SitePoint Sponsor |
|
User Tag List
Results 1 to 11 of 11
-
Oct 5, 2001, 07:21 #1
- Join Date
- Jun 2001
- Posts
- 54
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
managing users...update details page
hi there.
i have used the tutorial by kevin and everything seems to work ok without error.
however i have made a 'my page' where after logging in the user can see their details, edit and update.
after submitting the form everything looks ok again without error, however the database is not updated!
is this a sessions problem....will i need to destroy the old session and register a new one?...i would appreciate any help/advice.
btw: sessions are registered as 'uid' and 'pwd' as in the tutorial. the sql table headings can be seen in the sql update statement within the code.
heres the code:
ITS BEEN UPDATED SO IT NOW WORKS...BELOW IS THE CORRECT CODE IF YOU WANT IT...AT YOUR OWN RISK!
PHP Code:<?
//see below for this file
include("login.php");
?>
<title>title</title>
<h1>My Page</h1>
<?
dbConnect("db name");//add ur db name here
if ($uid) {
if ($submit) {
//change tablename to urs...the varibales should
//match the ones in the form below ..the ones in
//CAPS should match the ones in ur table
$sql = "UPDATE tablename SET
USERID = '$userid',
PASSWORD = '$newpass',
FIRSTNAME = '$firstname',
SURNAME = '$surname',
EMAIL = '$email',
COMMENTS = '$comments'
WHERE ID= '$id'";
$result = mysql_query($sql);
//added next line to check variables were being passed
echo "$userid, $newpass, $firstname, $surname, $email, $comments, $id";
//end
if (!$result)
{
echo("A database error occurred");
echo("<p>Show the Error<br>".
"Error: " . mysql_error());
exit();
}
echo "<p>Thank you! Information updated.</p>";
// Email the new password to the person.
$message = "Hello $firstname! Your registration details have been updated.\n\n";
$message .= "Your details are as follows: \n\n";
$message .= "Username: $userid\nPassword: $newpass\n\nPlease keep this e-mail for future reference.";
mail($email,"your registration updated",
$message, "From:us<email address>");//add ur email addres here
}
else {
echo "<p>Welcome!, $username... You are logged in</p>";
// query the DB
//again put ur table info here...uid and pwd should
//be from ur session as in the tutorial so
//probably dont need to change uid and pwd
$sql = "SELECT * FROM tablename WHERE USERID = '$uid' AND PASSWORD = '$pwd'";
$result = mysql_query($sql);
while ($row = mysql_fetch_row($result)) {
$ID=$row[0];
$UI=$row[1];
$PW=$row[2];
$FN=$row[3];
$SN=$row[4];
$EM=$row[5];
$CO=$row[6];
}
print("<form method=\"post\" action=$PHP_SELF>");
print("<table border = 0>");
//new line to make script work
print("<input type=\"hidden\" name=\"id\" value=\"$ID\">");
//end
print("<tr><td><p>User ID:</p></td>");
print("<td><input type=\"Text\" name=\"userid\" value=\"$UI\"></td></tr>");
print("<tr><td><p>Password:</p></td>");
print("<td><input type=\"Text\" name=\"newpass\" value=\"$PW\"></td></tr>");
print("<tr><td><p>First Name:</p></td>");
print("<td><input type=\"Text\" name=\"firstname\" value=\"$FN\"></td></tr>");
print("<tr><td><p>Surname:</p></td>");
print("<td><input type=\"Text\" name=\"surname\" value=\"$SN\"></td></tr>");
print("<tr><td><p>Email:</p></td>");
print("<td><input type=\"Text\" name=\"email\" value=\"$EM\"></td></tr>");
print("<tr><td><p>Comments:</p></td>");
print("<td><input type=\"Text\" name=\"comments\" value=\"$CO\"></td></tr>");
print("</table><br>");
print("<input type=\"Submit\" name=\"submit\" value=\"Update\"></form>");
if (!$result)
{
echo("A database error occurred");
echo("<p>Show the Error<br>".
"Error: " . mysql_error());
exit();
}
}
}
?>
PHP Code:<?php
// the db file with ur db connection
// see the tutorial on what to put in here
include("db.inc");
session_start();
if(!isset($uid))
{
?>
<title>:LogIn:</title>
<h1>:Login Required:</h1>
<p>You must log in to access this area of the site. </p>
<p><form method="post" action="<?PHP_SELF?>">
User ID:<br><input type="text" name="uid" maxlength=100><br><br>
Password:<br><input type="password" name="pwd" maxlength=100><br><br>
<input type="submit" value="Log in">
<input type=reset name=Reset value=Clear Form>
</form></p>
<?php exit;}
session_register("uid");
session_register("pwd");
dbConnect("db name");//ur db name here
//change tablename to yours
$sql = "SELECT * FROM tablename WHERE USERID = '$uid' AND PASSWORD = '$pwd'";
$result = mysql_query($sql);
if (!$result)
{
die("A database error occurred");
}
if (mysql_num_rows($result) == 0)
{
session_unregister("uid");
session_unregister("pwd");
?>
<title>:Access Denied:</title>
<h1>:Access Denied:</h1>
<p>Your user ID or password is incorrect.</p>
<?php
exit;
}
$username = mysql_result($result,0,"FIRSTNAME");
?>Last edited by kamstar; Oct 7, 2001 at 06:59.
-
Oct 5, 2001, 12:34 #2
Are you getting an error from MySQL?
SeanHarry Potter
-- You lived inside my world so softly
-- Protected only by the kindness of your nature
-
Oct 5, 2001, 18:42 #3
- Join Date
- Jun 2001
- Posts
- 54
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
seanf,
thanks for your reply.
no i'm not getting any error msg's from the script at all...so it must be running ok?....just not sure where the problem lies.
-
Oct 5, 2001, 21:00 #4
- Join Date
- Apr 2001
- Location
- My Computer
- Posts
- 2,808
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
echo all of the variables being submitted first and check to make sure there's actually something being submitted.
-
Oct 6, 2001, 11:18 #5
- Join Date
- Jun 2001
- Posts
- 54
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
defender,
tried echoing the variables...see the code.
on the confirmation page all the edited variables are correct and match the changes made but again the db is not updated.
-
Oct 6, 2001, 18:22 #6
- Join Date
- Sep 2001
- Location
- Dublin, Republic of Ireland
- Posts
- 20
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Change:
PHP Code:$sql = "UPDATE tablename SET
USERID = '$userid',
PASSWORD = '$newpass',
FIRSTNAME = '$firstname',
SURNAME = '$surname',
EMAIL = '$email',
COMMENTS = '$comments'
WHERE ID= '$id'";
PHP Code:$sql = "UPDATE tablename SET
USERID = '$userid',
PASSWORD = '$newpass',
FIRSTNAME = '$firstname',
SURNAME = '$surname',
EMAIL = '$email',
COMMENTS = '$comments'
WHERE ID=$id";
Bob.
bob@nescience.org | icq:102470667
www.nescience.org .. are you a nescient?
-
Oct 6, 2001, 19:54 #7
- Join Date
- Jun 2001
- Posts
- 54
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
thanks bob.
tried your suggestion and got the following error:
"Error: You have an error in your SQL syntax near '' at line..." ie the id variable needed the ''.
-
Oct 7, 2001, 01:21 #8
- Join Date
- Apr 2001
- Location
- My Computer
- Posts
- 2,808
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
instead of this
PHP Code:result = mysql_query($sql);
if (!$result)
{
echo("A database error occurred");
echo("<p>Show the Error<br>".
"Error: " . mysql_error());
exit();
}
PHP Code:if(!mysql_query($sql)){
echo "An error has occured!";
echo mysql_error();
} else {
echo "Query successful!";
}
Last edited by Defender1; Oct 7, 2001 at 01:25.
-
Oct 7, 2001, 06:14 #9
- Join Date
- Jun 2001
- Posts
- 54
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
guys, thanks for all ur help.
i managed to find the solution..pretty silly of me really. what i should have done is add a hidden field in the submit form with the variable $id.
i've added it to the script and it works for me.
to anyone who wants to use the script, its an add on to kevins manging users...tutorial ie login.php:
after the user logs in, a form is presented which allows the user to edit and update any of their details and is then emailed confirmation. for it to work make sure all the table names/headings, db names, email addresses are correct etc...
use at ur own peril! as i havent tested it for security yet...also further improvements could include; a 2nd email field which double checks the email address, same for the password field; a log out page; other fields such as user preferences for the display of content eg myyahoo type of thing; putting the 'mypage' in a popup page so when the user closes the window it should close the session for better security? -im only guessing... i think there is a balance as to how many questions you can ask and getting the user to fill the form.
if anyone makes any improvements, please let me know..thanks.Last edited by kamstar; Oct 7, 2001 at 06:37.
-
Oct 7, 2001, 06:36 #10
- Join Date
- Sep 2001
- Location
- Dublin, Republic of Ireland
- Posts
- 20
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Could you e-mail it to me, or post it on the web somewhere for us all to download and play with?
Thanks!Bob.
bob@nescience.org | icq:102470667
www.nescience.org .. are you a nescient?
-
Oct 7, 2001, 06:44 #11
- Join Date
- Jun 2001
- Posts
- 54
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
i've edited the original code above and included remarks so its all there...keeps this whole msg page short!....have fun.
Bookmarks