PHP MySQL - Simple database updater page [duplicate] - php

This question already has answers here:
Can I mix MySQL APIs in PHP?
(4 answers)
Reference - What does this error mean in PHP?
(38 answers)
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(1 answer)
Closed 4 years ago.
Good morning everybody I've made this simple page that should update my database following some tutorials around the internet but still not updating the data when I press the submit button, can somebody help and correct the code ? I just need to update the ID from this table, I think this code can be helpful for many people out there... I'm going to paste the code below. Many thanks.
<?php
$servername = "localhost";
$username = "user";
$password = "pass";
$dbname = "database";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$id_cus = $_GET["id_cus"];
$sql = "SELECT `id_customer`, `firstname`, `lastname`, `email` FROM `customer` WHERE `id_customer` = $id_cus";
$result = $conn->query($sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
$id = $row["id_customer"];
$nome = $row["firstname"];
$cognome = $row["lastname"];
$email = $row["email"];
}
} else {
echo "0 results";
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Bootstrap Example</title>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<link rel="stylesheet" href="./panel.css">
<script src="//code.jquery.com/jquery-1.11.1.min.js"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
</head>
<body>
<div class="container">
<div class="row">
<div class="col-sm-12">
<main>
<form action="" method="post">
<table class="table table-bordered table-condensed">
<thead>
<tr>
<th>Codice cliente</th>
<th class="col">Nome</th>
<th class="col">Cognome</th>
<th class="col">Indirizzo email</th>
</tr>
</thead>
<tbody>
<tr>
<td><input type="text" name="id" value="<?php echo $id ?>"/></td>
<td><?php echo $nome; ?></td>
<td><?php echo $cognome; ?></td>
<td><?php echo $email; ?></td>
</tr>
</tbody>
</table>
<input type="submit" name="submit" value="Aggiorna" class="pull-right">
</form>
</main>
</div>
</div>
</div>
</body>
</html>
<?php
// check if the form has been submitted. If it has, process the form and save it to the database
if (isset($_POST['submit']))
{
// confirm that the 'id' value is a valid integer before getting the form data
if (is_numeric($_POST['id']))
{
// get form data, making sure it is valid
$id = $_POST['id'];
// check that firstname/lastname fields are both filled in
if ($id == '')
{
// generate error message
echo 'ERROR: Please fill in all required fields!';
}
else
{
// save the data to the database
$conn->query("UPDATE customer SET id_customer='$id'")
or die(mysql_error());
// once saved, redirect back to the view page
header("Location: panel.php?id_cus=$id");
}
}
}
$conn->close();
?>
EDITED CODE TRYING ANOTHER SOLUTION bust still does not update why ? this should be very simple!
<?php
error_reporting(E_ALL);
ini_set('display_errors',1);
$databaseHost = 'localhost';
$databaseName = 'dbname';
$databaseUsername = 'dbuser';
$databasePassword = 'pass';
$mysqli = mysqli_connect($databaseHost, $databaseUsername, $databasePassword, $databaseName);
if(isset($_POST['update']))
{
$id = $_POST['id'];
$firstname=$_POST['firstname'];
$lastname=$_POST['lastname'];
$email=$_POST['email'];
// checking empty fields
if(empty($fistname) || empty($lastname) || empty($email)) {
if(empty($firstname)) {
echo "<font color='red'>Name field is empty.</font><br/>";
}
if(empty($lastname)) {
echo "<font color='red'>lastname field is empty.</font><br/>";
}
if(empty($email)) {
echo "<font color='red'>Email field is empty.</font><br/>";
}
} else {
//updating the table
$result = mysqli_query($mysqli, "UPDATE customer SET firstname='$firstname',lastname='$lastname',email='$email' WHERE id_customer=$id");
//redirectig to the display page. In our case, it is index.php
header("Location: index.php");
}
}
?>
<?php
//getting id from url
$id = $_GET['id'];
//selecting data associated with this particular id
$result = mysqli_query($mysqli, "SELECT `id_customer`, `firstname`, `lastname`, `email` FROM `customer` WHERE `id_customer` = $id");
while($res = mysqli_fetch_array($result))
{
$firstname = $res['firstname'];
$lastname = $res['lastname'];
$email = $res['email'];
$id_customer = $res['id_customer'];
}
?>
<html>
<head>
<title>Edit Data</title>
</head>
<body>
Home
<br/><br/>
<form name="form1" method="post" action="panel.php">
<table border="0">
<tr>
<td>Name</td>
<td><input type="text" name="firstname" value="<?php echo $firstname;?>"></td>
</tr>
<tr>
<td>Lastname</td>
<td><input type="text" name="lastname" value="<?php echo $lastname;?>"></td>
</tr>
<tr>
<td>Email</td>
<td><input type="text" name="email" value="<?php echo $email;?>"></td>
</tr>
<tr>
<td>ID</td>
<td><input type="text" name="id_customer" value="<?php echo $id_customer;?>"></td>
</tr>
<tr>
<td><input type="hidden" name="id" value=<?php echo $_GET['id'];?>></td>
<td><input type="submit" name="update" value="Update"></td>
</tr>
</table>
</form>
</body>
</html>
</html>

Related

How could i make my site update or delete the user?

I can't get the users name to get updated or to deleted the user. Whatever i try doesn't work. When i click on the update button it just goes to the index page and nothing happens and the same happens when i click on the delete button too.
this is the codes i have on my server.php page:
<?php
session_start();
// initializing variables
$idmedlemmer = "";
$brukernavn = "";
$email = "";
$fornavn = "";
$etternavn = "";
$errors = array();
// connect to the database
$db = mysqli_connect("localhost", "root", "", "mymusic");
// Update User
if (isset($_POST['update'])) {
// receive all input values from the form
$brukernavn = mysqli_real_escape_string($db, $_POST['brukernavn']);
// form validation: ensure that the form is correctly filled ...
// by adding (array_push()) corresponding error unto $errors array
if (empty($brukernavn)) { array_push($errors, "Feltet kan ikke være tomt"); }
// first check the database to make sure
// a user does not already exist with the same username and/or email
$user_check_query = "SELECT brukernavn FROM medlemmer LIMIT 1";
$result = mysqli_query($db, $user_check_query);
$user = mysqli_fetch_assoc($result);
if ($user) { // if user exists
if ($user['brukernavn'] === $brukernavn) {
array_push($errors, "Brukernavn eksisterer allerede");
}
}
// Finally, register user if there are no errors in the form
if (count($errors) == 0) {
mysqli_query($db, "UPDATE medlemmer SET brukernavn='$brukernavn' WHERE idmedlemmer=$idmedlemmer");
$_SESSION['message'] = "Brukernavnet har blitt oppdatert";
header('location: index.php');
}
}
// ...
// ...
// Delete User
if (isset($_GET['brukernavn']))
if (isset($_GET['slett'])) {
$query = sprintf("DELETE FROM medlemmer WHERE idmedlemmer='%s'");
mysqli_query($db, $query);
$_SESSION['brukernavn'] = $brukernavn;
$_SESSION['success'] = "Bruker har blitt slettet";
header('location: Login.php');
}
?>
And this is what i have on my update page:
<?php include('server.php')?>
<?php
if (isset($_GET['update'])) {
$brukernavn = $_GET['update'];
$record = mysqli_query($db, "SELECT * FROM medlemmer WHERE brukernavn=$brukernavn");
if (count($record) == 1 ) {
$n = mysqli_fetch_array($record);
$name = $n['brukernavn'];
}
}
?>
<html>
<head>
<title>Edit Data</title>
<link rel="stylesheet" type="text/css" href="stilark.css">
<meta charset="utf-8">
</head>
<body>
<form name="form1" method="post" action="index.php">
<table border="0">
<tr>
<td>Name</td>
<td><input type="text" name="brukernavn" value="<?php echo ($_SESSION['brukernavn']); ?>"></td>
</tr>
<tr>
<td><input type="hidden" name="idmedlemmer" value="<?php echo $idmedlemmer;?>"></td>
<td><input type="submit" name="update" value="update"></td>
</tr>
</table>
</form>
and this is what i have on my delete page:
<?php include('Server.php')?>
<!DOCTYPE html>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<link rel="stylesheet" type="text/css" href="stilark.css">
<head>
<title>Slett Bruker</title>
</head>
<body>
Tilbake
<br/><br/>
<form name="form1" method="post" action="index.php">
<table border="0">
<tr>
<td><input type="hidden" name="idmedlemmer" value="<?php echo $_GET['idmedlemmer'];?>"></td>
<td><input type="submit" name="slett" value="slett"></td>
Delete
</tr>
</table>
</body>
</html>
I have tried to check on youtube videoes and read many articles but i just cant seem to get anywhere so i am totaly stuck and appreciate all the help i can get. Hope that you can help me

PHP - Session error messages not showing

I have a page with a contact form.
I'm trying to make some error messages appear next to the fields if the fields are empty/invalid. If all fields are OK the field's contents are sent to a database.
The validation itself works. If the fields are empty or invalid it does not submit them into the database. However no error messages are shown next to the fields.
Here are the codes
Page with the contact form named palaute3.php:
<?php
session_start();
$_SESSION["nimiVirhe"]="";
$_SESSION["spostiVirhe"]="";
$_SESSION["palauteVirhe"]="";
$servername = "localhost";
$username = "username";
$password = "passwd";
$dbname = "dbname";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Game Over</title>
<link href="https://fonts.googleapis.com/css?family=Press+Start+2P" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="tyyli1.css"/>
<style type="text/css">
#import url('https://fonts.googleapis.com/css?family=Press+Start+2P');
</style>
</head>
<body>
<div id="container">
<div id="header">
</div>
<div id="menuBG">
</div>
<ul class="navlist">
<li>Etusivu
</li>
<li>Leffat
</li>
<li>Pelit
</li>
<li>Ota yhteyttä
</li>
</ul>
<div id="content">
<h3>Palaute</h3>
<p>Anna Palautetta sivujen ulkonäöstä tai vinkkejä uusiksi arvosteluiksi!</p>
<p><span class="error">Kaikki kentät ovat pakollisia</span></p>
<form method="post" action="validointi.php">
<table width="450px">
<tr>
<td valign="top">
<label for="nimi">Nimi</label>
</td>
<td valign="top">
<input type="text" name="nimi" /><span class="error"><?php echo $_SESSION["nimiVirhe"];?></span>
</td>
</tr>
<tr>
<td valign="top">
<label for="sposti">Sähköposti</label>
</td>
<td valign="top">
<input type="text" name="sposti" /><span class="error"><?php echo $_SESSION["spostiVirhe"];?></span>
</td>
</tr>
<tr>
<td valign="top">
<label for="palaute">Palaute</label>
</td>
<td valign="top">
<textarea name="palaute" maxlength="1000" cols="30" rows="6"></textarea><span class="error"><?php echo $_SESSION["palauteVirhe"];?> </span>
</td>
</tr>
<tr>
<td colspan="2" style="text-align:center">
<input type="submit" value="Lähetä" name="submit">
</td>
</tr>
</table>
</form>
<?php
session_unset();
?>
<p>
Palautteet tähän
</p>
<?php
$sql = "SELECT id, palaute FROM dbtable";
$result = mysqli_query($conn, $sql);
if ($result->num_rows > 0) {
// output data of each row
while($row = $result->fetch_assoc()) {
echo "id: " . $row["id"]. " - Palaute: " . $row["palaute"]. "<br>";
}
} else {
echo "0 results";
}
$conn->close();
?>
</div>
<div id="footer">
<p>© Game Over 2018 All rights reserved</p>
</div>
</div>
</body>
</html>
Here is the validation:
<?php
session_start();
$_SESSION["nimiVirhe"]="";
$_SESSION["spostiVirhe"]="";
$_SESSION["palauteVirhe"]="";
if (isset($_POST['submit'])) {
if (empty($_POST["nimi"])) {
$_SESSION["nimiVirhe"] = " Nimi on pakollinen.";
}
else {
$nimi = $_POST["nimi"];
$_SESSION["nimi"]=$nimi;
if (!preg_match("/^[a-zA-Z ]*$/",$nimi)) {
$_SESSION["nimiVirhe"] = " Nimi on väärässä muodossa.";
}
}
if (empty($_POST["sposti"])) {
$sposti = $_SESSION["sposti"];
$_SESSION["spostiVirhe"] = " Sähköposti on pakollinen.";
}
else {
$sposti = $_POST["sposti"];
$_SESSION["sposti"]=$sposti;
if (!filter_var($sposti, FILTER_VALIDATE_EMAIL)) {
$_SESSION["spostiVirhe"] = " Sähköpostiosoite on väärässä muodossa.";
}
}
if (empty($_POST["palaute"])) {
$_SESSION["palauteVirhe"] = "<br>Palaute on pakollinen.";
}
else {
$palaute = $_POST["palaute"];
$_SESSION["palaute"]=$palaute;
}
if($_SESSION["nimiVirhe"] == "" && $_SESSION["spostiVirhe"] == "" && $_SESSION["palauteVirhe"] == ""){
header("Location: yhteystesti.php");
return;
} else {
header("Location: palaute3.php");
return;
}
}
?>
The database insertion works fine so I'm not going to include it here.
Any idea what am I doing wrong here?
PS: This is a school assignment and the teacher tried to make it work but couldn't.

Ath the top of your palaute3.php file you have this
$_SESSION["nimiVirhe"]="";
$_SESSION["spostiVirhe"]="";
$_SESSION["palauteVirhe"]="";
So you re-init your session error messages before using this them.
Those 3 lines should be in the validation page, but not in your error page !
Remove that and it will work.

Login Info Page Not Redirecting

I am having trouble redirecting my code to another page after a correct username/password has been submitted. After I enter the username/password and hit submit, the page does not redirect.
The page just reloads and clears the field inputs (even though it's a sticky form), and stays at the same page, except the URL adds ?submit=Submit to the end of the URL..
I am not getting any mysql errors - the database is connecting fine at the query that matches the row with the username/password combo seems to be going through.
It should be looping through the database, checking if the username/password combo exists, and redirecting to the specified page. I'm not sure what I'm not seeing / missing here that keeps the page from redirecting. Any input would be greatly appreciated.
PHP:
<?php
define('DB_LOCATION', 'x');
define('DB_USERNAME', 'x');
define('DB_PASS', 'x');
define('DB_NAME', 'x');
$dbc = mysqli_connect(DB_LOCATION, DB_USERNAME, DB_PASS, DB_NAME)
or die('Error connecting to database');
$error_message= "";
if (isset($_POST['submit'])) {
$user_name = $_POST['user'];
$user_password= $_POST['pass'];
// ADD QUERY TO CHECK IF USER/PASS COMBO IS CORRECT
if(!empty($user_name) && !empty($user_password)) {
$query = "SELECT * FROM employees WHERE username='$user_name' and password='$user_password'";
$result = mysqli_query($dbc, $query)
or die ('Error querying username/password request');
if(mysqli_num_rows($result) == 1) {
$user_name = $row['user'];
$user_password = $row['pass'];
header("Location: www.mysite.com ");
} // end if rows
else {
$error_message = "You were not able to log in";
} // end else
} // end query
} // end isset
?>
HTML
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Login</title>
<link type="text/css" rel="stylesheet" href="/LESSON5/5_Signup_CSS.css">
</head>
<body>
<h1>Welcome to my website!</h1>
<h2>Please login below.</h2>
<h3>Don't have an account? Create one here.</h3>
<div class="formFormat" >
<div id="table1">
<form name =loginForm method="post" action="<?php echo $_SERVER[' PHP_SELF' ];?>">
<table id="cssTable">
<tr>
<td>Username:</td><td><input type="text" id="user" name="user" value="<?php echo $user_name ?>" /></td>
</tr>
<tr>
<td>Password:</td><td><input type="text" id="pass" name="pass" value="<?php echo $user_password ?>"/></td>
</tr>
</table>
</form>
</div>
<div id="table2">
<form>
<table>
<tr>
<td><input type="submit" name="submit"/></td>
</tr>
<tr>
<td id="createAccount">Create an account</td>
</tr>
<tr>
<td><?php echo $error_message ?></td>
</tr>
</table>
</form>
</form>
</div>
</div>
<?php
mysqli_close($dbc);
?>
</body>
</html>

Remove <form>, just before <div id="table2">, and </form> as well.

Remove <form> and </form> just before <div id="table2"> but i say you create a simple function which handles the redirects like below.
why don't you try something like this which creates a function for the redirect.
function Redirect($url, $permanent = false)
{
header('Location: ' . $url, true, $permanent ? 301 : 302);
exit();
}
Redirect('Location: www.mysite.com', false);

Trying to change login page from mysql_connect to work with PDO, with no luck

I'm trying to change my login page from mysql_connect(which work's perfectly) to work with PDO, with no luck.
Every time i hit 'login' with a correct username and password it just refresh the same login page.
Thanks in advance!
Working code with mysql_connect:
<?
session_start();
$user = "XXXX";
$password = "YYYY";
?>
<!DOCTYPE html>
<html>
<head>
<title>Home</title>
</head>
<body>
<br><br><br><br><br><br><br><br>
<div align="center"><h1>Home</h1>
<h3>
<? if (isset($_SESSION["authenticated"])) { ?>
You are logged in!
<br />
log out
See page
<? } else { ?>
You are not logged in!
<? } ?>
</h3>
<br>
<?
if (($connection = mysql_connect("localhost", $user, $password)) === false)
die("Could not connect to database");
// select database
if (mysql_select_db("123456", $connection) === false)
die("Could not select database");
// if username and password were submitted, check them
if (isset($_POST["name"]) && isset($_POST["password"]))
{
// prepare SQL
$sql = sprintf("SELECT * FROM students WHERE name='%s'",
mysql_real_escape_string($_POST["name"]));
// execute query
$result = mysql_query($sql);
if ($result === false)
die("Could not query database");
// check whether we found a row
if (mysql_num_rows($result) == 1)
{
// fetch row
$row = mysql_fetch_assoc($result);
// check password
if ($row["password"] == $_POST["password"])
{
// remember that user's logged in
$_SESSION["authenticated"] = true;
$host = $_SERVER["HTTP_HOST"];
$path = rtrim(dirname($_SERVER["PHP_SELF"]), "/\\");
header("Location: http://$host$path/userpage.php");
exit;
}
}
}
?>
<form action="<?= $_SERVER["PHP_SELF"] ?>" method="post">
<table>
<tr>
<td>Username:</td>
<td>
<input name="name" type="text"></td>
</tr>
<tr>
<td>Password:</td>
<td><input name="password" type="password"></td>
</tr>
<tr>
<td></td>
<td><input type="submit" value="Log In"></td>
</tr>
</table>
</form></div>
</body>
</html>
New code with PDO(doesn't work):
<?
session_start();
$user = "XXXX";
$password = "YYYY";
$dbh = new PDO('mysql:host=localhost;dbname=123456', $user, $password);
?>
<!DOCTYPE html>
<html>
<head>
<title>Home</title>
</head>
<body>
<br><br><br><br><br><br><br><br>
<div align="center"><h1>Home</h1>
<h3>
<? if (isset($_SESSION["authenticated"])) { ?>
You are logged in!
<br />
log out
See page
<? } else { ?>
You are not logged in!
<? } ?>
</h3>
<br>
<?
// if username and password were submitted, check them
if (isset($_POST["name"]) && isset($_POST["password"]))
{
// prepare SQL
$idd = $_POST["name"];
$qry = "SELECT * FROM students WHERE name='$idd'";
$result = $dbh->query($qry);
if ($result === false)
die("Could not query database");
if (mysql_num_rows($result) === false)
die("No luck!");
if (mysql_num_rows($result) == 1)
{
// fetch row
$row = mysql_fetch_assoc($result);
// check password
if ($row["password"] == ($_POST["password"]))
{
// remember that user's logged in
$_SESSION["authenticated"] = true;
$host = $_SERVER["HTTP_HOST"];
$path = rtrim(dirname($_SERVER["PHP_SELF"]), "/\\");
header("Location: http://$host$path/userpage.php");
exit;
}
}
}
?>
<form action="<?= $_SERVER["PHP_SELF"] ?>" method="post">
<table>
<tr>
<td>Username:</td>
<td>
<input name="name" type="text"></td>
</tr>
<tr>
<td>Password:</td>
<td><input name="password" type="password"></td>
</tr>
<tr>
<td></td>
<td><input type="submit" value="Log In"></td>
</tr>
</table>
</form></div>
</body>
</html>

You are using the mysql_* functions on a PDOStatement object returned by the query method. To get the number of rows try $result->rowCount(). To fetch the record use one of the fetch methods. See this link

How can Update account which corresponds with the Pin inputted?

I have this Alumni Directory System that when users wants to join the site, he/she will input the correct pin for his/her account. If the pin was correct, he will be directed to the account creation page which includes: username,password and email.
This inputs will be updated to his existing record on the database. Here's the scripts that I've been using, and got problem on how to update the inputs of the user to the database.
verify.php
<?php
// Start Session to enable creating the session variables below when they log in session_start();
include 'scripts/connect_to_mysql.php';
// Connect to the database
// Force script errors and warnings to show on page in case php.ini file is set to not display them
error_reporting(E_ALL);
ini_set('display_errors', '1'); ?> <?php //
//Initialize some vars
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
<link href="stylesheets/style.css" rel="stylesheet" type="text/css"/>
<title>Enter Your Pin</title>
<body>
<div id="main_content">
<form id="form1" name="form1" method="post" action="createaccount.php" style="height: 96px;">
<label>Confirmation Number:
<input type="text" name="confirm" id="ed"/> </label>
<p>
<input name="" type="submit" value="Log-in" id="button1"/>
</p>
</form>
createaccount.php
<?php
include_once "scripts/connect_to_mysql.php";
$confirm = $_POST['confirm'];
$result = mysql_query("SELECT * FROM myMembers where confirmation='$confirm'");
while($row = mysql_fetch_array($result))
{
$id = $row['id'];
$username = $row['username'];
$password = $row['password'];
$email = $row['email'];
}
?>
<?php
if (isset ($_POST['username'])){
$username = preg_replace('#[^A-Za-z0-9]#i', '', $_POST['username']); // filter everything but letters and numbers
$email = $_POST['email'];
$password = $_POST['password'];
$email = stripslashes($email);
$password= stripslashes($password);
$email = strip_tags($email);
$password= strip_tags($password);
// Connect to database
include_once "scripts/connect_to_mysql.php";
$emailCHecker = mysql_real_escape_string($email);
$emailCHecker = str_replace("`", "", $emailCHecker);
// Database duplicate username check setup for use below in the error handling if else conditionals
$sql_uname_check = mysql_query("SELECT username FROM myMembers WHERE username='$username'");
$uname_check = mysql_num_rows($sql_uname_check);
// Database duplicate e-mail check setup for use below in the error handling if else conditionals
$sql_email_check = mysql_query("SELECT email FROM myMembers WHERE email='$emailCHecker'");
$email_check = mysql_num_rows($sql_email_check);
// Error handling for missing data
if ((!$username) || (!$email) || (!$password)) {
$errorMsg = 'ERROR: You did not submit the following required information:<br /><br />';
}
if(!$username){
$errorMsg .= ' * User Name<br />';
}
if(!$email){
$errorMsg .= ' * Email Address<br />';
}
if(!$password){
$errorMsg .= ' * Password<br />';
} else if (strlen($username) < 4) {
$errorMsg = "<u>ERROR:</u><br />Your User Name is too short. 4 - 20 characters please.<br />";
} else if (strlen($username) > 20) {
$errorMsg = "<u>ERROR:</u><br />Your User Name is too long. 4 - 20 characters please.<br />";
} else if ($uname_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your User Name is already in use inside of our system. Please try another.<br />";
} else if ($email_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your Email address is already in use inside of our system. Please use another.<br />";
} else { // Error handling is ended, process the data and add member to database
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
}
$username = mysql_real_escape_string($username);
$email = mysql_real_escape_string($email);
$password = mysql_real_escape_string($password);
// Add MD5 Hash to the password variable
$db_password = md5($password);
// GET USER IP ADDRESS
$ipaddress = getenv('REMOTE_ADDR');
// Add user info into the database table for the main site table
$sql = mysql_query("UPDATE myMembers SET username='$username', email='$email', password='$db_password', ipaddress='ipaddress', sign_up_date WHERE confirmation='$confirm'");
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Create Account | <?php echo $MySocialSitename; ?></title>
<link href="style/main.css" rel="stylesheet" type="text/css" />
<script src="js/jquery-1.4.2.js" type="text/javascript"></script>
<script language="javascript" type="text/javascript">
$(document).ready(function() {
$("#username").blur(function() {
$("#nameresponse").removeClass().text('Checking Username...').fadeIn(1000);
$.post("scripts/check_signup_name.php",{ username:$(this).val() } ,function(data) {
$("#nameresponse").fadeTo(200,0.1,function() {
$(this).html(data).fadeTo(900,1);
});
});
});
});
function toggleSlideBox(x) {
if ($('#'+x).is(":hidden")) {
$('#'+x).slideDown(300);
} else {
$('#'+x).slideUp(300);
}
}
</script>
</head>
<body>
<br /><br />
<table class="mainBodyTable" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td width="738" valign="top">
<h2 style="margin-left:80px;">Create Your Account </h2>
<table width="600" align="center" cellpadding="8" cellspacing="0" style="border:#999 1px solid; background-color:#FBFBFB;">
<form action="createaccount.php" method="post" style="margin-top: -31px;" name="personal">
<tr>
<td colspan="2"><font color="#FF0000"><?php print "$errorMsg"; ?></font></td>
</tr>
<tr>
<tr>
<td width="114" bgcolor="#FFFFFF">User Name:<span class="brightRed"> *</span></td>
<td width="452" bgcolor="#FFFFFF"><input name="username" type="text" class="formFields" id="username" value="<?php echo $username;?>" size="32" maxlength="20" /><br />
<span id="nameresponse"><span class="textSize_9px"><span class="greyColor">Alphanumeric Characters Only</span></span></span></td>
</tr>
<tr>
<td><div align="right" class="style1">Password:</div></td>
<td><input name="password" type="password" class="ed" id="last" size="40" value="" /></td>
<td> </td>
</tr>
<tr>
<td><div align="right" class="style1">Email Address:</div></td>
<td><input name="email" type="text" class="ed" id="address" size="40" value="" /></td>
<td> </td>
</tr>
<tr>
<td><div align="right"></div></td>
<td colspan="2"><label>
<input type="checkbox" name="condition" value="checkbox" />
<span class="style1"><small>i agree the <a rel="facebox" href="terms_condition.php">terms and condition</a> of this alumni</small></span></label></td>
</tr>
<tr>
<td><div align="right"></div></td>
<td><input name="but" type="submit" value="Confirm" /></td>
<td> </td>
</tr>
</table>
</form>
</table>
</body>
</html>
After the update was finished it will direct the user to the login page.

You should Post your Verify.php file code as you say the error is in that page,
Assuming entiries for each person will have only their passcoe and all other fields are empty before they create their account
// in verify.php page
if(isset($_POST['passcode']))
{
$enteredCode=$_POST['passcode'];
$records=mysql_query("select passcode from table where user_id =X");
if( mysql_num_rows($records == 1)
{
while($row=mysql_fetch_array($records))
{
$passcode==$row['passcode'];
}
if($enteredCode == $passcode)
{
header("location:createAccount.php");
}
else
{
// do not redirect, print error msg
}
}
}

Categories