while I was trying to make a login system, I got this error:
Impossibile interrogare il database No such file or directory
The PHP process code is this:
<?php
session_start();
include('db-conn-dashboard.php');
$nomeutente = $_POST['nomeutente'];
$password = $_POST['password'];
$nomeutente = stripcslashes($nomeutente);
$password = stripcslashes($password);
$nomeutente = mysql_real_escape_string($nomeutente);
$password = mysql_real_escape_string($password);
$result = mysql_query("SELECT * FROM profili WHERE nomeutente = '$nomeutente' and password = '$password'")
or die("Impossibile interrogare il database ".mysql_error());
$row = mysql_fetch_array($result);
if($row['nomeutente'] == $nomeutente && $row['password'] == $password){
$_SESSION['login_user1'] = "autorizzato1";
$_SESSION['autorizzato'] = 1;
header('location: ../pages/home.php');
} else {
echo '<script type="text/javascript">alert("Nome utente o password errati. Riprova.")
window.location= "../pages/login.php"</script>';
}
?>
And the form is this:
<form role="form" action="../php/processo-accesso.php" method="POST">
<fieldset>
<div class="form-group">
<input class="form-control" placeholder=" Nome utente" name="nomeutente" type="text" style="font-family: fontawesome, arial;" onkeyup="this.value = this.value.toUpperCase();" required>
</div>
<div class="form-group">
<input class="form-control" placeholder=" Password" style="font-family: fontawesome, arial;" name="password" type="password" required>
</div>
<input type="submit" name="accedi" class="btn btn-primary" value="Accedi" style="width: 100%;">
</fieldset>
</form>
Try this
$sql= mysql_query("SELECT * FROM profili WHERE nomeutente = '$nomeutente' and password = '$password'")
or die("Impossibile interrogare il database ".mysql_error());
$result=mysql_query($sql);
$row=mysql_fetch_array($result);
Related
Here is my form, it send POST to loginuser.php it have drop-down list which was read users from database.
<form action="loginuser.php" method="POST">
<div class="form-group">
<select name="userList">
<option> - - - </option>
<?php
include 'db.php';
$sql = "SELECT username FROM dbusers";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
echo "<option>" . $row["username"]. "</option>";
}
}
?>
</select>
</div>
<div class="form-group">
<input name "password" type="password" class="form-control" id="inputPassword">
</div>
<div class="form-group">
<button type="submit" class="btn btn-info btn-sm btn-block">Login</button>
</div>
</form>
And this is my loginuser.php - when i push the Login button it send me to localhost/loginuser.php but it show "TEST-FALSE"
<?php
session_start();
require('db.php');
if (isset($_POST['username']) and isset($_POST['password'])){
echo "TEST - GOOD";
$username = $_POST['username'];
$password = $_POST['password'];
$query = "SELECT * FROM `dbusers` WHERE username='$username' and password='$password'";
$result = mysqli_query($conn, $query) or die(mysqli_error($conn));
$count = mysqli_num_rows($result);
if ($count == 1){
$_SESSION['username'] = $username;
}else{
$fmsg = "Invalid Login Credentials.";
}
}
if (isset($_SESSION['username'])){
$username = $_SESSION['username'];
echo "Succes";
}else{
echo "TEST - FALSE";
}
?>
Also, my connection in db.php work because script on form show users correctly.
I changed some pass values in select drop down in your front end like and i dont know name=password is typo error or not :
<form action="loginuser.php" method="POST">
<div class="form-group">
<select name="userList">
<option> - - - </option>
<?php
include 'db.php';
$sql = "SELECT username FROM dbusers";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
echo "<option value='".$row["username"]."'>" . $row["username"]. "</option>";
}
}
?>
</select>
</div>
<div class="form-group">
<input name="password" type="password" class="form-control" id="inputPassword">
</div>
<div class="form-group">
<button type="submit" class="btn btn-info btn-sm btn-block">Login</button>
</div>
and your php code is like:
<?php
session_start();
require('db.php');
if (isset($_POST['userList']) && isset($_POST['password'])){
echo "TEST - GOOD";
$username = $_POST['userList'];
$password = $_POST['password'];
$query = "SELECT * FROM `dbusers` WHERE username='$username' and password='$password'";
$result = mysqli_query($conn, $query) or die(mysqli_error($conn));
$count = mysqli_num_rows($result);
if ($count == 1){
$_SESSION['username'] = $username;
}else{
$fmsg = "Invalid Login Credentials.";
}
}
if (isset($_SESSION['username'])){
$username = $_SESSION['username'];
echo "Succes";
}else{
echo "TEST - FALSE";
}
?>
Note: Please avoid the sql injection try to use PDO.,
You wrote this
<div class="form-group"> <input name "password" type="password" class="form-control" id="inputPassword"> </div>
Correct with this
<div class="form-group"> <input name="password" type="password" class="form-control" id="inputPassword"> </div>
name="password" (=) missing
I want to create login page. First, I get username and password from login.html and send them to login.php to check its available or not. But it always give errors and I cannot solve that
Login.html
<form action="login.php" method="post">
<div class="containerLogin">
<label><b>Username</b></label>
<input type="text" placeholder="Enter Username"name="username" required>
<label><b>Password</b></label>
<input type="password" placeholder="Enter Password" name="password" required>
</div>
<div class="containerLogin" style="background-color:#f1f1f1">
<input type="submit" name="submit" value="submit" class="btn btn-primary">
<span class="password">Forgot password?</span>
</div>
</form>
login.php
<?php
include_once "connection.php";
if (isset($_POST['submit'])) {
session_start();
if($_POST['username'] && $_POST['password']) {
$username = $_POST['username'];
$password = $_POST['password'];
$query = mysqli_query("SELECT * FROM studenttable WHERE username='$username' and password='$password'");
$res = mysqli_query($con, $query);
$count_user = mysqli_num_rows($res);
if($count_user==1)
{
$row = mysqli_fetch_array($res);
$_SESSION['username'] = $row['username'];
$_SESSION['password'] = $row['password'];
header("location:dashboard.php?success=1");
}else{
$error = 'Incorrect Username, Password and Branch.';
}
}
}
?>
ERRORS
login.php
The $query variable should not be a mysqli_query, but a string, since you can't pass a query as a parameter to another query. Replace that line (24) with this:
$query = "SELECT * FROM studenttable WHERE username='$username' and password='$password'";
I design a log in page and i want to match the username and password with saved data from database and open the dashboard page here is my html code.
> <form class="m-t" role="form" method="post" action="dashboard_4.html">
> <div class="form-group">
> <input type="email" class="form-control" placeholder="Username" class="form-control" required=""
> name="logemail">
> </div>
> <div class="form-group">
> <input type="password" class="form-control" placeholder="Password" class="form-control" required=""
> name="logpass">
> </div>
> <button type="submit" class="btn btn-primary block full-width m-b" id="login" name ="submit">Login</button>
>
> <small>Forgot password?</small>
> <p class="text-muted text-center"><small>Do not have an account?</small></p>
> <a class="btn btn-sm btn-white btn-block" href="register.html">Create an account</a>
> </form>
and here is my php code:
<?php
$servername = "localhost";
$username = "sehnoqta_userbmc";
$password = "u?gQ=uS%t;a?";
$dbname = "sehnoqta_bmc";
if(isset($_POST['submit']))
{
$username = $_POST['logemail'];
$password = $_POST['logpass'];
$con=mysqli_connect("localhost","sehnoqta_userbmc","?gQ=uS%t;a?","rsehnoqta_bmc");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$qz = "SELECT * FROM regis where email1='".$username."' and password3='".$password."'" ;
$qz = str_replace("\'","",$qz);
$result = mysqli_query($con,$qz);
$row = mysqli_num_rows($result);
if($row == 1)
{
header("location:new_page.php");
exit();
}
mysqli_close($con);
}
?>
but it open the page even i type the username and password incorrect, is there any problem with my code or any....
You are using different variables to your connection. Use same username and passwords, otherwise you will have access denied. I just removed your css and simplified few things. (note: this is a solution for the mentioned question with its code provided. It is not a solution for data expose and security reasons)
File: login.php
<html>
<head>
<meta charset="utf-8">
<title>LogIn.php</title>
</head>
<body align="center">
<form name="form" method="post" action="dashboard_4.php">
<div >
<input type="email" placeholder="Username" name="logemail">
</div>
<div >
<input type="password" placeholder="Password" name="logpass">
</div>
<button type="submit" id="login" name ="submit">Login</button>
<a ><small>Forgot password?</small></a>
<p ><small>Do not have an account?</small></p>
<a >Create an account</a>
</form>
</body>
</html>
File dashboard_4.php
<?php
$servername = "localhost";
$username = "sehnoqta_userbmc";
$password = "u?gQ=uS%t;a?";
$dbname = "sehnoqta_bmc";
$con = mysqli_connect("localhost","sehnoqta_userbmc","u?gQ=uS%t;a?","sehnoqta_bmc");
// Check connection
if (mysqli_connect_errno()){
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
if(isset($_POST['submit'])){
$username = $_POST['logemail'];
$password = $_POST['logpass'];
$qz = "SELECT * FROM regis WHERE email1='$username' and password3='$password' ";
//echo $qz."<br/>";
$result = mysqli_query($con,$qz);
//$temp=mysqli_fetch_assoc($result);
//echo $temp['email1']." ".$temp['password3'];;
$row = mysqli_num_rows($result);
if($row == 1){
header("location:new_page.php");
exit();
}//else {echo "no record combination";}
mysqli_close($con);
}
?>
why dont you try:
<?php
$servername = "localhost";
$username = "sehnoqta_userbmc";
$password = "u?gQ=uS%t;a?";
$dbname = "sehnoqta_bmc";
if(isset($_POST['submit']))
{
$username = htmlspecialchars($_POST['logemail']);
$password = htmlspecialchars ($_POST['logpass']);
$con=mysqli_connect("localhost","sehnoqta_userbmc","?gQ=uS%t;a?","rsehnoqta_bmc");
// Check connection
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$username = mysqli_real_escape_string($con , $username);
$password = mysqli_real_escape_string($con , $password);
$qz = "SELECT * FROM `regis` where `email1` = '$username' and `password3` ='$password'" ;
$result = mysqli_query($con,$qz);
$row = mysqli_num_rows($result);
if($row == 1)
{
header("location:new_page.php");
exit();
}
mysqli_close($con);
}
?>
I have been trying to create a greeting after a user logs in that says "Welcome, first name (dynamic)." so when the user logs in they are greeted with their name. For some reasont it has not been working out. I am new at php so this may be a simple error. Any assist or advice would be useful. Thanks.
main code
session_start();
$mysql_hostname = 'localhost';
$mysql_user = 'username';
$mysql_password = 'password';
$mysql_database = 'db_users2015';
$connect = mysql_connect($mysql_hostname, $mysql_user, $mysql_password)
or die ("Couldn't connect");
echo "<BR>Connection Successful";
//to put data into database
//select database
$db_selected= mysql_select_db($mysql_database, $connect)
or die ("Couldn't connect to the database");
//frontend and backend data processing
$email= $_POST['email'];
$password= $_POST['password'];
//To see if email is registered
$sql = "SELECT COUNT(*) FROM users WHERE email= '{$_POST['email']}'";
$sql_result = mysql_query($sql);
if (mysql_result($sql_result, 0)<1)
{
die("<BR>Email address not found");
}
else{
echo "Login Successful!";
}
//To check if email and password match
$sql = "SELECT count(*) FROM users WHERE email = '$email' AND
password ='$password' LIMIT 1";
$result = mysql_query($sql) or die(mysql_error());
$firstname = $_SESSION['firstname'];
$_SESSION['firstname']= $_POST['firstname'];
if (mysql_result($result, 0) > 0){
echo "<BR>Login Successful, welcome";
echo $_SESSION['firstname'];
}
if (mysql_result($result, 0) < 1){
echo 'wrong password/username combo';
}
?>
<HTML>
<HEAD>
<TITLE> Programming</TITLE>
<link rel="stylesheet" href="http://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css">
<LINK REL="stylesheet" TYPE="text/css" href="homework2.css">
</HEAD>
<BODY>
<!-- CSS for http://the7.dream-demo.com/ -->
<div id="container">
<div id="header">
<div class="menuitem"> Home </div>
<div class="menuitem">Products</div>
<div class="menuitem">Case Studies</div>
<div class="menuitem">Pricing</div>
<div class="menuitem">About Us</div>
</div>
<div id="bodycontent">
<div id="banner">
<div id="bannerleft"> <h1> We make you better athletes. Find out how! </h1> </div>
<div id="signin">
<form class="well form-inline" action="login.php" method="post">
<input type="text" class="input-small" placeholder="Email" name="email" >
<input type="password" class="input-small" placeholder="Password" name="password">
<br><br>
<!--
If you do not want to use twitter bootstrap css then you should uncomment next 6 lines and uncomment the
above 2 lines that provide input boxes
<label for="email">Email:</label>
<input type="text" name="email" id="email">
<br>
<label for="password">Password:</label>
<input type="password" name="password" id="password">
<br>
-->
<input type="submit" name="submit" id="logmein" value="Log In">
</form>
</div>
</div>
<div id="featurestrip">
<div id="signup">
<form action="signup.php" method="post">
<label for="firstname">Firstname:</label>
<input type="text" name="signup-firstname" id="signup-firstname">
<br>
<label for="lastname">Lastname:</label>
<input type="text" name="signup-lastname" id="signup-lastname">
<br>
<label for="email">Email: </label>
<input type="text" name="signup-email" id="signup-email">
<br>
<label for="password">Password:</label>
<input type="password" name="signup-password" id="signup-password">
<br>
<label for="password">Reconfirm Password:</label>
<input type="password" name="signup-repassword" id="signup-repassword">
<br><br>
<input type="submit" name="signmeup" id="signmeup" value="Sign Me Up!">
</form>
</div>
<div id="featureright"> <p>Sign up and find out more on how we can help. Pricing starts at $19.95 a month. </p>
<p><h3>Premium service starts at $49.95.</h3></p>
</div>
</div>
<div id="corefeatures">
<img height="200px" src="http://www.hockeymanitoba.ca/wp-content/uploads/2013/02/ltad-model.jpg">
</div>
<div id="testimonials"> Testimonial
<img height="200px" src="http://www.neuroexplosion.com/storage/development%20model%20jpeg.jpg?__SQUARESPACE_CACHEVERSION=1305662626397">
<img height="200px" src="http://www.phecanada.ca/sites/default/files/physical_literacy/LTAD_FMS.jpg">
</div>
<!--
<div id="portfolio"> Portfolio</div>
<div id="skills"> Skills</div>
-->
</div>
<div id="footer">Copyright Notice. All Rights Reserved. 2014</div>
</div>
</BODY>
</HTML>
2nd php code edit
<?php
session_start();
$mysql_hostname = 'localhost';
$mysql_user = 'username';
$mysql_password = 'password';
$mysql_database = 'db_users2015';
$connect = mysql_connect($mysql_hostname, $mysql_user, $mysql_password)
or die ("Couldn't connect");
echo "<BR>Connection Successful";
//to put data into database
//select database
$db_selected= mysql_select_db($mysql_database, $connect)
or die ("Couldn't connect to the database");
//frontend and backend data processing
$email= $_POST['email'];
$password= $_POST['password'];
//To see if email is registered
$sql = "SELECT COUNT(*) FROM users WHERE email= '{$_POST['email']}'";
$sql_result = mysql_query($sql);
if (mysql_result($sql_result, 0)<1)
{
die("<BR>Email address not found");
}
else{
echo "Login Successful!";
}
//To check if email and password match
$sql = "SELECT(*) FROM users WHERE email = '$email' AND
password ='$password' LIMIT 1";
$userdata = mysql_fetch_assoc($result);
$result = mysql_query($sql) or die(mysql_error());
$firstname = $_POST['firstname'];
$_SESSION['firstname]' = $userdata['firstname'];
if (mysql_result($result, 0) > 0){
echo "<BR>Login Successful, welcome";
echo $firstname;
}
if (mysql_result($result, 0) < 1){
echo 'wrong password/username combo';
}
?>
under //To check if email and password match
put this:
$result = mysql_query("SELECT * FROM users WHERE email = '$email' AND
password ='$password' LIMIT 1");
if(mysql_num_rows($result) > 0){
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$firstname = $row["firstname"];
echo "<BR>Login Successful, welcome";
echo $firstname;
}else{
echo 'wrong password/username combo';
}
Problem is Been here
$firstname = $_SESSION['firstname'];
$_SESSION['firstname']= $_POST['firstname'];
You are Trying to get First Name from login page html form. but i don't remember if any login page ever have First name field. so you should get first name from database and put it in $_SESSION['firstname']
Hope to be clear enough. :)
To get data out of database
Change this
SELECT count(*) FROM users WHERE email = '$email' AND password ='$password' LIMIT 1
To This
SELECT * FROM users WHERE email = '$email' AND password ='$password' LIMIT 1
$userdata = mysql_fetch_assoc($result);
$_SESSION['firstname'] = $userdata['firstname'];
This will do the trick
the place where you set your firstname should be changed with this
$row = mysql_fetch_array($result, MYSQL_ASSOC);
$_SESSION['firstname']= $row['firstname'];
set firstname by fetching results from database because $_POST['firstname'] does not exists in your page.
Thanks.
I am building a three part signup system using sessions. The first part is on the homepage, there is a login here called form1 and a signup called form2. This question is about signup form2. In form2 the user inserts email and password into the DB table, and the iduser is created auto automatically. A sessions is created, this part works fine. In signup_part2.php using sessions I echo out the iduser and email to prove that the info was inserted into the database. Then in signup_part2.php there is a second form, however when I hit submit nothing is inserted into the database table into those user's fields. How can I insert data into the DB table during a user's session?
home.php
<?php
session_start();
require('connect.php');
require('header.php');
$form1 = <<<EOT
<div id="homebox1">
<div id="logohome">
<h2>Welcome</h2></br>
</div>
<div id="homecolumn1">
<p>Login</p></br>
<form id="login" action="home.php" method="POST">
<input name="emaillogin" placeholder="email" type="email" rows="20"> </input></br>
<input name="passwordlogin" placeholder="password" type="password" rows="20"> </input></br>
<input type="submit" name="submita" value="Log In"> </input>
</form>
</div>
EOT;
$form2 = <<<EOT
<div id="homecolumn2">
<p>Sign Up</p></br>
<form id="signuppart1" action="home.php" method="post">
<input name="signupemail" placeholder="email" type="email" rows="20" required> </input></br>
<input pattern="(?=^.{8,50}$)((?=.*\d)|(?=.*\W+))(?![.\n])(?=.*[A-Z])(?=.*[a-z]).*$" name="signuppassword" placeholder="password" type="password" rows="20" required> </input></br>
<input name="submitb" type="submit" value="Sign Up"> </input>
</form>
</div>
EOT;
$footer = <<<EOT
<div id="footerhome1">
</div>
</div>
EOT;
/*-------------------------------------form1----------------------------------------*/
if(isset($_POST['submita'])){
$email = mysql_escape_string($_POST['emaillogin']);
$pass = mysql_escape_string($_POST['passwordlogin']);
$salt = '458mn$8n#bty67mg%563!&78fj^543*41s';
$pass = md5($pass . $salt);
$sql = mysql_query ("SELECT * FROM `profile` WHERE `email` = '$email' AND `password`= '$pass' ");
if(mysql_num_rows($sql) > 0){
// ADDITIONAL CODE //pull userdata from db
while($row = mysql_fetch_array($sql)){
$_SESSION['logged_in']['fnlname'] = $row['fnlname'];
$_SESSION['logged_in']['username'] = $row['username'];
$_SESSION['logged_in']['gender'] = $row['gender'];
}
// END ADDITIONAL CODE
header('location: profile.php');
}else{
echo <<<EOT
<div id="homebox1">
<div id="logohome">
<h2>Welcome</h2></br>
</div>
<div id="homecolumn1">
<p>Login</p></br>
<form id="login" action="home.php" method="POST">
<input name="emaillogin" placeholder="email" type="email" rows="20"> </input></br>
<input name="passwordlogin" placeholder="password" type="password" rows="20"> </input></br>
<input type="submit" name="submita" value="Log In"> </input>
<p style="color:red;">"Wrong password or username"</p>
</form>
</div>
EOT;
}
}else{
echo $form1;
}
/*-------------------------------------form2----------------------------------------*/
if(isset($_POST['submitb'])){
//perform verification
$email1 = $_POST['signupemail'];
$pass1 = $_POST['signuppassword'];
if ($pass1 == NULL){
echo <<<EOT
<p style="color:red;">"Enter a password"</p>
EOT;
exit();
}
$email1 = mysql_escape_string($email1);
$password = mysql_escape_string($pass1);
$salt = 'justasalt';
$password = md5($password . $salt);
$sql2 = mysql_query("SELECT * FROM `profile` WHERE `email` = '$email1' ");
if(mysql_num_rows($sql2) > 0){
echo $form2;
echo <<<EOT
<p style="color:red;">"Sorry, that email already exists!"</p>
EOT;
exit();
}
else{
mysql_query("INSERT INTO `profile` (`iduser`, `password`, `email`)VALUES(NULL, '$password', '$email1')");
$sql = mysql_query ("SELECT * FROM `profile` WHERE `email` = '$email1' AND `password`= '$password' ");
if(mysql_num_rows($sql) > 0){
// ADDITIONAL CODE //pull userdata from db
while($row = mysql_fetch_array($sql)){
$_SESSION['logged_in']['iduser'] = $row['iduser'];
$_SESSION['logged_in']['fnlname'] = $row['fnlname'];
$_SESSION['logged_in']['username'] = $row['username'];
$_SESSION['logged_in']['gender'] = $row['gender'];
$_SESSION['logged_in']['location'] = $row['location'];
$_SESSION['logged_in']['website'] = $row['website'];
$_SESSION['logged_in']['age'] = $row['age'];
$_SESSION['logged_in']['joined'] = $row['joined'];
$_SESSION['logged_in']['email'] = $row['email'];
}
header("location: signup_part2.php");
}
}
}
else{
echo $form2;
}
?>
signup_part2.php
<?php
session_start();
include "connect.php";
include "header.php";
$iduser=$_SESSION['logged_in']['iduser'];
$sql = mysql_query("SELECT * FROM `profile` WHERE `iduser` = '$iduser' ");
while($row = mysql_fetch_array($sql)){
$iduser = $row['iduser'];
$password = $row['password'];
$email = $row['email'];
$fnlname = $row['fnlname'];
$username = $row['username'];
$joineddate = $row['joineddate'];
$gender = $row['gender'];
$age = $row['age'];
$location = $row['location'];
$website = $row['website'];
}
echo "$iduser $password $email";
$form1 = <<<EOT
<div id="homebox1">
<div id="logohome">
<h2>Welcome</h2></br>
</div>
<div id="signupcolumn1">
<p>Please fillout your info</p>
<form id="signup2" action="signup_part2.php" method="POST">
<p><input name="fnlname" placeholder="First and Last Name" type="text" size="50" required>*</br>
<input name="username" placeholder="Username" type="text" size="50" required>*</br>
<input name="age" placeholder="Your Age" type="" size="50" required>*</br></p>
<p><input style="text-align:left;" type="radio" name="gender" value="male"/>Male</br>
<input style="text-align:left;" type="radio" name="gender" value="female"/>Female</br>
<input style="text-align:left;" type="radio" name="gender" value="blank"/>Leave Blank</br></p>
<p><input name="location" placeholder="Location" type="" size="50" >Opt.</br>
<input name="website" placeholder="Website" type="" size="50">Opt. </br></p>
<input name="joineddate" placeholder="joineddate" type="hidden" size="50">
<input type="submit" name="submita" value="Next">
</div>
</form>
EOT;
if(isset($_POST['submita'])){
//perform verification
$fnlname = $_POST['fnlname'];
$username = $_POST['username'];
$age = $_POST['age'];
$gender = $_POST['gender'];
$location = $_POST['location'];
$website = $_POST['website'];
$joineddate = $_POST['joineddate'];
$iduser=$_SESSION['logged_in']['iduser'];
/*$fnlname = mysql_escape_string($fnlname);
$username = mysql_escape_string($username);
$age = mysql_escape_string($age);
$gender = mysql_escape_string($gender);
$location = mysql_escape_string($location);
$website = mysql_escape_string($website); */
$sql1 = mysql_query("SELECT * FROM `profile` WHERE `username` = '$username' ");
if(mysql_num_rows($sql1) > 0){
echo "Sorry, that username already exists!";
}else{
mysql_query("UPDATE profile SET fnlname='$fnlname' joineddate='$joineddate' gender='$gender' age='$age' location='$location' website='$website' WHERE iduser=$iduser ");
}
}else{
echo $form1;
}
?>
Found my mistake
if(isset($_POST['submit']))
should be
if(isset($_POST['submita']))