PHP/MySQL allowing current user to edit there account information
Posted
by
user1837896
on Stack Overflow
See other posts from Stack Overflow
or by user1837896
Published on 2012-11-21T04:28:30Z
Indexed on
2012/11/21
5:00 UTC
Read the original article
Hit count: 267
i have created 2 pages
update.php
edit.php
we start on edit.php so here is edit.php's script
<?php
session_start();
$id = $_SESSION["id"];
$username = $_POST["username"];
$fname = $_POST["fname"];
$password = $_POST["password"];
$email = $_POST["email"];
mysql_connect('mysql13.000webhost.com', 'a2670376_Users', 'Password') or die(mysql_error());
echo "MySQL Connection Established! <br>";
mysql_select_db("a2670376_Pass") or die(mysql_error());
echo "Database Found! <br>";
$query = "UPDATE members SET username = '$username', fname = '$fname',
password = '$password' WHERE id = '$id'";
$res = mysql_query($query);
if ($res)
echo "<p>Record Updated<p>";
else
echo "Problem updating record. MySQL Error: " . mysql_error();
?>
<form action="update.php" method="post">
<input type="hidden" name="id" value="<?=$id;?>">
ScreenName:<br> <input type='text' name='username' id='username' maxlength='25' style='width:247px' name="username" value="<?=$username;?>"/><br>
FullName:<br> <input type='text' name='fname' id='fname' maxlength='20' style='width:248px' name="ud_img" value="<?=$fname;?>"/><br>
Email:<br> <input type='text' name='email' id='email' maxlength='50' style='width:250px' name="ud_img" value="<?=$email;?>"/><br>
Password:<br> <input type='text' name='password' id='password' maxlength='25' style='width:251px' value="<?=$password;?>"/><br>
<input type="Submit">
</form>
now here is the update.php page where i am having the MAJOR problem
<?php
session_start();
mysql_connect('mysql13.000webhost.com', 'a2670376_Users', 'Password') or die(mysql_error());
mysql_select_db("a2670376_Pass") or die(mysql_error());
$id = (int)$_SESSION["id"];
$username = mysql_real_escape_string($_POST["username"]);
$fname = mysql_real_escape_string($_POST["fname"]);
$email = mysql_real_escape_string($_POST["email"]);
$password = mysql_real_escape_string($_POST["password"]);
$query="UPDATE members
SET username = '$username', fname = '$fname', email = '$email', password = '$password'
WHERE id='$id'";
mysql_query($query)or die(mysql_error());
if(mysql_affected_rows()>=1){
echo "<p>($id) Record Updated<p>";
}else{
echo "<p>($id) Not Updated<p>";
}
?>
now on edit.php i fill out the form to edit the account "test" while i am logged into it now once the form if filled out i click on |Submit!| button and it takes me to update.php and it returns this
(0) Not Updated
(0) <= id of user logged in
Not Updated <= MySql Error from
mysql_query($query)or die(mysql_error());
if(mysql_affected_rows()>=1){
i want it to update the user logged in and if i am not mistaken in this script it says
$id = (int)$_SESSION["id"];
witch updates the user with the id of the person who is logged in
but it isnt updating its saying that no tables were effected
if it helps heres my MySql Database picture just click here http://i50.tinypic.com/21juqfq.png
if this could possibly be any help to find the solution i have 2 more files delete.php and delete_ac.php they have can remove users from my sql database and they show the user id and it works there are no bugs in this script at all PLEASE DO NOT MAKE SUGGESTIONS FOR THE SCRIPTS BELOW delete.php first
<?php
$host="mysql13.000webhost.com"; // Host name
$username="a2670376_Users"; // Mysql username
$password="PASSWORD"; // Mysql password
$db_name="a2670376_Pass"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// select record from mysql
$sql="SELECT * FROM $tbl_name";
$result=mysql_query($sql);
?>
<table border="0" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<td colspan="8" style="bgcolor: #FFFFFF"><strong><img src="http://i47.tinypic.com/u6ihk.png" height="30" widht="30">Delete data in mysql</strong> </td>
</tr>
<tr>
<td align="center" bgcolor="#FFFFFF"><strong>Id</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>UserName</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>FullName</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>Password</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>Email</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>Date</strong></td>
<td align="center" bgcolor="#FFFFFF"><strong>Ip</strong></td>
<td align="center" bgcolor="#FFFFFF"> </td>
</tr>
<?php
while($rows=mysql_fetch_array($result)){
?>
<tr>
<td bgcolor="#FFFFFF"><? echo $rows['id']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['username']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['fname']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['password']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['email']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['date']; ?></td>
<td bgcolor="#FFFFFF"><? echo $rows['ip']; ?></td>
<td bgcolor="#FFFFFF"><a href="delete_ac.php?id=<? echo $rows['id']; ?>">delete</a></td>
</tr>
<?php
// close while loop
}
?>
</table>
<?php
// close connection;
sql_close();
?>
and now delete_ac.php
<table width="500" border="0" cellpadding="3" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<td colspan="8" bgcolor="#FFFFFF"><strong><img src="http://t2.gstatic.com/images? q=tbn:ANd9GcS_kwpNSSt3UuBHxq5zhkJQAlPnaXyePaw07R652f4StmvIQAAf6g" height="30" widht="30">Removal Of Account</strong> </td>
</tr>
<tr>
<td align="center" bgcolor="#FFFFFF">
<?php
$host="mysql13.000webhost.com"; // Host name
$username="a2670376_Users"; // Mysql username
$password="javascript00"; // Mysql password
$db_name="a2670376_Pass"; // Database name
$tbl_name="members"; // Table name
// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
// get value of id that sent from address bar
$id=$_GET['id'];
// Delete data in mysql from row that has this id
$sql="DELETE FROM $tbl_name WHERE id='$id'";
$result=mysql_query($sql);
// if successfully deleted
if($result){
echo "Deleted Successfully";
echo "<BR>";
echo "<a href='delete.php'>Back to main page</a>";
}
else {
echo "ERROR";
}
?>
<?php
// close connection
mysql_close();
?>
</td>
</tr>
</table>
© Stack Overflow or respective owner