lee2010 Posted November 4, 2010 Share Posted November 4, 2010 Hi everyone, i have currently have a registration and login page working, i have now included a profile/edit profile page once the user is logged in. However im having a problem, once the user logs in the account page welcomes them by there username using the following code <h2>Welcome, <?php echo $_SESSION['username']; ?></h2> Which is fine, however when users edit there profile there details arent stored into there userid within the mysql database. for example this is my edit profile page and this is what it does within the mysql database: It doesn't save that info to the current user and im not sure how to get it to do it, heres my code: <?PHP //Database Information $dbhost = "localhost"; $dbname = "blank"; $dbuser = "blank"; $dbpass = "password"; //Connect to database mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error()); mysql_select_db($dbname) or die(mysql_error()); $real_name = $_POST['real_name']; $location = $_POST['location']; $mobile_number = $_POST['mobile_number']; $instant_messaging = $_POST['instant_messaging']; $query = "REPLACE INTO users (real_name, location, mobile_number, instant_messaging) VALUES('$real_name', '$location', '$mobile_number', '$instant_messaging')"; mysql_query($query) or die(mysql_error()); mysql_close(); ?> I can see why it doesn't work as it just inserts it into the users database but I'm not sure how to associate it with the current logged in user. Any help would be great, Lee Quote Link to comment Share on other sites More sharing options...
The Little Guy Posted November 4, 2010 Share Posted November 4, 2010 This is the query you actually want: $query = "UPDATE users SET real_name = '$real_name', location = '$location', mobile_number = '$mobile_number', instant_messaging = '$instant_messaging' WHERE userid = '{$_SESSION['userid']}'"; Also, use the function mysql_real_escape_string on your $_POST variables. Quote Link to comment Share on other sites More sharing options...
lee2010 Posted November 4, 2010 Author Share Posted November 4, 2010 Hi, thanks for your reply! I've put that query in instead and it doesn't seem to work. This is my updated code <?PHP //Database Information $dbhost = "blank"; $dbname = "blank"; $dbuser = "blank"; $dbpass = "password"; //Connect to database mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error()); mysql_select_db($dbname) or die(mysql_error()); $real_name = $_POST['real_name']; $location = $_POST['location']; $mobile_number = $_POST['mobile_number']; $instant_messaging = $_POST['instant_messaging']; $query = "UPDATE users SET real_name = '$real_name', location = '$location', mobile_number = '$mobile_number', instant_messaging = '$instant_messaging' WHERE userid = '{$_SESSION['$userid']}'"; mysql_query($query) or die(mysql_error()); mysql_close(); ?> I think the problem is here: WHERE userid = '{$_SESSION['$userid']}'"; as my login does this session_start(); $_SESSION['username'] = $username; Quote Link to comment Share on other sites More sharing options...
The Little Guy Posted November 4, 2010 Share Posted November 4, 2010 I would recommend saving their userid in a session as well. otherwise if you want to use username, just change my code to use it. but if you do add the userid, make sure to log out then back in edit: I also notice that I accidentally placed a $ in front of userid this '{$_SESSION['$userid']}'"; would be this: '{$_SESSION['userid']}'"; Quote Link to comment Share on other sites More sharing options...
lee2010 Posted November 4, 2010 Author Share Posted November 4, 2010 Thanks again for your reply, I'm not sure if it's me making a stupid mistake but it still won't get the data on the database end. Just to confirm this should be the correct code: <?PHP //Database Information $dbhost = "blank"; $dbname = "blank"; $dbuser = "blank"; $dbpass = "password"; //Connect to database mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error()); mysql_select_db($dbname) or die(mysql_error()); $real_name = $_POST['real_name']; $location = $_POST['location']; $mobile_number = $_POST['mobile_number']; $instant_messaging = $_POST['instant_messaging']; $query = "UPDATE users SET real_name = '$real_name', location = '$location', mobile_number = '$mobile_number', instant_messaging = '$instant_messaging' WHERE username = '{$_SESSION['username']}'"; mysql_query($query) or die(mysql_error()); mysql_close(); ?> Quote Link to comment Share on other sites More sharing options...
lee2010 Posted November 5, 2010 Author Share Posted November 5, 2010 Anyone able to help with this, the database still wont receive the details from the profile page Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted November 5, 2010 Share Posted November 5, 2010 echo query to make sure it's what you expect. echo "query: $query <br />"; Quote Link to comment Share on other sites More sharing options...
rwwd Posted November 5, 2010 Share Posted November 5, 2010 IT won't function as you are not passing the connection reference into the query. <?PHP //Database Information $dbhost = "blank"; $dbname = "blank"; $dbuser = "blank"; $dbpass = "password"; //Connect to database $conn = mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error()); mysql_select_db($dbname, $conn) or die(mysql_error()); //clean data $_POST = array_map('strip_tags', $_POST); $_POST = array_map('mysql_real_escape_string', $_POST); $real_name = $_POST['real_name']; $location = $_POST['location']; $mobile_number = $_POST['mobile_number']; $instant_messaging = $_POST['instant_messaging']; //set a limit to the clause so that ONLY 1 row gets affected, don't need duplicates.. $query = "UPDATE `users` SET `real_name` = '".$real_name."', `location` = '".$location."', `mobile_number` = '".$mobile_number."', `instant_messaging` = '".$instant_messaging."' WHERE `username` = '".$_SESSION['username']."' LIMIT 1"; //as the $conn was reference in the database selection, this query 'inherits' the last known connection $success = mysql_query($query) or die(mysql_error()); if($success){ echo "Updated successfully"; exit; } else{ echo "Something went wrong"; exit; } //no need to use mysql_close() as this is the natural action once the script completes anyway... ?> Try that. Rw Quote Link to comment Share on other sites More sharing options...
lee2010 Posted November 5, 2010 Author Share Posted November 5, 2010 Thanks very much for your replies, I've tried that code and I'm getting the Updated Successfully message once i submit however its not going into the database, its staying blank in those fields which is very odd. Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted November 5, 2010 Share Posted November 5, 2010 so... what does the SQL look like that isn't working? does it work when you run it via phpmyadmin or other? Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted November 5, 2010 Share Posted November 5, 2010 I'm getting the Updated Successfully message That's because that code will display that message any time the query executes with no errors (which we already knew because the or die(...) was not outputting anything.) Going back a few steps, your code does not have a session_start(); statement so you cannot reference a $_SESSION variable (doing what BlueSkyIS has suggested, twice, will help you since you will see what the query actually is.) You are also not checking if the form was submitted or validating any of the form data, which might be empty if your form is invalid or has not been submitted (doing what BlueSkyIS has suggested will also let you see if the form values actually have what you expect in them.) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.