Fatal error: Call to undefined function Update()

PHP
1

Hi anyone,

I have this error but i don’t know where is the error in my script…

this is my script.

Thanks for the Help…


<?php
session_start();
include_once("conn.php");
if(isset( $_SESSION['username'])){

$d=mssql_query("Select DeptName from tblDept");
$user=mssql_query("Select * from tblUserLevel");
?>
	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
	<html xmlns="http://www.w3.org/1999/xhtml">
	<head>
		<title>Edit User</title>
	<link rel="stylesheet" type="text/css" href="style.css" media="screen,projection" />
	<script src="jquery\\jquery.min.js"></script>
<script type="text/javascript" src="jquery\\jquery.validate.js"></script> 

  <script>
  $(document).ready(function(){
  
	$.validator.addMethod("noSpecialChars", function(value, element) {
		  return this.optional(element) || /^[a-z0-9\\_]+$/i.test(value);
	  }, "<font size='3' color='#FF0000'>Username must contain only letters, numbers, or underscore.</font>");
	 
    $("#edit").validate({
	  rules: {
		pass: "required",
		rpass: {
		  equalTo: "#pass"
		},
	
		fname:"required",
		lname:"required",
		email:"required email",
		dept:"required",
		userlvl:"required"
	  }
	  
	});
  });
  </script>
</head>
	</head>
	<body>

	<fieldset class="userlevel">
	<legend>Edit Profile</legend>
	<?php
	$uname=$_GET[UserName];
	if(isset($_POST['save'])){
	
			Update($_POST['uname'],$_POST['fname'],$_POST['lname'],$_POST['email'],$_POST['dept'],$_POST['userlevel'],$con);
			//echo "<font size='3' color='#00cc00'>Record Saved!</font>";
			
}			
	function update($uname,$fname,$lname,$email,$dept,$userlevel,$con){
		mssql_query("Update tblUser Set Firstname='$fname', Lastname='$lname',Email='$email',Dept='$dept',UserLevel='$userlevel' where UserName='$uname'");
		mssql_close($con);}
	

	$row=mssql_fetch_array(mssql_query("Select * FROM tblUser where UserName='$uname'"));
?>

	<table>
	<form method='post' id='edit' name='edit' action='edituser.php?UserName=<?php echo $uname;?>' onSubmit="javascript: var x=window.confirm('Do you wan\\'t to save this User?');if (!x) return(false);">
	<tr>
		<input type='hidden' value=<?php echo $row['UserName'];?> name='uname'>
		<td>User Name:</td>	
		<td><?php echo $row['UserName'];?></td>
	</tr>
	<tr>
		<td>First Name:</td>
		<td><input type='text' id='fname' value='<?php echo $row['Firstname'];?>' name='fname'></td>
	</tr>
	<tr>
		<td>Last Name:</td>
		<td><input type='text' id='lname'  value='<?php echo $row['Lastname'];?>' name='lname'></td>
	</tr>	
	<tr>
		<td>Email Address:</td>
		<td><input type='text' id='email' value='<?php echo $row['Email'];?>' name='email'></td>
	</tr>
	<tr>
		<td> Department : </td>
		<td>
		<?php 
			echo "<select name='dept' tabindex='8'>";
			while($dept=mssql_fetch_array($d)){
				echo "<option ";
				if ($row['Dept']==$dept['DeptName']) echo "Selected=Selected";
				echo ">".$dept['DeptName']."</option>";
			}echo '</select>';
		?>
		</td>
	</tr>
	<tr>
		<td>User Level:</td>
		<td>
		<?php 
			echo "<select name='userlevel' tabindex='9'>";
			while($userlvl=mssql_fetch_array($user)){
			echo "<option ";
				if ($row['UserLevel']==$userlvl['UserLevel']) echo "Selected=Selected";
				echo ">".$userlvl['UserLevel']."</option>";
			}echo '</select>';
		?>
		</td>
	</tr>
	<tr>
		<td><input type='submit' value='Save' name='save'></td>
	</tr>
	</form>
	</table>
	</fieldset>
	</body>
	</html>
<?php
}else{ //not logged in
    header('location: login.php');
}
?>
2

It seems like you used a capital on this line:

Update($_POST[‘uname’],$_POST[‘fname’],$_POST[‘lname’],$_POST[‘email’],$_POST[‘dept’],$_POST[‘userlevel’],$con);

When you shouldnt:

update($_POST[‘uname’],$_POST[‘fname’],$_POST[‘lname’],$_POST[‘email’],$_POST[‘dept’],$_POST[‘userlevel’],$con);

Apart from that, this script is vulnerable to SQL injection, I would highly recommend reading some articles about it.

SQL injection - Wikipedia, the free encyclopedia

3

Hi,
Thanks for the reply but same error appear…

4

If you get an error, it should also report the line number, could you give me the new error as well as the code that is on the line where the error occurs?

5

Hi,

Here is the code that have an error…
When i click submit Fatal error: Call to undefined function update() always prompt on my browser.


    <?php
    $uname=$_GET[UserName];
    if(isset($_POST['save'])){
   
//this line below code got an error: Fatal error: Call to undefined function update()             update($_POST['uname'],$_POST['fname'],$_POST['lname'],$_POST['email'],$_POST['dept'],$_POST['userlevel'],$con);
           
           
}     
    function update($uname,$fname,$lname,$email,$dept,$userlevel,$con){
        mssql_query("Update tblUser Set Firstname='$fname', Lastname='$lname',Email='$email',Dept='$dept',UserLevel='$userlevel' where UserName='$uname'");
        mssql_close($con);}
   
 
    $row=mssql_fetch_array(mssql_query("Select * FROM tblUser where UserName='$uname'"));
?>
6

I have notice that if i comment this script.
my code works fine, but i must insert this code for my session variable…


<?php
if(isset( $_SESSION['username'])){
?>

<?php
}else{ //not logged in
    header('location: login.php');
}
?>
7

Hmm, as far as I know you can use functions before they are defined in the same document.

But it’s possible that this is a sever configuration, try putting the function declaration before you use it, also if this is the only place you will use the update() function, there’s no need to put it in a function.

8

Thanks for the explanation…it works…

9

I’m glad you worked it out.

Do not forget to protect your system from SQL injection, if you put this script on a live site and someone decides to try an injection he could drop your entire database or change / add / remove information from it.