SitePoint Sponsor

User Tag List

Results 1 to 11 of 11
  1. #1
    SitePoint Enthusiast
    Join Date
    Jun 2001
    Posts
    54
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    managing users...update details page

    hi there.
    i have used the tutorial by kevin and everything seems to work ok without error.
    however i have made a 'my page' where after logging in the user can see their details, edit and update.
    after submitting the form everything looks ok again without error, however the database is not updated!

    is this a sessions problem....will i need to destroy the old session and register a new one?...i would appreciate any help/advice.

    btw: sessions are registered as 'uid' and 'pwd' as in the tutorial. the sql table headings can be seen in the sql update statement within the code.

    heres the code:

    ITS BEEN UPDATED SO IT NOW WORKS...BELOW IS THE CORRECT CODE IF YOU WANT IT...AT YOUR OWN RISK!


    PHP Code:
    <?
    //see below for this file
    include("login.php"); 
    ?>

    <title>title</title>
    <h1>My Page</h1>


    <?
    dbConnect
    ("db name");//add ur db name here

    if ($uid) { 

    if (
    $submit) { 

    //change tablename to urs...the varibales should 
    //match the ones in the form below ..the ones in 
    //CAPS should match the ones in ur table

    $sql "UPDATE tablename SET 
    USERID = '
    $userid',
    PASSWORD = '
    $newpass',
    FIRSTNAME = '
    $firstname',
    SURNAME = '
    $surname',
    EMAIL = '
    $email',
    COMMENTS = '
    $comments'
    WHERE ID= '
    $id'"

    $result mysql_query($sql); 

    //added next line to check variables were being passed
    echo "$userid$newpass$firstname$surname$email$comments$id";
    //end 

    if (!$result
    {  
    echo(
    "A database error occurred");
    echo(
    "<p>Show the Error<br>".
               
    "Error: " mysql_error());
               exit();
    }


    echo 
    "<p>Thank you! Information updated.</p>"

    // Email the new password to the person.    

    $message "Hello $firstname! Your registration details have been updated.\n\n";
    $message .= "Your details are as follows: \n\n";
    $message .= "Username: $userid\nPassword: $newpass\n\nPlease keep this e-mail for future reference.";
                
    mail($email,"your registration updated",         
    $message"From:us<email address>");//add ur email addres here
       




    else { 

    echo 
    "<p>Welcome!, $username... You are logged in</p>";

    // query the DB 
    //again put ur table info here...uid and pwd should 
    //be from ur session as in the tutorial so 
    //probably dont need to change uid and pwd
    $sql "SELECT * FROM tablename WHERE USERID = '$uid' AND PASSWORD = '$pwd'";
    $result mysql_query($sql);

    while (
    $row  =  mysql_fetch_row($result)) {

    $ID=$row[0];
    $UI=$row[1];
    $PW=$row[2];
    $FN=$row[3];
    $SN=$row[4];
    $EM=$row[5];
    $CO=$row[6];
    }
            
    print(
    "<form method=\"post\" action=$PHP_SELF>"); 
    print(
    "<table border = 0>"); 
    //new line to make script work
    print("<input type=\"hidden\" name=\"id\" value=\"$ID\">");
    //end
    print("<tr><td><p>User ID:</p></td>");
    print(
    "<td><input type=\"Text\" name=\"userid\" value=\"$UI\"></td></tr>");

    print(
    "<tr><td><p>Password:</p></td>");
    print(
    "<td><input type=\"Text\" name=\"newpass\" value=\"$PW\"></td></tr>");

    print(
    "<tr><td><p>First Name:</p></td>");
    print(
    "<td><input type=\"Text\" name=\"firstname\" value=\"$FN\"></td></tr>");

    print(
    "<tr><td><p>Surname:</p></td>");
    print(
    "<td><input type=\"Text\" name=\"surname\" value=\"$SN\"></td></tr>");

    print(
    "<tr><td><p>Email:</p></td>");
    print(
    "<td><input type=\"Text\" name=\"email\" value=\"$EM\"></td></tr>");

    print(
    "<tr><td><p>Comments:</p></td>");
    print(
    "<td><input type=\"Text\" name=\"comments\" value=\"$CO\"></td></tr>");

    print(
    "</table><br>");
    print(
    "<input type=\"Submit\" name=\"submit\" value=\"Update\"></form>");



    if (!
    $result
    {  
    echo(
    "A database error occurred");
    echo(
    "<p>Show the Error<br>".
               
    "Error: " mysql_error());
               exit();
    }
    }
    }

    ?>
    here's login.php - based upon kevins tutorial
    PHP Code:
    <?php 

    // the db file with ur db connection
    // see the tutorial on what to put in here
    include("db.inc");

    session_start();

    if(!isset(
    $uid)) 
    {  
    ?>  

    <title>:LogIn:</title>  


    <h1>:Login Required:</h1>  
    <p>You must log in to access this area of the site. </p>  
    <p><form method="post" action="<?PHP_SELF?>">    
    User ID:<br><input type="text" name="uid" maxlength=100><br><br>    
    Password:<br><input type="password" name="pwd" maxlength=100><br><br>    
    <input type="submit" value="Log in">
    <input type=reset name=Reset value=Clear Form>
    </form></p>  


    <?php  exit;}

    session_register("uid");
    session_register("pwd");

    dbConnect("db name");//ur db name here

    //change tablename to yours
    $sql "SELECT * FROM tablename WHERE USERID = '$uid' AND PASSWORD = '$pwd'";
    $result mysql_query($sql);

    if (!
    $result
    {  
    die(
    "A database error occurred");
    }

    if (
    mysql_num_rows($result) == 0
    {  
    session_unregister("uid");  
    session_unregister("pwd");  
    ?>  

    <title>:Access Denied:</title>  


    <h1>:Access Denied:</h1>  
    <p>Your user ID or password is incorrect.</p>  


    <?php  
    exit;
    }

    $username mysql_result($result,0,"FIRSTNAME");
    ?>
    Last edited by kamstar; Oct 7, 2001 at 05:59.

  2. #2
    Mlle. Ledoyen silver trophy seanf's Avatar
    Join Date
    Jan 2001
    Location
    UK
    Posts
    7,168
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Are you getting an error from MySQL?

    Sean
    Harry Potter

    -- You lived inside my world so softly
    -- Protected only by the kindness of your nature

  3. #3
    SitePoint Enthusiast
    Join Date
    Jun 2001
    Posts
    54
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    seanf,
    thanks for your reply.
    no i'm not getting any error msg's from the script at all...so it must be running ok?....just not sure where the problem lies.

  4. #4
    SitePoint Wizard Defender1's Avatar
    Join Date
    Apr 2001
    Location
    My Computer
    Posts
    2,808
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    echo all of the variables being submitted first and check to make sure there's actually something being submitted.
    Defender's Designs
    I'm Getting Married!

    Not-so-patiently awaiting Harry Potter Book 7 *sigh*

  5. #5
    SitePoint Enthusiast
    Join Date
    Jun 2001
    Posts
    54
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    defender,
    tried echoing the variables...see the code.
    on the confirmation page all the edited variables are correct and match the changes made but again the db is not updated.

  6. #6
    SitePoint Member
    Join Date
    Sep 2001
    Location
    Dublin, Republic of Ireland
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Change:

    PHP Code:
    $sql "UPDATE tablename SET 
    USERID = '
    $userid',
    PASSWORD = '
    $newpass',
    FIRSTNAME = '
    $firstname',
    SURNAME = '
    $surname',
    EMAIL = '
    $email',
    COMMENTS = '
    $comments'
    WHERE ID= '
    $id'"
    To:

    PHP Code:
    $sql "UPDATE tablename SET 
    USERID = '
    $userid',
    PASSWORD = '
    $newpass',
    FIRSTNAME = '
    $firstname',
    SURNAME = '
    $surname',
    EMAIL = '
    $email',
    COMMENTS = '
    $comments'
    WHERE ID=
    $id"
    Just an idea, whenever I remove the ''s from ID='$id' my scripts always work .. I don't know why .. just a quirky little thing (I may be totally wrong of course ..)
    Bob.
    bob@nescience.org | icq:102470667
    www.nescience.org .. are you a nescient?

  7. #7
    SitePoint Enthusiast
    Join Date
    Jun 2001
    Posts
    54
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    thanks bob.
    tried your suggestion and got the following error:
    "Error: You have an error in your SQL syntax near '' at line..." ie the id variable needed the ''.

  8. #8
    SitePoint Wizard Defender1's Avatar
    Join Date
    Apr 2001
    Location
    My Computer
    Posts
    2,808
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    instead of this
    PHP Code:
    result mysql_query($sql); 
    if (!
    $result
    {  
    echo(
    "A database error occurred");
    echo(
    "<p>Show the Error<br>".
               
    "Error: " mysql_error());
               exit();

    try this
    PHP Code:
    if(!mysql_query($sql)){
    echo 
    "An error has occured!";
    echo 
    mysql_error();
    } else {
    echo 
    "Query successful!";

    Last edited by Defender1; Oct 7, 2001 at 00:25.
    Defender's Designs
    I'm Getting Married!

    Not-so-patiently awaiting Harry Potter Book 7 *sigh*

  9. #9
    SitePoint Enthusiast
    Join Date
    Jun 2001
    Posts
    54
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    guys, thanks for all ur help.

    i managed to find the solution..pretty silly of me really. what i should have done is add a hidden field in the submit form with the variable $id.
    i've added it to the script and it works for me.

    to anyone who wants to use the script, its an add on to kevins manging users...tutorial ie login.php:
    after the user logs in, a form is presented which allows the user to edit and update any of their details and is then emailed confirmation. for it to work make sure all the table names/headings, db names, email addresses are correct etc...

    use at ur own peril! as i havent tested it for security yet...also further improvements could include; a 2nd email field which double checks the email address, same for the password field; a log out page; other fields such as user preferences for the display of content eg myyahoo type of thing; putting the 'mypage' in a popup page so when the user closes the window it should close the session for better security? -im only guessing... i think there is a balance as to how many questions you can ask and getting the user to fill the form.

    if anyone makes any improvements, please let me know..thanks.
    Last edited by kamstar; Oct 7, 2001 at 05:37.

  10. #10
    SitePoint Member
    Join Date
    Sep 2001
    Location
    Dublin, Republic of Ireland
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Could you e-mail it to me, or post it on the web somewhere for us all to download and play with?

    Thanks!
    Bob.
    bob@nescience.org | icq:102470667
    www.nescience.org .. are you a nescient?

  11. #11
    SitePoint Enthusiast
    Join Date
    Jun 2001
    Posts
    54
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    i've edited the original code above and included remarks so its all there...keeps this whole msg page short!....have fun.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •