Can someone find the problem?
It doesn't give any errors, but new rows don't appear in the database and I don't know the problem is.
if (isset( $_REQUEST['signupnbtn'] ) ) {
$age = mysqli_real_escape_string($con,$_REQUEST['ageinput']);
$discord = mysqli_real_escape_string($con,$_REQUEST['discordinput']);
$email = mysqli_real_escape_string($con,$_REQUEST['emailinput']);
$tmp = mysqli_real_escape_string($con,$_REQUEST['tmpinput']);
$steam = mysqli_real_escape_string($con,$_REQUEST['steaminput']);
$datum = date("d-m-Y");
$errorcode = 0;
$q = "INSERT INTO `admissions` (age, discord, email, tmp, steam, datum)
VALUES ('$age', '$discord', '$email', '$tmp', '$steam', '$datum')";
$query2 = "SELECT email FROM `admissions` WHERE email='$email'";
$sql = mysqli_query($con,$query2);
$countrows = mysqli_num_rows($sql);
if($countrows >= 1){
$errorcode = 1;
}else {
$result = mysqli_query($con,$q);
}
if ($result) {
$errorcode = 4;
}
}
$q = "INSERT INTO admissions (age, discord, email, tmp, steam, datum) VALUES ('$age', '$discord', '$email', '$tmp', '$steam', '$datum')";
Problem solved, the date should be in "Y-m-d" format instead of "d-m-Y" as below:
if (isset( $_REQUEST['signupnbtn'] ) ) {
$age = mysqli_real_escape_string($con,$_REQUEST['ageinput']);
$discord = mysqli_real_escape_string($con,$_REQUEST['discordinput']);
$email = mysqli_real_escape_string($con,$_REQUEST['emailinput']);
$tmp = mysqli_real_escape_string($con,$_REQUEST['tmpinput']);
$steam = mysqli_real_escape_string($con,$_REQUEST['steaminput']);
$datum = date("Y-m-d");
$errorcode = 0;
$q = "INSERT INTO `admissions` (age, discord, email, tmp, steam, datum)
VALUES ('$age', '$discord', '$email', '$tmp', '$steam', '$datum')";
$query2 = "SELECT email FROM `admissions` WHERE email='$email'";
$sql = mysqli_query($con,$query2);
$countrows = mysqli_num_rows($sql);
if($countrows >= 1){
$errorcode = 1;
}else {
$result = mysqli_query($con,$q);
}
if ($result) {
$errorcode = 4;
}
}
Related
Is there a better way to do these queries?
I call these functions from an other php to get data back to my Android Application in JSON.
But I feel that this code is "dirty".
This code works. But can there be issues if there are many user requests? I want to keep all the stuff fast an slim for following stuff. Now there are about 100 people running this app. Everything is ok now. But how it will be if there are more?
<?php require_once("db_connection.php");?>
<?php
define('TIMEZONE', 'Europe/Paris');
date_default_timezone_set(TIMEZONE);
function storeUser($email, $password, $uuid, $name){
global $connection;
$date = date("Y-m-d H:i:s");
$query = "SELECT * FROM treuepass_users_all WHERE email ='{$email}'";
$res = mysqli_query($connection, $query);
$num = mysqli_num_rows($res);
if ($num == 0)
{
$query = "SELECT * FROM treuepass_users_all WHERE uuid ='{$uuid}'";
$res = mysqli_query($connection, $query);
$num = mysqli_num_rows($res);
if ($num > 0)
{
$query2 = "UPDATE treuepass_users_all SET email = '{$email}', password = '{$password}', name = '{$name}' WHERE uuid ='{$uuid}'";
$res2 = mysqli_query($connection, $query2);
return $res2;
mysqli_close($connection);
}
else //////Wenn sich HANDY das erste mal anmeldet
$query = "INSERT INTO treuepass_users_all (uuid, dateofregister, email, password, name) VALUES ('{$uuid}', '{$date}', '{$email}', '{$password}', '{$name}')";
$res = mysqli_query($connection, $query);
$query2 = "UPDATE treuepass_users_all SET lastlogin = '{$date}', logincounter = logincounter +1 WHERE uuid ='{$uuid}'";
$res2 = mysqli_query($connection, $query2);
return $res2;
mysqli_close($connection);
}else{
return false;
}
}
function getUserByUsernameAndPassword($email, $password, $uuid){
$date = date("Y-m-d H:i:s");
global $connection;
$query1 = "UPDATE treuepass_users_all SET uuid = '{$uuid}', lastlogin = '{$date}', logincounter = logincounter +1 WHERE email = '{$email}' AND password = '{$password}'";
$user1 = mysqli_query($connection, $query1);
$query2 = "SELECT * FROM treuepass_users_all WHERE email = '{$email}' AND password = '{$password}'";
$user2 = mysqli_query($connection, $query2);
if($user2){
while ($res = mysqli_fetch_assoc($user2)){
return $res;
}
}
else{
return false;
}
mysqli_close($connection);
}
function getUserByUUID($uuid){
global $connection;
//////Wenn UUID bereits Vorhanden
$date = date("Y-m-d H:i:s");
$query2 = "UPDATE treuepass_users_all SET lastlogin = '{$date}', logincounter = logincounter +1 WHERE uuid ='{$uuid}'";
$res2 = mysqli_query($connection, $query2);
$query = "SELECT * FROM treuepass_users_all WHERE uuid ='{$uuid}'";
$res = mysqli_query($connection, $query);
$num = mysqli_num_rows($res);
if ($num > 0)
{
while ($dsatz = mysqli_fetch_assoc($res))
return $dsatz;
mysqli_close($connection);
}
else //////Wenn sich HANDY das erste mal anmeldet
$query = "INSERT INTO treuepass_users_all (uuid, dateofregister, lastlogin, logincounter) VALUES ('{$uuid}', '{$date}', '{$date}', '1')";
$res = mysqli_query($connection, $query);
$query3 = "SELECT * FROM treuepass_users_all WHERE uuid ='{$uuid}'";
$res3 = mysqli_query($connection, $query3);
if($res3){
while ($res = mysqli_fetch_assoc($res3)){
return $res;
}
}
else{
return false;
}
mysqli_close($connection);
}
function getUpdateUserDataLocation($locationid, $id, $stampcard1counter, $stampcard1stampsnow, $stampcard1redeemed, $stampcard2counter, $stampcard2stampsnow, $stampcard2redeemed, $stampcard3counter, $stampcard3stampsnow, $stampcard3redeemed, $vouchercounter, $vouchernow, $voucherredeemed){
global $connection;
$date = date("Y-m-d H:i:s");
$locationtable5 = "treuepass_history_$locationid";
$query5 = "INSERT INTO $locationtable5 (uuid, date, time, stampcard1counter, stampcard1redeemed, stampcard2counter, stampcard2redeemed, stampcard3counter, stampcard3redeemed, voucherredeemed)
VALUES ('$id', '$date', '$date', '$stampcard1counter','$stampcard1redeemed', '$stampcard2counter','$stampcard2redeemed', '$stampcard3counter','$stampcard3redeemed', '$voucherredeemed')";
mysqli_query($connection, $query5);
$locationtable = "treuepass_users_$locationid";
$query3 = "UPDATE $locationtable
SET
stampcard1counter = stampcard1counter+'{$stampcard1counter}', stampcard1stampsnow = '{$stampcard1stampsnow}', stampcard1redeemed = stampcard1redeemed+'{$stampcard1redeemed}',
stampcard2counter = stampcard2counter+'{$stampcard2counter}', stampcard2stampsnow = '{$stampcard2stampsnow}', stampcard2redeemed = stampcard2redeemed+'{$stampcard2redeemed}',
stampcard3counter = stampcard3counter+'{$stampcard3counter}', stampcard3stampsnow = '{$stampcard3stampsnow}', stampcard3redeemed = stampcard3redeemed+'{$stampcard3redeemed}',
vouchercounter = vouchercounter+'{$vouchercounter}', vouchernow = '{$vouchernow}', voucherredeemed = voucherredeemed+'{$voucherredeemed}'
WHERE uuid ='{$id}'";
$res3 = mysqli_query($connection, $query3);
$query = "SELECT * FROM $locationtable WHERE uuid ='{$id}'";
$res = mysqli_query($connection, $query);
$num = mysqli_num_rows($res);
if ($num > 0)
{
while ($dsatz = mysqli_fetch_assoc($res))
return $dsatz;
mysqli_close($connection);
} ////////////////////////////////////////////
else // Wenn sich HANDY das erste mal anmeldet //
$query = "INSERT INTO $locationtable (uuid, stampcard1counter, stampcard1stampsnow, stampcard1redeemed, stampcard2counter, stampcard2stampsnow, stampcard2redeemed, stampcard3counter, stampcard3stampsnow, stampcard3redeemed, vouchercounter, vouchernow, voucherredeemed)
VALUES ('$id', '$stampcard1counter','$stampcard1stampsnow','$stampcard1redeemed', '$stampcard2counter','$stampcard2stampsnow','$stampcard2redeemed', '$stampcard3counter','$stampcard3stampsnow','$stampcard3redeemed',
'$vouchercounter','$vouchernow','$voucherredeemed')";
mysqli_query($connection, $query);
mysqli_close($connection);
}
function getUsersLocationStampcard($userid, $locationid){
global $connection;
$locationtable = "treuepass_users_$locationid";
$query = "SELECT * FROM $locationtable WHERE uuid ='{$userid}'";
$res = mysqli_query($connection, $query);
if($res){
while ($response = mysqli_fetch_assoc($res)){
return $response;
}
}
else{
return false;
}
mysqli_close($connection);
}
?>
Thanks for all the Comments!
I spend the whole day for rewrite my code xD
But now i get all the stuff you told me.
- I did the thing with the connection inside the php
- I only have 1 php for all the stuff now
- Password Hashing with 'password_hash()'
- Prepared Statemants for MySQLi
Here some Snippet:
//////////////////////////////////////////////////STORE USER
if (isset($_POST['uuid']) && isset($_POST['email']) && isset($_POST['password']) && isset($_POST['name'])) {
$sql = "SELECT * FROM treuepass_users_all WHERE email = ?";
$stmt = $mysqli->prepare($sql);
$stmt->bind_param("s", $_POST['email']);
$stmt->execute();
$result = $stmt->get_result();
if($result->num_rows == 1)
{
$response["error"] = TRUE;
$response["error_msg"] = "E-Mail Adresse bereits registriert!";
echo json_encode($response);
exit;
}else{
$sql = "INSERT INTO treuepass_users_all (uuid, dateofregister, email, password, name, lastlogin, logincounter) VALUES (?, ?, ?, ?, ?, ?, ?)
ON DUPLICATE KEY UPDATE email=?, password=?, name=?, lastlogin=?, logincounter=logincounter +1";
$stmt = $mysqli->prepare($sql);
$one = "1";
$hash = password_hash($_POST['password'], PASSWORD_DEFAULT);
$stmt->bind_param("sssssssssss", $_POST['uuid'], $date, $_POST['email'], $hash, $_POST['name'], $date, $one, $_POST['email'], $hash, $_POST['name'], $date);
$stmt->execute();
$sql = "SELECT * FROM treuepass_users_all WHERE uuid = ?";
$stmt = $mysqli->prepare($sql);
$stmt->bind_param("s", $_POST['uuid']);
$stmt->execute();
$result = $stmt->get_result();
while ($row = $result->fetch_assoc())
{
$response["error"] = FALSE;
$response["user"]["id"] = $row['id'];
$response["user"]["uuid"] = $row['uuid'];
$response["user"]["locked"] = $row['locked'];
$response["user"]["dateofregister"] = $row['dateofregister'];
$response["user"]["email"] = $row['email'];
$response["user"]["username"] = $row['username'];
$response["user"]["name"] = $row['name'];
$response["user"]["surname"] = $row['surname'];
$response["user"]["dayofbirth"] = $row['dayofbirth'];
$response["user"]["monthofbirth"] = $row['monthofbirth'];
$response["user"]["yearofbirth"] = $row['yearofbirth'];
$response["user"]["gender"] = $row['gender'];
$response["user"]["lastlogin"] = $row['lastlogin'];
$response["user"]["logincounter"] = $row['logincounter'];
echo json_encode($response);
}
}
}
I hope i did it well? :)
I am creating a profile image upload system for my users. Upon signup, the php code should create a user in the table "user" and also create a user in the "profileImg" table. I am getting no errors in my log but the user is being added to "user" but not "profileImg". Can anyone please assist. Thank you in advance.
SIGNUP.INC.PHP:
<?php
session_start();
include '../dbh.php';
$respond = array(
'status' => true,
'message' => 'There was an error',
'redirect' => '../profile.php',
'errors',
);
if (isset($_POST['submit'])) {
$first = mysqli_real_escape_string($conn, $_POST['first']);
$last = mysqli_real_escape_string($conn, $_POST['last']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$pwd = mysqli_real_escape_string($conn, $_POST['pwd']);
$errorEmpty = false;
$errorEmail = false;
if (empty($first) || empty($last) || empty($email) || empty($pwd)) {
$respond['errors'][] = "Please fill out all fields!";
$respond['errorEmpty'] = true;
} elseif (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
$respond['errors'][] = "Please enter a valid email address!";
$respond['errorEmail'] = true;
} else {
$sql = "SELECT email FROM user WHERE email='$email'";
$result = mysqli_query($conn, $sql);
$emailcheck = mysqli_num_rows($result);
if ($emailcheck > 0) {
$respond['errors'][] = "That email address already exists!";
$respond['errorEmail'] = true;
}
else {
$encryptpwd = password_hash($pwd, PASSWORD_DEFAULT);
$sql = "INSERT INTO user (first, last, email, pwd)
VALUES ('$first', '$last', '$email', '$encryptpwd')";
$result = mysqli_query($conn, $sql);
$sql = "SELECT * FROM user WHERE email='$email' AND first='$first'";
$result = mysqli_query($conn, $sql);
if (mysqli_num_rows($result) > 0) {
while ($row = mysqli_fetch_assoc($result)) {
$email = $row['id'];
$sql = "INSERT INTO profileImg (email, status)
VALUES ('$email', 1)";
}
}
}
}
}
echo json_encode($respond);
?>
PROFILE.PHP:
This must be a violation on database level.
See this block of yours:
if (mysqli_num_rows($result) > 0) {
while ($row = mysqli_fetch_assoc($result)) {
$email = $row['id'];
$sqlProfile = "INSERT INTO profileImg (email, status)
VALUES ('$email', 1)";
}
}
I'm pretty sure that in your database the email column of profileImg table is a varchar, although you are inserting it as an int $email = $row['id'];
Replace that line by the this $email = $row['email'];
Code after changes:
if (mysqli_num_rows($result) > 0) {
while ($row = mysqli_fetch_assoc($result)) {
$email = $row['email'];
$sqlProfile = "INSERT INTO profileImg (email, status)
VALUES ('$email', 1)";
mysqli_query($conn, $sqlProfile);
}
}
Update: add mysqli_query($conn, $sqlProfile); to execute the query
I want to add one to the last inserted value of a column in a the database. I am not getting any error but the query is not adding 1 to the last inserted value.
Note; I used MAX(id) to get the max id but it's not adding 1 to it. What am I doing wrong?
<?php
session_start();
ob_start();
if (isset($_POST['submit'])) {
$pin = htmlspecialchars(trim($_POST['pin']));
$surName = htmlspecialchars(trim($_POST['surName']));
$firstName = htmlspecialchars(trim($_POST['firstName']));
$otherName = htmlspecialchars(trim($_POST['otherName']));
$email = htmlspecialchars(trim($_POST['email']));
$passWord = md5(trim($_POST['passWord']));
$confirmPass = md5(trim($_POST['confirmPass']));
$date_added = date('Y.m.d - H:i:s');
$year = (100 . 'L');
$studentId = 201600001;
if ((empty($pin && $surName && $firstName && $otherName && $email && $passWord && $confirmPass) == false) && ($passWord) == ($confirmPass))
{
include "dbconnect.php";
$sql = "SELECT * FROM `sono` WHERE `pin`='$pin'";
$check = mysqli_query($dbconnect, $sql);
$numrow = mysqli_num_rows ($check);
if ($numrow == 1)
{
$rows=mysqli_fetch_assoc($check);
$Email = $rows['eMail'];
if ($Email == false)
{
$query = "SELECT * FROM `sono` WHERE `eMail`='$email'";
$check = mysqli_query($dbconnect, $query);
$numrow = mysqli_num_rows($check);
if ($numrow == 0)
{
$sql = "INSERT INTO `sono_nextofkin` (`eMail`) VALUES ('$email')";
mysqli_query($dbconnect, $sql);
$query = "INSERT INTO `sono_0level_results` (`eMail`) VALUES ('$email')";
mysqli_query($dbconnect, $query);
$query = "UPDATE `sono` SET `surName`='$surName', `firstName`='$firstName', `otherName`='$otherName', `eMail`='$email', `passWord`='$passWord', `confirmPass`='$confirmPass', `date_added`='$date_added', `year`='$year', `studentid`='$studentId' WHERE `pin`='$pin'";
mysqli_query($dbconnect, $query);
$max = "SELECT * MAX(`studentid`) FROM `sono`";
$max2 = mysqli_query ($dbconnect, $max);
$update = "UPDATE `sono` SET `MAX(`studentid`) = '$studentId' + 1 WHERE `pin`='$pin'";
mysqli_query ($dbconnect, $update);
$query = "SELECT `id` as idmax FROM `sono`";
$result = mysqli_query($dbconnect, $query) or die (mysqli_error($dbconnect));
$rowa = mysqli_fetch_array($result);
$rw = $rowa['idmax'];
$rwo = $rw+1;
$rwo = str_pad($rwo,4,'0',STR_PAD_LEFT);
$sql = "UPDATE `sono` SET `id`='$rwo' WHERE `pin`='$pin'";
$result = mysqli_query($dbconnect, $sql);
$_SESSION['surName'] = $surName;
$_SESSION['firstName'] = $firstName;
$_SESSION['otherName'] = $otherName;
$_SESSION['email'] = $email;
$_SESSION['passWord'] = $passWord;
$msg= "<p style = 'color: green; padding-left: 0'>Registration successful,<a href='passport.php'> >>>Click here to proceed<<<</a></p>";
} else
$msg= "<p style = 'color: red; padding-left: 0'>Email already used, use another valid email to register</p>";
} else
$msg= "<p style = 'color: red; padding-left: 0'>The pin has been used</p>";
} else
$msg= "<p style = 'color: red; padding-left: 0'>The pin enter does not exist</p>";
} else
$msg= "<p style = 'color: red; padding-left: 0'>Please enter your names, pin, email and password to start registration</p>";
}
?>
you should do like
$update = "UPDATE `sono` SET `studentid` = MAX(`studentid`) + 1 WHERE `pin`='$pin'";
OR
Use LAST_INSERT_ID() from your SQL query.
OR
You can also use mysqli_insert_id() to get it using PHP.
Hello guys I was confused using the if else statement I know it is the basic in conditioning also other languages. Don't know what to do here, I would like that it has an if condition(check) then also inside I want that it has an else if but my problem is I have to else statement which is wrong cause I know that else statement will be use at the end of a condition
Here's my code:
if (isset($_POST['login']))
{
$idno = mysql_real_escape_string($_POST['idno']);
$password = mysql_real_escape_string($_POST['password']);
$position = $_POST['user_type'];
$YearNow=Date('Y');
$_SESSION['SESS_MEMBER_ID'] = $idno;
$sql1 = "SELECT * FROM student WHERE idno = '$idno' AND password = '$password' " ;
$result = mysql_query($sql1) or die();
$row = mysql_fetch_array($result);
$num_row = mysql_num_rows($result);
//,student WHERE studentvotes.idno = student.idno
$sql2 = "SELECT * FROM vote_logs,school_year where vote_logs.idno='$idno' AND vote_logs.syearid = school_year.syearid AND school_year.from_year like $YearNow ";
$result1 = mysql_query($sql2) or die();
$row1 = mysql_fetch_array($result1);
if (mysql_num_rows($result1)<=1)
{
$_SESSION['idno']=$row['idno'];
$sql_c = "SELECT * FROM student WHERE idno = '$idno' AND password = '$password'";
$result2 = mysql_query($sql_c) or die(mysql_error());
$faunc = mysql_fetch_assoc($result2);
$_SESSION['SESS_COURSE'] = $faunc['progid'];
$_SESSION['SESS_MEMBER_ID'] = $idno;
header('location: plsvote.php');
}
else if ($row['status'] == 'lock')
{
header('location: last.php');
}
else
{
header('location: notification.php');
exit();
}
else
{
echo "<script type='text/javascript'>\n";
echo "alert('Username or Password incorrect!, Please try again.');\n";
echo "window.location = 'index.php';";
echo "</script>";
exit();
}
}
Please help me
You have imbricated your blocks, try this:
if (isset($_POST['login']))
{
$idno = mysql_real_escape_string($_POST['idno']);
$password = mysql_real_escape_string($_POST['password']);
$position = $_POST['user_type'];
$YearNow=Date('Y');
$_SESSION['SESS_MEMBER_ID'] = $idno;
$sql1 = "SELECT * FROM student WHERE idno = '$idno' AND password = '$password' " ;
$result = mysql_query($sql1) or die();
$row = mysql_fetch_array($result);
$num_row = mysql_num_rows($result);
//,student WHERE studentvotes.idno = student.idno
$sql2 = "SELECT * FROM vote_logs,school_year where vote_logs.idno='$idno' AND vote_logs.syearid = school_year.syearid AND school_year.from_year like $YearNow ";
$result1 = mysql_query($sql2) or die();
$row1 = mysql_fetch_array($result1);
if (mysql_num_rows($result1)<=1)
{
$_SESSION['idno']=$row['idno'];
$sql_c = "SELECT * FROM student WHERE idno = '$idno' AND password = '$password'";
$result2 = mysql_query($sql_c) or die(mysql_error());
$faunc = mysql_fetch_assoc($result2);
$_SESSION['SESS_COURSE'] = $faunc['progid'];
$_SESSION['SESS_MEMBER_ID'] = $idno;
header('location: plsvote.php');
}
else if ($row['status'] == 'lock')
{
header('location: last.php');
}
else
{
header('location: notification.php');
exit();
}
}
else
{
echo "<script type='text/javascript'>\n";
echo "alert('Username or Password incorrect!, Please try again.');\n";
echo "window.location = 'index.php';";
echo "</script>";
exit();
}
With an indentation, this kind of problem is easily visible.
This can be ok:
if ( //validate the email
filter_var($email, FILTER_VALIDATE_EMAIL) &&
preg_match('/#.+\./', $email)
) {
$result = mysql_query (
"INSERT INTO users(unique_id, name, email, encrypted_password, salt, created_at) VALUES('$uuid', '$name', '$email', '$encrypted_password', '$salt', NOW())"
);
if ($result) { // check for successful store
// get user details
$uid = mysql_insert_id(); // last inserted id
$result = mysql_query("SELECT * FROM users WHERE uid = $uid");
// return user details
return mysql_fetch_array($result);
} else {
return false; //unsuccessful store
}
} else {
//not a valid email
return false;
}
}
Try this one :
if (filter_var($email, FILTER_VALIDATE_EMAIL) && preg_match('/#.+\./', $email)) {
$result = mysql_query ("INSERT INTO users(unique_id, name, email, encrypted_password, salt, created_at) VALUES('$uuid', '$name', '$email', '$encrypted_password', '$salt', NOW())");
if ($result) { // check for successful store
// get user details
$uid = mysql_insert_id(); // last inserted id
$result = mysql_query("SELECT * FROM users WHERE uid = $uid");
// return user details
return mysql_fetch_array($result);
} else {
return false; //unsuccessful store
}
} else {
//not a valid email
return false;
}
First page:
<?php
session_start();
//db info
$conn = new mysqli("$server","$user_name","$password","$database");
$sql = "SELECT id FROM Client_Information order by id desc limit 1";
$result = $conn->query($sql);
if ($result->num_rows >0) {
while($row = $result->fetch_assoc()) {
$id=$row['id'] + 1;
}
}
$_SESSION['id'] = $id;
$sitename = $_POST['sitename'];
$sitetype = $_POST['sitetype'];
$color1 = $_POST['color1'];
$color2 = $_POST['color2'];
$color3 = $_POST['color3'];
$color4 = $_POST['color4'];
$sitedescription = $_POST['sitedescription'];
$aboutme = $_POST['aboutme'];
$contactname = $_POST['contactname'];
$phone = $_POST['phone'];
$email = $_POST['email'];
$address = $_POST['address'];
if (isset($sitename) && isset($sitetype) && isset($color1)
&& isset($color2) && isset($contactname) && isset($phone)
&& isset($email) && isset($address) && isset($sitedescription)
&& isset($aboutme)) {
$sql = "INSERT INTO Client_Information (id, sitename, sitetype, color1, color2,
color3, color4, sitedescription, aboutme,
contactname, phone, email, address, timestamp)
VALUES ('$id', '$sitename', '$sitetype', '$color1', '$color2',
'$color3', '$color4', '$sitedescription', '$aboutme',
'$contactname', '$phone', '$email', '$address',
CURRENT_TIMESTAMP)";
$conn->query($sql);
header('Location: images.php');
}
mysqli_close($conn);
?>
Second page:
<?php
session_start();
echo $_SESSION['id'];
//db info
$conn = new mysqli("$server","$user_name","$password","$database");
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$wherevar = $_SESSION['id'];
$exsitename1 = $_POST['exsitename1'];
$exsitename2 = $_POST['exsitename2'];
$exsitename3 = $_POST['exsitename3'];
$exsitename4 = $_POST['exsitename4'];
$exsiteurl1 = $_POST['exsiteurl1'];
$exsiteurl2 = $_POST['exsiteurl2'];
$exsiteurl3 = $_POST['exsiteurl3'];
$exsiteurl4 = $_POST['exsiteurl4'];
$exsitedescr1 = $_POST['exsitedescr1'];
$exsitedescr2 = $_POST['exsitedescr2'];
$exsitedescr3 = $_POST['exsitedescr3'];
$exsitedescr4 = $_POST['exsitedescr4'];
if (isset($exsitename1) && isset($exsitename2) && isset($exsitename3) && isset($exsitename4)
&& isset($exsiteurl1) && isset($exsiteurl2) && isset($exsiteurl3) && isset($exsiteurl4)
&& isset($exsitedescr1) && isset($exsitedescr2) && isset($exsitedescr3) && isset($exsitedescr4)) {
$sql = "UPDATE Client_Information
SET exsitename1='$exsitename1', exsitename2='$exsitename2', exsitename3='$exsitename3',
exsitename4='$exsitename4', exsiteurl1='$exsiteurl1', exsiteurl2='$exsiteurl2',
exsiteurl3='$exsiteurl3', exsiteurl4='$exsiteurl4', exsitedescr1='$exsitedescr1',
exsitedescr2='$exsitedescr2', exsitedescr3='$exsitedescr3', exsitedescr4='$exsitedescr4'
WHERE id = '$wherevar'";
$conn->query($sql);
header('Location: index.php');
}
session_destroy();
mysqli_close($conn);
?>
So the first page works fine and inserts all the data into the db, but when the second page is ran, it doesn't update the same row that was inserted on the first page. It just leaves all those variable.
On the second page, I'm trying to have it edit the row that was just created.