Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Edit Profile page 1

Status
Not open for further replies.
redzonne

redzonne

Programmer
Feb 20, 2005
27
US
Does anyboby know how to put together a user profile edit script.

I inserted the below code. It doesn't actually update the database though. I think I'm missing a piece.

PHP: 
:
mysql_select_db('realest1_proppost');
  $query2 = "UPDATE customerindex SET cfirstname='$cfirstname', clastname='$clastname', cmidinitial='$cmidinitial', cstaddress='$cstaddress', cunitnum='$cunitnum', ccity='$ccity', czip='$czip', cphone='$cphone', cfax='$cfax', cemail='$cemail' WHERE login='$login', $db";
  $result2 = mysql_query($query2);
  if ($result2)
     echo '<span class=p2><b>Profile Successful</b></span><br /><br />';
     echo '<span class=psparkblu12><b>';
     echo $myrow["login"];
     echo '</b> You have successful updated your user profile for your property posting account</span><br /><br />';
     echo '<a class=pmidblu href="proppost_controlpanel.php">Click here to return to Property Post Control Panel</br></a>';

www.realestatenetfind.com/edit_ownersignup.phps

www.realestatenetfind.com/edit_ownersignup_insert.phps

The Journey of a Thousand Miles Begins with the First Step...
 
Sort by date Sort by votes
There is an extra $db in your query variable ie $query2
Code: 
mysql_select_db('realest1_proppost');
  $query2 = "UPDATE customerindex SET cfirstname='$cfirstname', clastname='$clastname', cmidinitial='$cmidinitial', cstaddress='$cstaddress', cunitnum='$cunitnum', ccity='$ccity', czip='$czip', cphone='$cphone', cfax='$cfax', cemail='$cemail' WHERE login='$login'";// remove $db
  $result2 = mysql_query($query2);
  if ( mysql_affected_rows() > 0 ) { 
     echo '<span class=p2><b>Profile Successful</b></span><br /><br />';
     echo '<span class=psparkblu12><b>';
     echo $myrow["login"];
     echo '</b> You have successful updated your user profile for your property posting account</span><br /><br />';
     echo '<a class=pmidblu href="proppost_controlpanel.php">Click here to return to Property Post Control Panel</br></a>';
	}

--------------------------------------------------------------------------
I never set a goal because u never know whats going to happen tommorow.
 
Upvote 0 Downvote
I however dont like your WHERE clause, as I think it should be based on an unique ID! (user_id), not the login!

Also, you have no securing of variables, with mysql_real_escape_string(), trim(), striptags()...

Look those functions up on
As always:
Olav Alexander Mjelde
Admin & Webmaster
 
Upvote 0 Downvote
The extra $db was the problem. It works now.

PHP: 
mysql_select_db('realest1_proppost');
  $query2 = "UPDATE customerindex SET cfirstname='$cfirstname', clastname='$clastname', cmidinitial='$cmidinitial', cstaddress='$cstaddress', cunitnum='$cunitnum', ccity='$ccity', czip='$czip', cphone='$cphone', cfax='$cfax', cemail='$cemail' WHERE login='$login'";
  $result2 = mysql_query($query2) or die(mysql_error());

if ($result2)
{
     echo '<span class=p2><b>Profile Updated</b></span><br /><br />';
     echo '<span class=psparkblu12><b>';
     echo $myrow["login"];
     echo '</b> You have successful updated your user profile for your property posting account</span><br /><br />';
     echo '<a class=pmidblu href="proppost_controlpanel.php">Click here to return to Property Post Control Panel</br></a>';
}

The Journey of a Thousand Miles Begins with the First Step...
 
Upvote 0 Downvote
My WHERE clause is based on my Login because I have code on the signup page that forces all logins selected by users to be unique.

PHP: 
  $query3 = "SELECT login FROM customerindex";
  $result3 = mysql_query($query3);
  while ($row=mysql_fetch_assoc($result3)) { 
  if ($login == $row['login']) { 
  $uniquelogin = "false"; } 
  } 
  if ($uniquelogin != "false") { 
  //do nothin continue 
  } 
  else { 
  echo '<span class=psparkred12>Your chosen login, <b>';
  echo $login; 
  echo '</b> is already taken - please go back and try again</span>'; 
  exit;
  }

What do you think? Was whether the variable that the WHERE clause was based on unique, your concern?

What are securing variables? What would be the benefit of having sceuring variables in this instance be?

The Journey of a Thousand Miles Begins with the First Step...
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

c0deM0nK424
  • Locked
  • Question
Gutenberg Block Editor - page edits and updates not working since wp site migration
Replies
1
Views
403
spamjim
spamjim
chrisjchrisj
  • Locked
  • Question
Can you tell me if this file outputs a subcategory page?
Replies
3
Views
114
spamjim
spamjim
dball63
  • Locked
  • Question
Noob Needs some help making HTML edits on PHP page
Replies
6
Views
168
spamjim
spamjim
thep1
  • Locked
  • Question
fetch data in wordpress page resulting in page not found 1
Replies
5
Views
131
thep1
thep1
Brianfree
  • Locked
  • Question
Convert page to xml file
Replies
0
Views
57
Brianfree
Brianfree

Part and Inventory Search

Sponsor

Back
Top