor_ed['email']; ?>" size="30" maxlength="100">

                      <span class="redsm">* required</span><br>

                      <br>

                      <span class="darktitle">Password: </span><span class="blacksm">6

                      to 10 characters (cAsE sEnsiTiVe)</span><br>

                      <input name="password" type="text" id="password" value="<?php echo $row_rs_exhibitor_ed['password']; ?>" size="15" maxlength="10">

                      <span class="redsm">* required</span> <br>

                      <br>

                      <span class="darktitle">Website address:</span><br>

                      <input name="url" type="text" id="url" value="<?php echo $row_rs_exhibitor_ed['url']; ?>" size="40" maxlength="150">

  </p>

 

  <p><div id="craftdiv">

 

                      <br><br><span class="darktitle">Craft Category:</span><span class="blacksm"></span><br>

<?

$craft = explode(",", $row_rs_exhibitor_ed['craft']);

if($row_rs_exhibitor_ed['exhibitor_type'] == "Platinum" || $row_rs_exhibitor_ed['exhibitor_type'] == "Professional"){

echo "<select name=category[] id=category[] multiple>";

}else{

echo "<select name=category id=category>";

}

do{ 

?>

        <option value="<?php echo $row_rs_craft['val']?>"<?php if(in_array($row_rs_craft['val'], $craft)){ echo "SELECTED"; } ?>><?php echo $row_rs_craft['label']?></option>

<?php

}

while($row_rs_craft = mysql_fetch_assoc($rs_craft));

$rows = mysql_num_rows($rs_craft);

if($rows > 0){

mysql_data_seek($rs_craft, 0);

$row_rs_craft = mysql_fetch_assoc($rs_craft);

}

?>

                      </select><span class="redsm">* required</span><br>

                                           

       

<br>

<?php

  if($row_rs_exhibitor_ed['exhibitor_type'] == "Basic" ){

?>

<br><br>

<span class="darktitle">Description of work:</span><span class="blacksm">You have <span id="myCommCounter">50</span> words remaining</span><br>

<textarea name="description" id="description" cols="50" rows="6" wrap="VIRTUAL" onpaste="return wtaCount(this,'myCommCounter',50)" onKeyPress="return wtaLimit()" onKeyUp="return wtaCount(this,'myCommCounter',50)"><?=$row_rs_exhibitor_ed['description']?></textarea>

<?php

}

?>   

 

<?php

  if($row_rs_exhibitor_ed['exhibitor_type'] == "Promotional"){

?>

<br><br>

<span class="darktitle">Description of work:</span><span class="blacksm">You have <span id="myCommCounter">500</span> words remaining</span><br>

<textarea name="description" id="description" cols="50" rows="6" wrap="VIRTUAL" onpaste="return wtaCount(this,'myCommCounter',500)" onKeyPress="return wtaLimit()" onKeyUp="return wtaCount(this,'myCommCounter',500)"><?=$row_rs_exhibitor_ed['description']?></textarea>

<?php

}

?>   

 

<?php

  if($row_rs_exhibitor_ed['exhibitor_type'] == "Premium"){

?>

<br><br>

<span class="darktitle">Description of work:</span><span class="blacksm">You have <span id="myCommCounter">1000</span> words remaining</span><br>

<textarea name="description" id="description" cols="50" rows="6" wrap="VIRTUAL" onpaste="return wtaCount(this,'myCommCounter',1000)" onKeyPress="return wtaLimit()" onKeyUp="return wtaCount(this,'myCommCounter',1000)"><?=$row_rs_exhibitor_ed['description']?></textarea>

<?php

}

?>   

 

<?php

  if($row_rs_exhibitor_ed['exhibitor_type'] == "Platinum"){

?>

<br><br>

<span class="darktitle">Description of work:</span><span class="blacksm">You have <span id="myCommCounter">2000</span> words remaining</span><br>

<textarea name="description" id="description" cols="50" rows="6" wrap="VIRTUAL" onpaste="return wtaCount(this,'myCommCounter',2000)" onKeyPress="return wtaLimit()" onKeyUp="return wtaCount(this,'myCommCounter',2000)"><?=$row_rs_exhibitor_ed['description']?></textarea>

<?php

}

?>   

   

           

       

<?php

  if($row_rs_exhibitor_ed['exhibitor_type'] == "Professional"){

?>

<br><br>

<span class="darktitle">Description of work:</span><span class="blacksm">You have <span id="myCommCounter">3500</span> words remaining</span><br>

<textarea name="description" id="description" cols="50" rows="6" wrap="VIRTUAL" onpaste="return wtaCount(this,'myCommCounter',3500)" onKeyPress="return wtaLimit()" onKeyUp="return wtaCount(this,'myCommCounter',3500)"><?=$row_rs_exhibitor_ed['description']?></textarea>

<?php

}

?>   

   

       

       

       

                     

<?php

  if($row_rs_exhibitor_ed['exhibitor_type'] == "Platinum" || $row_rs_exhibitor_ed['exhibitor_type'] == "Professional"){

?>

<br><br><span class="darktitle">Description of events:</span>

<br><span class="darktitle">Event name/venue:</span><br><input type="textbox" name="ename" id="ename" value="<?=$row_rs_exhibitor_ed['ename']?>">

<br><span class="darktitle">Address/Dates/Stand or Hall No:</span><br><textarea name="eaddr" id="eaddr" cols="50" rows="6"><?=$row_rs_exhibitor_ed['eaddr']?></textarea><br><br>

<span class="darktitle">Description of recent commissions:</span><span class="blacksm">You have <span id="myCommCounter">50</span> words remaining</span><br>

<textarea name="commision" id="commision" cols="50" rows="6" wrap="VIRTUAL" onpaste="return wtaCount(this,'myCommCounter',50)" onKeyPress="return wtaLimit()" onKeyUp="return wtaCount(this,'myCommCounter',50)"><?=$row_rs_exhibitor_ed['commision']?></textarea>

<?php

}

?>

  </div></p>

  <p>

                      <span class="darktitle">Exhibitor Information:</span><br />

                      <input type="checkbox" name="gallery" value="yes" <?php echo ($row_rs_exhibitor_ed['gallery']) ? 'checked' : '' ?> >

                      I sell my work in the uk-craft galleryshop.<br>

                      <input type="checkbox" name="creditcard" value="yes" <?php echo ($row_rs_exhibitor_ed['creditcards']) ? 'checked' : '' ?>>

                      You can buy securely from me online using PayPal.<br>

                      <input type="checkbox" name="ecommerce" value="yes" <?php echo ($row_rs_exhibitor_ed['onlineshop']) ? 'checked' : '' ?>>

                      You can buy offline from me with a cheque.<br>

                      <input type="checkbox" name="delivery" value="yes" <?php echo ($row_rs_exhibitor_ed['delivery']) ? 'checked' : '' ?>>

                      I am available for commissions.<br>

  <input type="checkbox" name="training" value="yes" <?php echo ($row_rs_exhibitor_ed['traning']) ? 'checked' : '' ?>>

                      I offer training/workshops/tuition.<br>

                      <input name="hidden_id" type="hidden" id="hidden_id" value="<?php echo $row_rs_exhibitor_ed['id']; ?>">

                    </p>

                    <p><input name="submit" type="image" id="update_btn" onMouseOver="MM_swapImage('update_btn','','../../images/btns/btn_update_over.gif',1)" onMouseOut="MM_swapImgRestore()" src="../../images/btns/btn_update.gif" alt="Update" width="52" height="21" border="0"></p>

                    <input type="hidden" name="MM_update" value="update">

                  </form></td>

              </tr>

            </table>

</td>

</tr>

</table>   

<?

echo $obj_template->showRegForm("../templates/user/indexbottom.html", $content);

?>

Link to comment
Share on other sites
only1perky Member

only1perky

Posted
  • Author
Posted

Ok sorry about that.

 

Here is the view product page code:

 

<?

 

include("../config/config.inc.php");

include("../includes/classes/template_reader.class.php");

include("../includes/classes/authentication.class.php");

include("../includes/classes/product.class.php");

include("../includes/classes/pagination.class.php");

include("../includes/classes/category.class.php");

include("../includes/classes/paypalclass.php");

$obj_category = new Category;

$obj_template = new TemplateReader;

$obj_authentication = new Authentication;

$obj_product = new Product;

$obj_pagination = new Pagination;

$obj_paypalclass = new paypalclass;

session_register('pid');

//if(isset($_GET['delid'])&&$_GET['delid']<>'')

//$obj_product->del_product($_GET['delid']);

//$obj_authentication->check_login();

$pid=$_GET['pid'];

$dat=gmdate("Y-m-d H:i:s");

$ip = getenv("REMOTE_ADDR");

if($ip){

$obj_product->visitor_ip($pid,$dat,$ip);

}

$content=$obj_product->view($pid);

$content['pid']=$_GET['pid'];

$content['links']=$obj_authentication->userlinks();

$content['loginbox']=$obj_authentication->check_loginbox();

$content['imagelist']=$obj_product->view_images($pid);

 

if( $content['imagelist']<>'')

{

$content['gallery']="window.addEvent('domready',startGallery);";

$content['gallery2']="myGallery";

}

 

$content['categories']=$obj_category->category();

$content['price']=$obj_category->price();

$content['heading']="Product details";

 

echo $obj_template->showRegForm("../templates/user/indextop.html",$content);

echo $obj_template->showRegForm("../templates/user/view_product.html",$content);

echo $obj_template->showRegForm("../templates/user/indexbottom.html",$content);

?>

 

And here is the code for ("../templates/user/view_product.html",$content):

 

<link rel="stylesheet" href="/galleryshop/css/jd.gallery.css" type="text/css" media="screen" charset="utf-8" />

<script src="/galleryshop/script/mootools.v1.11.js" type="text/javascript"></script>

<script src="/galleryshop/script/jd.gallery.js" type="text/javascript"></script>

<script type="text/javascript" src="/galleryshop/js/ajax-dynamic-content.js"></script>

<script type="text/javascript" src="/galleryshop/js/ajax.js"></script>

<script type="text/javascript" src="/galleryshop/js/ajax-tooltip.js"></script>

<script type="text/javascript">

function startGallery(){

var myGallery = new gallery($('myGallery'), {

timed: false

});

}

{--gallery--}

</script>

<script type="text/javascript">

function ship()

{

 

document.paypal.shipping.value=document.del.delivery.value;

 

 

}

</script>

 

<link rel="stylesheet" href="/galleryshop/css/ajax-tooltip.css" media="screen" type="text/css" />

 

<br /><br /><h2>{--heading--} - {--product_name--}</h2>

<p>Courtesy of <a href="javascript:;" onClick="window.open('aboutmyworkbasic.php?mywork&id={--uid--}','myWin','scrollbars=yes,width=300,height=500');"><b>{--business--}</b></a></p>

<br /><div class="content"><div id="{--gallery2--}">{--imagelist--}</div></div><div><br /><br />

<a href="#" onmouseover="ajax_showTooltip('show_tip.php?pid={--pid--}&type=ds',this);return false" onmouseout="ajax_hideTooltip()"><img alt="Product Description" src="../images/product-description.png" border="0" /></a>

 <a href="product_details_list.php?userid={--uid--}" title="Show all By {--business--}"> <img src="../images/show-all-by-this-designer.png" border="0" alt="Show all By {--contact--}" /></a>

 <a href="shoppingterms.php?id={--uid--}" title="{--business--} - Shopping Terms"> <img src="../images/my-shopping-terms.png" border="0" alt="My Shopping Terms" /></a>

 <a href="user_contact.php?contact&id={--uid--}" title="Ask {--business--} a Question"><img src="../images/ask-the-seller-a-question.png" border="0" alt="Ask the Seller a Question" /></a>

 <a href="viewHappybuyers.php?id={--uid--}" title="Happy Buyers for {--business--}"> <img src="../images/happy-buyers.png" border="0" alt="Happy Buyers" /></a>

 <a href="aboutmywork.php?mywork&id={--uid--}" title="About My Work"> <img src="../images/about-my-work.png" border="0" alt="About My Work" /></a>

 <a href="viewmydetails.php?about&id={--uid--}" title="About Me"> <img src="../images/about-me.png" border="0" alt="About Me" /></a>

<!--

 <a href="#" onmouseover="ajax_showTooltip('show_tip.php?pid={--uid--}&type=mywork&user=a',this);return false" onmouseout="ajax_hideTooltip()" title="About the Work of {--contact--}"> <img src="../images/about-my-work.png" border="0" alt="About My Work"></a>

 <a href="#" onmouseover="ajax_showTooltip('show_tip.php?pid={--uid--}&type=about&user=a',this);return false" onmouseout="ajax_hideTooltip()"  title="About the Artist"> <img src="../images/about-me.png" border="0" alt="About Me"></a>

-->

 <a href="{--url--}" title="Visit the Website of {--business--}" {--target--}> <img src="../images/link-to-website.png" border="0" alt="Visit the Website of {--business--}"></a>

</div><br />

<p><a href="offline_details.php?pid={--pid--}&uid={--uid--}" title="Order {--product_name--} Offline">Order {--product_name--} Offline</a><br />

Price excluding delivery: £{--product_price--}<br />

<a href="http://www.fieba.net/fieba/opencompactconverter.jsp">Currency Converter</a><br />

<form name="del">Estimated delivery time: {--product_dtime--}<br />Delivery options {--product_doptionuk--}</form>

 

<br /><a href="guarantee.php"title="7 Day Satisfaction Guarantee">7 Day Satisfaction Guarantee</a>

<br /><a href="shoppingterms.php?id={--uid--}" title="">Designer-makers shopping terms</a>

<br /><a href="../../buying_craft.php" target="_blank" title="">New to buying craft online</a>

 

<br />

<br />

</p>{--payp--}{--buynowbutton--}<div></div>

Link to comment
Share on other sites
only1perky Member

only1perky

Posted
  • Author
Posted

It happens when you click a link from there, could it be on this page (i'm looking at: $uid=$_GET['id'];,

If it is could you advise me on what to change it to.

 

<?

include("../config/config.inc.php");

include("../includes/classes/template_reader.class.php");

include("../includes/classes/authentication.class.php");

include("../includes/classes/product.class.php");

include("../includes/classes/pagination.class.php");

include("../includes/classes/category.class.php");

 

$obj_template = new TemplateReader;

$obj_authentication = new Authentication;

$obj_product = new Product;

$obj_pagination = new Pagination;

//$obj_authentication->check_login();

$obj_category = new Category;

$content['categories']=$obj_category->category();

$content['price']=$obj_category->price();

define('max_uploads',10);

 

$uid=$_GET['id'];

$query=mysql_query("select * from mydetails where user_id=$uid");

$obj=mysql_fetch_object($query);

if(mysql_num_rows($query)){

$content1['paypalemail']=$obj->paypalemail;

$content1['terms']=$obj->terms;

$content1['contactme']=$obj->contactme;

$content1['mywork']=$obj->mywork;

$content1['aboutme']=$obj->aboutme;

}

 

$content['loginbox']=$obj_authentication->check_loginbox();

$content['category']=$obj_product->category();

$content['max_uploads']=max_uploads;

if(isset($_GET['contact']))

{

$content['heading']="Contact Me";

$content['content']=$content1['contactme'];

}

if(isset($_GET['terms']))

{

$content['heading']="Terms";

$content['content']=$content1['terms'];

}

if(isset($_GET['mywork']))

{

$content['heading']="My Work";

$content['content']= preg_replace( "/\n/", "<br/>", $content1['mywork']);

}

if(isset($_GET['about']))

{

$content['heading']="About Me";

$content['content'] = preg_replace( "/\n/", "<br/>", $content1['aboutme']);

}

echo $obj_template->showRegForm("../templates/user/indextop.html",$content);

echo $obj_template->showRegForm("../templates/user/opportunity.html",$content);

echo $obj_template->showRegForm("../templates/user/indexbottom.html",$content);

?>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.