PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
I have a problem with my update code.after user log in,they can choose to update their details.This code can track user but it cannot do update.When they go to this page,all their particulars already there and they can just type again and click submit to update.
The problem is user's particulars are not displayed,therefore they cant do the update.
Your problem is that you are fragmenting your code too much...try just echo('')ing the code in your form instead of stopping using php, haveing some html with php embedded in it, and then resuming php again.
-wyrmmage
<?php
mysql_connect("localhost", "ODBC", "") or die(mysql_error());
mysql_select_db("wms") or die(mysql_error());
//checks cookies to make sure they are logged in
if(isset($_COOKIE['ID_my_site']))
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
//if the cookie has the wrong password, they are taken to the login page
if ($pass != $info['password'])
{ header("Location:http://localhost/projek/home.php");
}
//otherwise they are shown the user area
else
{
$name = $_GET[nama];
$jawatan = $_GET[jawatan];
$no_kp = $_GET[no_kp];
$password = $_GET[password];
if(isset($_GET['update']))
{
$sql = "UPDATE users SET username = '$name', jawatan = '$jawatan', no_kp = '$no_kp', password = '$password' WHERE username = '$username'";
$result = mysql_query($sql);
echo "Thank You!Information Updated.\n";
$result=mysql_query("SELECT * FROM users WHERE username='$username'",$db);
$myrow=mysql_fetch_array($result);
}
else if($name = $_GET[nama])
{
$result=mysql_query("SELECT * FROM users WHERE username ='$username'",$db);
$myrow=mysql_fetch_array($result);
}
echo('
<form method="get" action="$PHP_SELF">
<input type="hidden" name="id" value="$myrow[\"id\"]">
Nama:<input type="text" name="nama" value="$myrow[\"username\"]>
<br>
Jawatan:<input type="text" name="jawatan" value="$myrow[\"jawatan\"]>
<br>
No Kad Pengenalan:<input type="text" name="no_kp" value="$myrow[\"no_kp\"]>
<br>
Katalaluan:<input type="text" name="katalaluan" value="$myrow[\"password\"]>
<br>
<input type="Submit" name="update" value="Kemaskini">
</form>
');
}
}
}
?>
It seems that your code was not escaped properly...I suspect that that was what was causing the problem; try the above code and see if it works
-wyrmmage
<?php
mysql_connect("localhost", "ODBC", "") or die(mysql_error());
mysql_select_db("wms") or die(mysql_error());
//checks cookies to make sure they are logged in
if (isset($_COOKIE['ID_my_site']))
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site']; // ARE YOU REALLY STORING PASSWORDS IN COOKIES?
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while ($info = mysql_fetch_array($check))
{
//if the cookie has the wrong password, they are taken to the login page
if ($pass != $info['password'])
{
header("Location:http://localhost/projek/home.php");
exit; // YOU SHOULD ALWAYS CALL EXIT AFTER A HEADER REDIRECT
}
//otherwise they are shown the user area
else
{
// WHAT HAPPENS IF THERE ARE NO GET PARAMS?
// AND WHAT HAPPENED TO THE QUOTES AROUND YOUR GET INDEXES?
$name = $_GET[nama];
$jawatan = $_GET[jawatan];
$no_kp = $_GET[no_kp];
$password = $_GET[password];
if (isset($_GET['update']))
{
$sql = "UPDATE users
SET
username = '$name',
jawatan = '$jawatan',
no_kp = '$no_kp',
password = '$password'
WHERE username = '$username'";
// WHERES THE ERROR CHECKING TO TELL YOU WHAT MIGHT BE GOING WRONG?
$result = mysql_query($sql);
// I WOULD TRY CHECKING mysql_affected_rows() HERE
echo "Thank You!Information Updated.\n";
// AGAIN, WHERE IS THE ERROR CHECKING?
$result=mysql_query("SELECT * FROM users WHERE username='$username'",$db);
$myrow=mysql_fetch_array($result);
}
elseif ($name = $_GET[nama])
{
// ERROR CHECKING MISSING AGAIN
$result=mysql_query("SELECT * FROM users WHERE username ='$username'",$db);
$myrow=mysql_fetch_array($result);
}
?>
<!-- I WOULD STAY AWAY FROM $PHP_SELF... MAYBE USE basename($_SERVER['SCRIPT_FILENAME']) -->
<form method="get" action="<?php echo $PHP_SELF; ?>">
<!-- TAKE NOTE THAT THE DEFAULT VALUES WILL NOT SHOW IF THERE WERE ERRORS IN THE SQL ABOVE -->
<input type="hidden" name="id" value="<?php echo $myrow["id"]; ?>">
Nama:<input type="text" name="nama" value=<?php echo $myrow["username"]; ?>><br>
Jawatan:<input type="text" name="jawatan" value=<?php echo $myrow["jawatan"]; ?>><br>
No Kad Pengenalan:<input type="text" name="no_kp" value=<?php echo $myrow["no_kp"]; ?>><br>
Katalaluan:<input type="text" name="katalaluan" value=<?php echo $myrow["password"]; ?>><br>
<input type="Submit" name="update" value="Kemaskini">
</form>
<?php
}
}
}
?>
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
note: this code does need to be escaped properly, as I have in my code above
[syntax="php"]<form method="get" action="<?php echo $PHP_SELF; ?>">
<!-- TAKE NOTE THAT THE DEFAULT VALUES WILL NOT SHOW IF THERE WERE ERRORS IN THE SQL ABOVE -->
<input type="hidden" name="id" value="<?php echo $myrow["id"]; ?>">
Nama:<input type="text" name="nama" value=<?php echo $myrow["username"]; ?>><br>
Jawatan:<input type="text" name="jawatan" value=<?php echo $myrow["jawatan"]; ?>><br>
No Kad Pengenalan:<input type="text" name="no_kp" value=<?php echo $myrow["no_kp"]; ?>><br>
Katalaluan:<input type="text" name="katalaluan" value=<?php echo $myrow["password"]; ?>><br>
<input type="Submit" name="update" value="Kemaskini">
</form>
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]