Update Database

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
User avatar
elecktricity
Forum Contributor
Posts: 128
Joined: Sun Sep 25, 2005 8:57 pm
Location: Trapped in my own little world.
Contact:

Update Database

Post by elecktricity »

Well I got this basicialy it updates the profile, this page dosnt seem to be working... im not sure why... it validates some of the data and if it all works then its 'suppose' to update your profile on the site. All the data turns out fine, but it just wont update.

profile.php

Code: Select all

<?PHP
echo '<html>';
echo '<head>';
echo '<title>Edit User Profile</title>';
echo '</head>'; 
include ('header.php');
if (empty($_COOKIE[user])) {
echo '<table width=\'627\' height=\'120\' cellpadding=\'0\' cellspacing=\'0\' border=\'0\' bgcolor=\'#4F4E4E\' class=\'cat\'>';
echo '<tr>';
echo '<td background=\'images/09.gif\' height=\'25\' class=\'title\'>Error:</td>';
echo '</tr>';
echo '<tr>';
echo '<td valign=\'top\' >';
echo 'You must be signed in to view this page.';
echo '</td>';
echo '</tr>';
echo '</table>';
}
else {
$dbh=mysql_connect ("localhost", "root", "password") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("database"); 
$query = sprintf("SELECT * FROM users WHERE username='$_COOKIE[user]' && password='$_COOKIE[pass]'",
   mysql_real_escape_string(users));
$numba = 0;
$result = mysql_query($query);

if (!$result) {
   $message  = 'Invalid query: ' . mysql_error() . "\n";
   $message .= 'Whole query: ' . $query;
   die($message);
}
$numbe = '0';
while ($row = mysql_fetch_assoc($result)) {
$puser = $row['username'];
$pemail = $row['email'];
$paim = $row['aim'];
$pmsn = $row['msn'];
$pyahoo = $row['yahoo'];
$picq = $row['icq'];
$pwebsite = $row['website'];
$pintrists = $row['intrists'];
$pjoined = $row['joindate'];
$numbe++;
}
echo '<form action=\'profile2.php\' method=\'post\'>';
echo '<table align=\'center\' width=\'627\' cellpadding=\'2\' cellspacing=\'0\' border=\'0\' class=\'cat\' bgcolor=\'#4F4E4E\'>';
echo '<tr>';
echo '<td background=\'images/09.gif\' height=\'25\' class=\'title\' bgcolor=\'#424242\'>Update Profile:</td>';
echo '<td background=\'images/09.gif\' height=\'25\' class=\'title\' bgcolor=\'#424242\'></td>';
echo '</tr>';
echo '<tr>';
echo '<td class=\'profile\' width=\'49%\'bgcolor=\'#424242\'><strong>Name:</strong></td>';
echo '<td width=\'49%\' class=\'profile2\'bgcolor=\'#424242\'><font class=\'text\'>';
echo $puser;
echo '</font></td>';
echo '</tr>';

echo '<tr>';
echo '<td class=\'profile\' width=\'49%\'><strong>Current Password:*</strong></td>';
echo '<td class=\'profile2\' width=\'49%\'><input class=\'text\' type=\'password\' name=\'currentpwd\' maxlength=\'20\' ></td>';
echo '</tr>';

echo '<tr>';
echo '<td class=\'profile\' width=\'49%\' bgcolor=\'#424242\'><strong>New Password:</strong></td>';
echo '<td class=\'profile2\' width=\'49%\' bgcolor=\'#424242\'><input class=\'text\' type=\'password\' name=\'pwd1\' maxlength=\'20\' ></td>';
echo '</tr>';


echo '<tr>';
echo '<td class=\'profile\' width=\'49%\'><strong>Repeat Password:</strong></td>';
echo '<td class=\'profile2\' width=\'49%\'><input type=\'password\' class=\'text\' name=\'pwd2\' maxlength=\'20\' ></td>';
echo '</tr>';


echo '<tr>';
echo '<td class=\'profile\' width=\'49%\' bgcolor=\'#424242\'><strong>Email:</strong></td>';
echo '<td class=\'profile2\' width=\'49%\' bgcolor=\'#424242\'><input class=\'text\' type=\'text\' name=\'uemail\' maxlength=\'30\'  value=\'';
echo $pemail;
echo '\'></td>';
echo '</tr>';


echo '<tr>';
echo '<td class=\'profile\' width=\'49%\'><strong>AIM Address:</strong></td>';
echo '<td class=\'profile2\' width=\'49%\'><input type=\'text\' class=\'text\' name=\'uaim\' maxlength=\'30\'  value=\'';
echo $paim;
echo '\'></td>';
echo '</tr>';


echo '<tr>';
echo '<td class=\'profile\' width=\'49%\' bgcolor=\'#424242\'><strong>MSN Address:</strong></td>';
echo '<td class=\'profile2\' width=\'49%\' bgcolor=\'#424242\'><input class=\'text\' type=\'text\' name=\'umsn\' maxlength=\'30\'  value=\'';
echo $pmsn;
echo '\'></td>';
echo '</tr>';


echo '<tr>';
echo '<td class=\'profile\' width=\'49%\'><strong>Yahoo Address:</strong></td>';
echo '<td class=\'profile2\' width=\'49%\'><input type=\'text\' class=\'text\' name=\'uyahoo\' maxlength=\'30\'  value=\'';
echo $pyahoo;
echo '\'></td>';
echo '</tr>';


echo '<tr>';
echo '<td class=\'profile\' width=\'49%\' bgcolor=\'#424242\'><strong>ICQ Number:</strong></td>';
echo '<td class=\'profile2\' width=\'49%\' bgcolor=\'#424242\'><input class=\'text\' type=\'text\' name=\'uicq\' maxlength=\'30\'  value=\'';
echo $picq;
echo '\'></td>';
echo '</tr>';


echo '<tr>';
echo '<td class=\'profile\' width=\'49%\'><strong>Website:</strong></td>';
echo '<td class=\'profile2\' width=\'49%\'><input class=\'text\' type=\'text\' name=\'usite\' maxlength=\'30\'  value=\'';
echo $pwebsite;
echo '\'></td>';
echo '</tr>';


echo '<tr>';
echo '<td class=\'profile\' width=\'49%\' bgcolor=\'#424242\'><strong>Intrists:</strong></td>';
echo '<td class=\'profile2\' width=\'49%\' bgcolor=\'#424242\'><textarea name=\'uintrists\' style=\'width: 300px\'  rows=\'6\' cols=\'30\' class=\'text\' maxlength=\'500\'>';
echo $pintrists;
echo '</textarea></td>';
echo '</tr>';
echo '</table>';

echo '<table align=\'center\' width=\'627\' cellpadding=\'2\' cellspacing=\'0\' border=\'0\' class=\'profile\' bgcolor=\'#4F4E4E\'>';
echo '<tr>';
echo '<td align=\'center\' background=\'images/09.gif\' height=\'25\' class=\'title\'><input class=\'text\' type=\'submit\' value=\'Update Your Profile\'></td>';
echo '</tr>';
echo '</table>';
echo '</form>';
}
include ('footer.php');
?>

profile2.php

Code: Select all

<?PHP
echo '<html>';
echo '<head>';
echo '<title>Edit User Profile</title>';
echo '</head>';
include ('header.php');
$currentpwd = $_POST['currentpwd']; 
$pwd1 = $_POST['pwd1']; 
$pwd2 = $_POST['pwd2']; 
$uemail = $_POST['uemail']; 
$uaim = $_POST['uaim']; 
$umsn = $_POST['umsn']; 
$uyahoo = $_POST['uyahoo']; 
$uicq = $_POST['uicq']; 
$usite = $_POST['usite']; 
$uintrists = $_POST['uintrists ']; 
echo '<center>';
if (empty($_COOKIE[user])) {
echo '<table width=\'627\' height=\'120\' cellpadding=\'0\' cellspacing=\'0\' border=\'0\' bgcolor=\'#4F4E4E\' class=\'cat\'>';
echo '<tr>';
echo '<td background=\'images/09.gif\' height=\'25\' class=\'title\'>Error:</td>';
echo '</tr>';
echo '<tr>';
echo '<td valign=\'top\' class=\'text\'>';
echo 'You must be signed in to view this page.';
echo '</td>';
echo '</tr>';
echo '</table>';
}
else {
echo '<table width=\'627\' height=\'120\' cellpadding=\'0\' cellspacing=\'0\' border=\'0\' bgcolor=\'#4F4E4E\' class=\'cat\'>';
echo '<tr>';
echo '<td background=\'images/09.gif\' height=\'25\' class=\'title\'>Update Profile:</td>';
echo '</tr>';
echo '<tr>';
echo '<td valign=\'top\' class=\'text\'>';

//start validate and update
$dbh=mysql_connect ("localhost", "root", "password") or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("database"); 
$query = sprintf("SELECT * FROM users WHERE username='$_COOKIE[user]' && password='$_POST[currentpwd]'",
   mysql_real_escape_string(users));
$numba = 0;
$result = mysql_query($query);

if (!$result) {
   $message  = 'Invalid query: ' . mysql_error() . "\n";
   $message .= 'Whole query: ' . $query;
   die($message);
}
$countit = '0';
$errors = '0';
while ($row = mysql_fetch_assoc($result)) {
$countit++;
//checks if passwords equal
	if($pwd1 == $pwd2) {
	echo '';
	}
	else {
	echo 'Passwords did not match<br>';
	$errors++;
	}
//validate email in right format
	list($userName, $mailDomain) = split("@", $uemail);
	if (checkdnsrr($mailDomain, "MX")) {
	echo '';
	}
	else {
	echo 'Email is not in the valid format<br>';
	$errors++;
	}
}
if ($countit == '0') {
echo 'Sorry the username and password did not match.<br>';
$errors++;
}
if ($errors == '0') {
$dbquery = mysql_query("UPDATE users SET password='$upwd', email='$uemail', aim='$uaim', msn='$umsn', yahoo='$uyahoo', icq='$uicq', website='$uweb', intrists='$uintrists'. 'WHERE username= '$_COOKIE[user]' && password='$currentpwd'");
echo 'Success: You have updated your profile.';
}
elseif ($errors == '1') {
echo 'Sorry you had a error.';
}
else {
echo 'Sorry you had ';
echo $errors;
echo ' errors.';
}

//end validate and update

echo '</td>';
echo '</tr>';
echo '</table>';
}
include ('footer.php');
?>
EDIT: I forgot to put in the first page
User avatar
elecktricity
Forum Contributor
Posts: 128
Joined: Sun Sep 25, 2005 8:57 pm
Location: Trapped in my own little world.
Contact:

Post by elecktricity »

come on somebody knows whats going on...
mickd
Forum Contributor
Posts: 397
Joined: Tue Jun 21, 2005 9:05 am
Location: Australia

Post by mickd »

just a few small things i noticed

Code: Select all

if (empty($_COOKIE[user])) {
user should be in quotes '

also i never used sprintf before but are you sure you are using it right?

Code: Select all

$query = sprintf("SELECT * FROM users WHERE username='$_COOKIE[user]' && password='$_COOKIE[pass]'", 
   mysql_real_escape_string(users));
that doesnt appear to be how the manual uses it

sprintf

EDIT:

Code: Select all

$dbquery = mysql_query("UPDATE users SET password='$upwd', email='$uemail', aim='$uaim', msn='$umsn', yahoo='$uyahoo', icq='$uicq', website='$uweb', intrists='$uintrists'. 'WHERE username= '$_COOKIE[user]' && password='$currentpwd'");
whats the . ' after intrists='$uintrists'?
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

Code: Select all

$query = sprintf("SELECT * FROM users WHERE username='$_COOKIE[user]' && password='$_COOKIE[pass]'",
   mysql_real_escape_string(users));
More specifically should be

Code: Select all

mysql_real_escape_string($users));
Secondly, wherein is $users coming from?

And as mentioned erlier, your not using even sprintf correctly, read the documentation.
And quote your indices!
User avatar
elecktricity
Forum Contributor
Posts: 128
Joined: Sun Sep 25, 2005 8:57 pm
Location: Trapped in my own little world.
Contact:

Post by elecktricity »

Thanks for the help worked through my errors, it works great now.
Post Reply