SitePoint Sponsor

User Tag List

Results 1 to 2 of 2

Thread: empty query

  1. #1
    SitePoint Member
    Join Date
    Aug 2013
    Posts
    12
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    empty query

    I am trying to allow my users to update their own profile info. Yet, the query is empty(Nothing recorded into the database though it states "Your profile has been updated!")
    What did I do wrongly?

    userlist.php is where my list of users are displayed


    Code:
    <?php
        
        include ('connect.php')
        
        ?>
        
        <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
        <html>
        <head>
        <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
        <title>Insert title here</title>
        </head>
        <body>
        	<div>
        		<?php 
        		foreach(fetch_users() as $user) {
        		?>
        			<p><a href="profile.php?id=<?php echo $user['id'];?>"><?php echo $user['username']; ?></a></p>
        		<?php 
        		}
        		?>
        	</div>
        </body>
        </html>
    userinc.php is used to store all functions

    Code:
        <?php
        
        function fetch_users() {
        	$result = mysql_query("SELECT `user_id` AS `id`, `user_name` AS `username`, `email` AS `email`, `description` AS `description` FROM `userprofile`");
        	
        	$users = array();
        	
        	while (($row = mysql_fetch_assoc($result)) !== false) {
        		$users[] = $row;
        	}
        	
        	return $users;
        }
        
        // fetch profile info for the given user
        function fetch_user_info($id) {
        	$id = (int)$id;
        	$sql = "SELECT `user_id` AS `id`, `user_name` AS `username`, `email` AS `email`, `description` AS `description` FROM `userprofile` WHERE `user_id` = '$id'";
        	$result = mysql_query($sql);
        	
        	return mysql_fetch_assoc($result);
        }
        
        // update the current users profile info
        function set_profile_info($username, $email, $description){
        	$username = mysql_real_escape_string(htmlentities($username));
        	$email = mysql_real_escape_string(nl2br(htmlentities($email)));
        	$description = mysql_real_escape_string(htmlentities($description));
        
        	$sql = "UPDATE `userprofile` SET `user_name` = $username
        									 `email` = $email
        									 `description` = $description
        								WHERE user_id =". $_GET['id'];
        	
        	mysql_query($sql);
        
        }
        
        if(!mysql_query($sql)) {
        	die ('Error: '. mysql_error());
        }
        ?>
    profile.php


    Code:
    <?php
        
        include ('connect.php');
        $user_info = fetch_user_info($_GET['id']);
        
        ?>
        <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
        <html>
        <head>
        <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
        <title>Profile Information</title>
        </head>
        <body>
        	<div>
        		<?php 
        		
        		if($user_info == false){
        			echo 'That user does not exist.';
        		}
        		else {
        		?>
        			<h1>Profile</h1>
        			<p>Username: <?php  echo $user_info['username']; ?> </p>
        			<p>Email: <?php echo $user_info['email']; ?></p>
        			<p>Description: <?php echo $user_info['description']; ?></p>
        		<?php 
        		}
        		?>
        	</div>
        	<div>
        			<p><a href="editprofile.php?id=<?php echo $user_info['id'];?>">Edit</a></p>
        	</div>
        </body>
        </html>
    editprofile.php


    Code:
    <?php
        
        include ('connect.php');
        
        if (isset($_POST['username'], $_POST['email'], $_POST['description'])) {
        	$errors = array();
        	
        	if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false) {
        		$errors[] = 'Invalid email address!';
        	}
        	
        	if (empty($errors)) {
        		set_profile_info($_POST['username'],$_POST['email'], $_POST['description']);
        	}
        	
        	$user_info = array(
        	'username' => htmlentities($_POST['username']),
        	'email' => htmlentities($_POST['email']),
        	'description' => htmlentities($_POST['description'])
        	) ;
        	
        }
        
        else {
        $user_info = fetch_user_info($_GET['id']); //change to $_SESSION once the user is logged in, successfully
        }
        ?>
        <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
        <html>
        <head>
        <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
        <style type = "text/css">
        	form { margin: 10px 8px 8px 8px; }
        	form div { float: left; clear: both; margin: 0px 0px 4px 0px; }
        	label { float: left; width: 100px; }
        	input[type = "text"], textarea { float: left; width: 400px; }
        	input[type = "submit"] { margin: 18px 8px 0px 100px }
        </style>
        <title>Edit Your Profile</title>
        </head>
        <body>
        	<div>
        		<?php 
        		
        		if (isset($errors) == false){
        			echo 'Click update to edit your profile.';
        		}
        		else if (empty($errors)){
        			echo 'Your profile has been updated!';
        		}
        		else {
        			echo '<ul><li>', implode('</li><li>', $errors), '</li></ul>';
        		}
        		
        		?>
        	</div>
        	<form action = "" method = "post">
        		<div>
        			<label for = "username">Username:</label>
        			<input type = "text" name = "username" id = "username" value = "<?php echo $user_info['username']; ?>" />
        		</div>
        		<div>
        			<label for = "email">Email:</label>
        			<input type = "text" name = "email" id = "email" value = "<?php echo $user_info['email']; ?>" />
        		</div>
        		<div>
        			<label for = "description">Description:</label>
        			<textarea name = "description" id = "description" rows = "14" cols = "50"><?php echo strip_tags($user_info['description']); ?></textarea>
        		</div>
        		<div>
        			<input type = "submit" value = "Update" />
        		</div>
        	</form>
        </body>
        </html>

    HELP PLEASE

  2. #2
    Community Advisor bronze trophy
    fretburner's Avatar
    Join Date
    Apr 2013
    Location
    Brazil
    Posts
    1,402
    Mentioned
    45 Post(s)
    Tagged
    12 Thread(s)
    Quote Originally Posted by xxx12345 View Post
    I am trying to allow my users to update their own profile info. Yet, the query is empty(Nothing recorded into the database though it states "Your profile has been updated!")
    What did I do wrongly?
    Even though your program is telling you the profile has been updated, you've no way to know if the query was successful or not as your set_profile_info function doesn't check the result from mysql_query (which would be false if the query fails) and doesn't return anything itself:
    PHP Code:
    function set_profile_info($username$email$description) {
            
    $username mysql_real_escape_string(htmlentities($username));
            
    $email mysql_real_escape_string(nl2br(htmlentities($email)));
            
    $description mysql_real_escape_string(htmlentities($description));
        
            
    $sql "UPDATE `userprofile` SET `user_name` = $username
                                             `email` = 
    $email
                                             `description` = 
    $description
                                        WHERE user_id ="
    $_GET['id'];
            
            
    mysql_query($sql);
        

    Looking at your query, I expect the problem is that you're missing commas after the $username and $email values.

    Try rewriting your function something like this:
    PHP Code:
    function set_profile_info($username$email$description) {
        
    $username mysql_real_escape_string(htmlentities($username));
        
    $email mysql_real_escape_string(nl2br(htmlentities($email)));
        
    $description mysql_real_escape_string(htmlentities($description));

        
    $sql "UPDATE `userprofile` 
                SET `user_name` = 
    $username, `email` = $email, `description` = $description
                WHERE user_id ="
    $_GET['id'];
        
        return 
    mysql_query($sql);

    This way when you call the function, you can check if it returns false and display an error message.

    Two other things I should mention - first, it's not a good idea to hardcode that reference to $_GET['id'] into your function. It's better to pass it in as an argument, as this will allow you to reuse the function in other contexts (i.e. where the ID comes from a different source) and makes it easier to test.

    Second, you really shouldn't be using the mysql_* functions, as they have been depreciated and the mysql extension will be removed from PHP. Look into switching to mysqli or PDO instead.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •