MSUK1 Posted January 29, 2011 Share Posted January 29, 2011 when i submit it, the only field that updates is the email field. UserEdit.php file <? /** * UserEdit.php * * This page is for users to edit their account information * such as their password, email address, etc. Their * usernames can not be edited. When changing their * password, they must first confirm their current password. * */ include("include/session.php"); ?> <html> <title>Edit Your Details</title> <link rel="stylesheet" type="text/css" href="../assets/css/styles.css" /> <link rel="stylesheet" type="text/css" href="../assets/css/forms.css" /> <link rel="stylesheet" type="text/css" href="../assets/css/layout.css" /> <link rel="stylesheet" type="text/css" href="../assets/css/style.css" /> <style> #form6 input{ margin:0; width:250px; border:1px solid #ddd; padding:3px 5px 3px 25px; } input{ font:100% Trebuchet MS, Arial, Helvetica, Sans-Serif; line-height:160%; color:#FFF; } #form6 input{background:#000; } </style> <body> <? /** * User has submitted form without errors and user's * account has been edited successfully. */ if(isset($_SESSION['useredit'])){ unset($_SESSION['useredit']); echo "<h1>User Account Edit Success!</h1>"; echo "<p><b>$session->username</b>, your account has been successfully updated. " ."<a href=\"index.php\">Main</a>.</p>"; } else{ ?> <? /** * If user is not logged in, then do not display anything. * If user is logged in, then display the form to edit * account information, with the current email address * already in the field. */ if($session->logged_in){ ?> <h2>User Account Edit : <? echo $session->firstname; ?></h2> <? if($form->num_errors > 0){ echo "<td><font size=\"2\" color=\"#ff0000\">".$form->num_errors." error(s) found</font></td>"; } ?> <form id="form6" action="process.php" method="POST"> <table align="left" border="0" cellspacing="0" cellpadding="3"> <tr> <td>Email:</td> <td><input type="text" name="email" maxlength="50" value=" <? if($form->value("email") == ""){ echo $session->userinfo['email']; }else{ echo $form->value("email"); } ?>"> </td> <td><? echo $form->error("email"); ?></td> </tr> <tr> <td>Phone:</td> <td><input type="text" name="tel" maxlength="50" value=" <? if($form->value("tel") == ""){ echo $session->userinfo['tel']; }else{ echo $form->value("tel"); } ?>"> </td> <td><? echo $form->error("tel"); ?></td> </tr> <tr> <td>Address:</td> <td> <input type="text" name="address" maxlength="50" value=" <? if($form->value("address") == ""){ echo $session->userinfo['address']; }else{ echo $form->value("address"); } ?>" style="height: 138px"> </td> <td><? echo $form->error("address"); ?></td> </tr> <tr> <td>Company:</td> <td><input type="text" name="company" maxlength="50" value=" <? if($form->value("company") == ""){ echo $session->userinfo['company']; }else{ echo $form->value("company"); } ?>"> </td> <td><? echo $form->error("company"); ?></td> </tr> <tr><td colspan="2" align="right"> <input type="hidden" name="subedit" value="1"> <input type="submit" value="Edit Account"></td></tr> <tr><td colspan="2" align="left"></td></tr> </table> </form> <? } } ?> </body> </html> sends to session.php /** * editAccount - Attempts to edit the user's account information * including the password, which it first makes sure is correct * if entered, if so and the new password is in the right * format, the change is made. All other fields are changed * automatically. */ function editAccount($subcurpass, $subnewpass, $subemail, $subtel, $subaddress, $subcompany){ global $database, $form; //The database and form object /* New password entered */ if($subnewpass){ /* Current Password error checking */ $field = "curpass"; //Use field name for current password if(!$subcurpass){ $form->setError($field, "* Current Password not entered"); } else{ /* Check if password too short or is not alphanumeric */ $subcurpass = stripslashes($subcurpass); if(strlen($subcurpass) < 4 || !eregi("^([0-9a-z])+$", ($subcurpass = trim($subcurpass)))){ $form->setError($field, "* Current Password incorrect"); } /* Password entered is incorrect */ if($database->confirmUserPass($this->username,md5($subcurpass)) != 0){ $form->setError($field, "* Current Password incorrect"); } } /* New Password error checking */ $field = "newpass"; //Use field name for new password /* Spruce up password and check length*/ $subpass = stripslashes($subnewpass); if(strlen($subnewpass) < 4){ $form->setError($field, "* New Password too short"); } /* Check if password is not alphanumeric */ else if(!eregi("^([0-9a-z])+$", ($subnewpass = trim($subnewpass)))){ $form->setError($field, "* New Password not alphanumeric"); } } /* Change password attempted */ else if($subcurpass){ /* New Password error reporting */ $field = "newpass"; //Use field name for new password $form->setError($field, "* New Password not entered"); } /* Email error checking */ $field = "email"; //Use field name for email if($subemail && strlen($subemail = trim($subemail)) > 0){ /* Check if valid email address */ $regex = "^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*" ."@[a-z0-9-]+(\.[a-z0-9-]{1,})*" ."\.([a-z]{2,}){1}$"; if(!eregi($regex,$subemail)){ $form->setError($field, "* Email invalid"); } $subemail = stripslashes($subemail); } /* Errors exist, have user correct them */ if($form->num_errors > 0){ return false; //Errors with form } /* Update password since there were no errors */ if($subcurpass && $subnewpass){ $database->updateUserField($this->username,"password",md5($subnewpass)); } /* Change Email */ if($subemail){ $database->updateUserField($this->username,"email",$subemail); } /* Change Email */ if($subtel){ $database->updateUserField($this->username,"tel",$subtel); } /* Change Email */ if($subaddress){ $database->updateUserField($this->username,"address",$subaddress); } /* Change Email */ if($subcompany){ $database->updateUserField($this->username,"company",$subcompany); } /* Success! */ return true; } sends to database.php /** * updateUserField - Updates a field, specified by the field * parameter, in the user's row of the database. */ function updateUserField($username, $field, $value){ $q = "UPDATE ".TBL_USERS." SET ".$field." = '$value' WHERE username = '$username'"; return mysql_query($q, $this->connection); } think thats all you should need? Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted January 29, 2011 Share Posted January 29, 2011 i dont' see editAccount() function executed anywhere. are we missing some code? Quote Link to comment Share on other sites More sharing options...
MSUK1 Posted January 29, 2011 Author Share Posted January 29, 2011 /** * procEditAccount - Attempts to edit the user's account * information, including the password, which must be verified * before a change is made. */ function procEditAccount(){ global $session, $form; /* Account edit attempt */ $retval = $session->editAccount($_POST['curpass'], $_POST['newpass'], $_POST['email']); /* Account edit successful */ if($retval){ $_SESSION['useredit'] = true; header("Location: ".$session->referrer); } /* Error found with form */ else{ $_SESSION['value_array'] = $_POST; $_SESSION['error_array'] = $form->getErrorArray(); header("Location: ".$session->referrer); } } }; sorry, and i think i have found my problem, forgetting to add them all to $_POST['nextfield'] for example? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.