I want to restrict user to upload 50 photos per year. Say for example user can upload 50 photos in 2015 and after that user gets error message. Again in 2016 user can able to upload 50 photos but the photo which user uploads in 2015 will not be deleted.
This is my upload.php
<?php
// set timeout period in seconds
$inactive = 100;
// check to see if $_SESSION['timeout'] is set
if(isset($_SESSION['timeout']) ) {
$session_life = time() - $_SESSION['timeout'];
if($session_life > $inactive)
{ session_destroy(); header("Location: logout.php"); }
}
$_SESSION['timeout'] = time();
include "lib/connection.php";
if (!isset($_SESSION['user']))
{
//die ("Access Denied");
header("location:index.php?msg=Please login with valid credentials");
}
if (isset($_SESSION['user']))
{
include "lib/top.php";
include "lib/left.php";
?>
<div class="col-md-10">
<div class="row">
<div class="col-md-12">
<ol class="breadcrumb">
<li>Home</li>
<li class="active">Upload Photo</li>
</ol>
</div>
</div>
<?php
if(!empty($_GET['msg'])) {
$message = $_GET['msg'];
print "$message";
}
?>
<div class="block block-fill-white">
<div class="header">
<h2>Upload Photo</h2>
</div>
<FORM METHOD="POST" ACTION="pic-db-upload.php" enctype = "multipart/form-data">
<div class="content controls">
<div class="form-row">
<div class="col-md-3">Title:</div>
<div class="col-md-9"><input type="text" class="form-control" id="title" name="title" required placeholder="Enter some Title"/></div>
</div>
<div class="form-row">
<div class="col-md-3">Description:</div>
<div class="col-md-9"><textarea class="form-control" id="description" name="description" required></textarea></div>
</div>
<?php
$sel="SELECT * FROM `category`";
$tab=mysql_query($sel);
?>
<div class="form-row">
<div class="col-md-3">Category:</div>
<div class="col-md-9">
<select class="form-control" name="category" required>
<option value="0">Select</option>
<?php
while($row=mysql_fetch_array($tab))
{
?>
<option value="<?php echo $row['id']; ?>"><?php echo $row['cname']; ?></option>
<?php
}
?>
</select>
</div>
</div>
<div class="form-row">
<div class="col-md-3">Thumbnail Height:</div>
<div class="col-md-9"><input type="text" class="form-control" id="theight" name="theight" required placeholder="Enter height"/></div>
</div>
<div class="form-row">
<div class="col-md-3">Thumbnail Width:</div>
<div class="col-md-9"><input type="text" class="form-control" id="twidth" name="twidth" required placeholder="Enter width"/></div>
</div>
<div class="form-row">
<div class="col-md-3">File:</div>
<div class="col-md-9">
<div class="input-group file">
<input type="text" class="form-control"/>
<input type="file" id="picture" name="picture" required/>
<span class="input-group-btn">
<button class="btn btn-primary" type="button">Browse</button>
</span>
</div>
</div>
</div>
<div class="form-row">
<div class="col-md-3"> </div>
<div class="col-md-9" style="align:midle">
<input type="reset" class="btn btn-danger">
<input type="submit" class="btn btn-primary" name="submit" value="UPLOAD">
</div>
</div>
</div>
</div>
</form>
</div>
</div>
<?php
include "lib/bottom.php";
}
?>
and this is my insert query
<?php
ini_set('display_errors', 0);
error_reporting(E_ERROR | E_WARNING | E_PARSE);
ob_start();
include("lib/connection.php");
if (!isset($_SESSION['user']))
{
//die ("Access Denied");
header("location:index.php?msg=Login with valid credentials");
}
if (isset($_SESSION['user']))
{
//======================= INSERT =================================================
if($_POST[submit]=="UPLOAD")
{
if($_POST[title]!="" && $_POST[category]!="" && $_POST[description]!="" && $_FILES[picture][name]=="")
{
header("location:upload-photo.php?msg=You have not inserted any picture ");
}
else
{
$resource = mysql_query("SELECT COUNT(id) FROM album");
$count = mysql_result($resource,0);
if ($count < 50)
{
//======================== THUMBNAIL CODE ========================
function thumb($a,$b)
{
$image_path=$a;
$new_width=$_POST[twidth];
$new_height=$_POST[theight];
$thumb_path=$b;
$ext=strtolower(end(explode('.',$image_path)));
if($ext=='jpg'||$ext=='jpeg'||$ext=='gif'||$ext=='png')
$img=#imagecreatefromjpeg($image_path);
else
die("only jpg or jpeg or gif or png format supported");
$width=imagesx($img);
$height=imagesy($img);
$tmp_img=imagecreatetruecolor($new_width,$new_height);
imagecopyresized($tmp_img,$img,0,0,0,0,$new_width,$new_height,$width,$height);
imagedestroy($img);
imagejpeg($tmp_img,$thumb_path);
}
//==================================================================
$p=md5(rand(1,1000));
$pict=$p.".jpg";
$target_path1 = "big_pic/big_".$pict;
copy($_FILES[picture][tmp_name],$target_path1);
$target_path2="thumb_pic/thumb_".$pict;
thumb($target_path1,$target_path2);
$ins = "INSERT INTO `album`(`id`,`date`,`title`,`description`,`cid`,`picture`,`thumbnail`,`default`)VALUES('',now(),'$_POST[title]','$_POST[description]','$_POST[category]','$target_path1','$target_path2','$pict')" ;
mysql_query($ins);
header("location:upload-photo.php?msg=Photo successfully uploaded");
}
else
{
header("location:upload-photo.php?msg=Sorry maximum number of photo uploaded. Please contact system administrator");
}
}
}
//======================= END INSERT =================================================
}
?>
Change the query to only count the photos in the current year:
SELECT COUNT(*) FROM album WHERE YEAR(date) = YEAR(NOW())
Related
So I am making a project where you can order food at school cafeteria, I already have a project where you can make a order with the menu and the student, and time.
But now I want that the student can order at it's own and not select any student so for the order it takes the currently logged in student. Sorry for bad english and thanks for every answer, i appreciate it.
[enter image description here](https://i.stack.imgur.com/NFz6G.png)
So Schueler is student and Menu is menu
uhrzeit is time
Now I want that there is no student to select, it takes the session id to make a order.
This is my order/create.php file
<?php
$title = "Menü reservieren";
include '../layouts/top.php';
session_start();
if(!isset($_SESSION['schuelerid'])) {
die('Bitte zuerst einloggen');
}
//Abfrage der Nutzer ID vom Login
$userid = $_SESSION['schuelerid'];
$email = $_SESSION['email'];
echo "Hallo Schueler: ".$userid;
echo " ".$email;
require_once('../../models/Bestellungen.php');
// create new/empty model, contains all input-values and error-messages
$r = new Bestellungen();
if (!empty($_POST)) {
$r->setMenu(isset($_POST['menu']) ? $_POST['menu'] : '');
$r->setUhrzeit(isset($_POST['uhrzeit']) ? $_POST['uhrzeit'] : 0);
$r->setSchueler(isset($_POST['schueler']) ? $_POST['schueler'] : 0);
// redirect to view-page after successfull saving
if ($r->save()) {
header("Location: view.php?id=" . $r->getId());
exit();
}
}
?>
<div class="container">
<div class="row">
<h2><?= $title ?></h2>
</div>
<form class="form-horizontal" action="create.php" method="post">
<div class="row">
<div class="col-md-1"></div>
<div class="col-md-2">
<div class="form-group required">
<label class="control-label">Schueler *</label>
<select style="width: 200px" name="schueler">
<option selected></option>
<?php
require_once "../../models/Schueler.php";
foreach (Schueler::getAll() as $g){
?>
<option value='<?=$g->getId()?>'><?=$g->getName()?></option>
<?php
}
?>
</select>
<?php if (!empty($r->getErrors()['schueler'])): ?>
<div class="help-block"><?= $r->getErrors()['schueler'] ?></div>
<?php endif; ?>
</div>
</div>
<div class="col-md-2">
<div class="form-group required ">
<label class="control-label">Menu *</label>
<select name="menu" style="width: 200px">
<option selected></option>
<?php
require_once "../../models/Menu.php";
foreach (Menu::getAll() as $z){
?>
<option value='<?=$z->getId()?>'><?=$z->getName()?></option>
<?php
}
?>
</select>
<?php if (!empty($r->getErrors()['menu'])): ?>
<div class="help-block"><?= $r->getErrors()['menu'] ?></div>
<?php endif; ?>
</div>
</div>
</div>
<div class="row">
<div class="col-md-2">
<div class="form-group required ">
<label class="control-label">Uhrzeit *</label>
<input type="datetime-local" class="form-control" name="uhrzeit" value="">
<?php if (!empty($r->getErrors()['uhrzeit'])): ?>
<div class="help-block"><?= $r->getErrors()['uhrzeit'] ?></div>
<?php endif; ?>
</div>
</div>
<div class="col-md-1"></div>
</div>
<div class="row">
<div class="form-group">
<button type="submit" name="submit" class="btn btn-success">Erstellen</button>
<a class="btn btn-default" href="view.php">Abbruch</a>
</div>
</div>
</form>
</div> <!-- /container -->
<?php
include '../layouts/bottom.php';
?>
<?php
if(isset($_POST['updatecustomer'])){
$customerID=trim($_POST['customerID']);
$customername=trim($_POST['customername']);
$mobilenumber=trim($_POST['mobilenumber']);
$Description=trim($_POST['description']);
$area=trim($_POST['area']);
if(empty($customername)){
$errorcustomername="Please Enter Customer Name";
}
elseif (empty($mobilenumber)) {
$Errormobilenumber="Please Enter Mobile Number";
}
elseif (empty($Description)) {
$Errordescription="Please Enter Description";
}
elseif (empty($area)) {
$Errorarea="Please Enter Address";
}
else
{
try {
if (trim($_FILES["image"]["name"])!=""){
$base=explode(".", strtolower(basename($_FILES["image"]["name"])));
$ext=end($base);
if($ext=="png" or $ext=="jpg" or $ext=="jpeg"){
$image1 = getimagesize($_FILES["image"]["tmp_name"]);
$width = $image1[0];
$height = $image1[1];
if($width<256 || $height<256){
$error = true;
$ErrorImage = "Please select an image with minimum resolution of 256x256 !";
}else{
$image1=uniqid().".".$ext;
move_uploaded_file($_FILES["image"]["tmp_name"], "picture/" . $image1);
$image1="picture/".$image1;
$con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
/update Query/
$sql="UPDATE customer SET shopID='$shopID',name='$customername',
mobile='$mobilenumber',area='$area',description='$Description',picture='$image1' WHERE customerID='$customerID'";
$con->exec($sql);
$sql1="UPDATE customerdetails SET area='$area' WHERE customerID='$customerID' ";
if (mysqli_query($conn,$sql1)) {
$success="Customer Updated Successfully";
}
else
{
$errorSubmit="Customer not Updated";
}
}
}
else {
}
$error = true;
$ErrorImage="invalid image extension !";
}
else {
$con->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql="UPDATE customer SET shopID='$shopID',name='$customername',mobile='$mobilenumber,area='$area',description='$Description' WHERE customerID='$customerID'";
$con->exec($sql);
$sql1="UPDATE customerdetails SET area='$area' WHERE customerID='$customerID' ";
if (mysqli_query($conn,$sql1)) {
$success="Customer Updated Successfully";
}
else
{
$errorSubmit="Customer not Updated";
}
}
}
catch(PDOException $e)
{
$errorSubmit= $e->getMessage();
}
}
}
?>
<div class="boxed">
<div id="content-container">
<div id="page-title">
<h1 class="page-header text-overflow">Update Customer</h1>
</div>
<ol class="breadcrumb">
<li>Dashboard</li>
<li>Customer</li>
<li class="active">Update Customer</li>
</ol>
<div id="page-content">
<div class="col-sm-12" style="padding-bottom: 5%">
<div class="panel">
<div class="panel-heading">
<h3 class="panel-title">Update Customer Details</h3>
</div>
<form class="form-horizontal" method="POST" enctype="multipart/form-data">
<div class="panel-body">
<?php
/join Query/
$id=mysqli_real_escape_string($conn,$_GET['id']);
$sql="SELECT customer.*,customerdetails.* FROM customer JOIN customerdetails ON customer.customerID=customerdetails.customerID WHERE customer.customerID='$id'";
$read=mysqli_query($conn,$sql);
while ($row1=mysqli_fetch_assoc($read)) {
# code...
?>
<input type="hidden" name="customerID" value="<?php echo $row1['customerID']; ?>">
<div class="form-group">
<label class="col-sm-3 control-label" for="demo-hor-inputemail">Customer Name</label>
<div class="col-sm-9">
<input type="text" name="customername" class="form-control" placeholder="Customer Name" value="<?php echo $row1['name']; ?>"
oninput="this.value = this.value.replace(/[^A-Za-z ]/g, ''); this.value = this.value.replace(/(\..*)\./g, '$1');" maxlength="60" required="">
<?php if (!empty($errorcustomername)) { ?> <p class="label label-danger"><?php echo $errorcustomernamee; ?></p> <?php } ?>
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label" for="demo-hor-inputemail">Mobile Number</label>
<div class="col-sm-9">
<input type="text" class="form-control" name="mobilenumber" placeholder="Mobile Number" value="<?php echo
$row1['mobile'];?>" oninput="this.value = this.value.replace(/[^0-9- ]/g, ''); this.value = this.value.replace(/(\..*)\./g, '$1');" maxlength="10"/>
<?php if (!empty($Errormobilenumber)) { ?> <p class="label label-danger"><?php echo $Errormobilenumber; ?></p> <?php } ?>
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label" for="demo-hor-inputemail">Address</label>
<div class="col-sm-9">
<input type="text" class="form-control" name="area" placeholder="Address" value="<?php echo $row1['area'];?>" />
<?php if (!empty( $Errorarea)) { ?> <p class="label label-danger"><?php echo $Errorarea; ?></p> <?php } ?>
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label" for="demo-hor-inputemail">Description</label>
<div class="col-sm-9">
<input type="text" class="form-control" name="description" placeholder="Description" value="<?php echo $row1['description'];?>" />
<?php if (!empty($Errordescription)) { ?> <p class="label label-danger"><?php echo $Errordescription; ?></p> <?php } ?>
</div>
</div>
<div class="form-group">
<label class="col-sm-3 control-label" for="demo-hor-inputemail">Picture</label>
<div class="col-sm-9">
<input type="file" class="form-control" name="image" placeholder="Password" value="<?php echo $row1['image'];?>"
/>
<?php if (!empty($Errorimage)) { ?> <p class="text text-danger"><?php echo $Errorimage; ?></p> <?php } ?>
</div>
</div>
<?php
}
?>
</div>
<div align="center">
<?php if (!empty($success)) { ?> <span class="label label-success"><?php echo $success; ?></span> <?php } ?>
<?php if (!empty($errorSubmit)) { ?> <span class="label label-danger"><?php echo $errorSubmit; ?></span> <?php } ?>
</div>
<div class="panel-footer text-right">
<button class="btn btn-success" type="submit" name="updatecustomer">Update Customer</button>
</div>
</form>
</div>
</div>
</div>
</div>
<?php
include 'include/sidebar.php';
include 'include/footer.php';
?>
<?php
}
else
{
header('location:login.php');
}
?>
please check first area is inserting to DB or not?
I am redirecting a user to a page named "forgot_pass" in such a way
"forgot_pass.php?code='$code'&username='$hidden_username'>".
But when user clicks on link for redirection the url seems like this
http://localhost/Validation/forgot_pass.php?code=
and there is no any page displayed.
The variables passed in url have values as i have already checked it. But they are not displaying when sent in url.
Help me in solving this issue.
reset.php
<?php
ini_set("display_errors", TRUE);
require_once './include/db_connection.php';
$pass = $_POST['pass'];
$pass1 = $_POST['pass1'];
$code = $_GET['code'];
$hidden_username = $_POST['username'];
if($pass == $pass1)
{
echo 'Password Changed !';
}
else
{
echo "Passowrd must match
<a href='forgot_pass.php?code='$code'&username='$hidden_username'>Try Again</a>
";
}
forgot_pass.php
<?php
ini_set("display_errors", TRUE);
require_once './include/db_connection.php';
if(isset($_GET['code']))
{
$get_code = (isset($_GET['code'])? $_GET['code'] : null);
$get_username =(isset($_GET['username']) ? $_GET['username'] : null);
$match_code = mysqli_query($link, "select * from signup where username='$get_username'");
if(mysqli_num_rows($match_code) > 0)
{
while($row = mysqli_fetch_assoc($match_code))
{
$db_username = $row['username'];
$db_code = $row['paareset'];
}
}
if($get_username == $db_username && $get_code == $db_code)
{ ?>
<html>
<head>
<meta charset="UTF-8">
<title>Change Password</title>
</head>
<body>
<div class="container">
<div class="row">
<div class="row">
<div class="col-md-4 col-md-offset-4">
<div class="panel panel-default">
<div class="panel-body">
<div class="text-center">
<h3><i class="fa fa-pencil fa-4x"></i></h3>
<h2 class="text-center">New Password?</h2>
<div class="panel-body">
<form class="form" method="post"
action= "reset_pass.php?code=<?php echo $get_code ?>"
<fieldset>
<div class="form-group">
<div class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-pencil color-blue"></i></span>
<input name="pass" placeholder="New Password" class="form-control" type="password" required="">
</div>
</div>
<div class="form-group">
<div class="input-group">
<span class="input-group-addon"><i class="glyphicon glyphicon-pencil color-blue"></i></span>
<input name="pass1" placeholder="Re-type Password" class="form-control" type="password" required="">
<input type="hidden" name="username" value="<?php echo $db_username ?>">
</div>
</div>
<div class="form-group">
<input class="btn btn-lg btn-primary btn-block" name="send" value="Change Password" type="submit">
</div>
<div class="form-group">
<span style="color: red"><?php if(isset($message['mail'])) {echo $message['mail']; } ?></span>
</div>
</fieldset>
</form>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
<?php
}
} // End if (isset['code'])
if(!isset($_GET['code']))
{
?>
<html>
<head>
</head>
<body>
// Here i am displaying another form that gets email address and sends email
</body>
</html>
<?php
}
Remove single-quotes around the arguments, you are using them to delimit the URL so don't use them inside the URL (or at least escape them) :
echo "Password must match <a href='forgot_pass.php?code=$code&username=$hidden_username'>Try Again</a>";
Try with this way
echo "Passowrd must match
Try Again"
you have mismatch in columns
try to change your code to
echo "Passowrd must match
<a href='forgot_pass.php?code=".$code."&username=".$hidden_username".'>Try Again</a>
"
Please check if your filenames are correct.
You named: reset.php and forgot_pass.php
In forgot_pass.php your action goes towards reset_pass.php
remove single quote
"forgot_pass.php?code=$code&username=$hidden_username>"
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 6 years ago.
Improve this question
Hope someone can help. I have a profile page that I want to display the logged in users details. So far I have this on the Profile page.
<?php
/* This script pulls the existing name input and displays it when the user logs in. */
session_start();
include("db.php"); ?>
<?php include("includes/header.php") ?>
<?php include("includes/nav.php") ?>
<?php
if(logged_in()) {
$result = mysqli_query($link,$query);
$row = mysqli_fetch_array($result);
if (!$_POST['name'] && $_POST['name']=="") $error.="<br />Please enter your name";
if (!$_POST['email'] && $_POST['email']=="") $error.="<br />Please enter your email";
if (!$_POST['DOB'] && $_POST['DOB']=="") $error.="<br />Please enter your date of birth";
if (!$_POST['country'] && $_POST['country']=="") $error.="<br />Please enter your country";
if ($error) {
echo '<div class="alert alert-success alert-dismissable">'.addslashes($error).'</div>';
}
if(isset($_POST['form-control'])) {
move_uploaded_file($_FILES['file']['tmp_name'],"img/".$_FILES['file']['name']);
$query = mysqli_query("UPDATE users SET image = '".$_FILES['file']['name']."'");
}
} else {
redirect("login.php");
}
?>
<Style>
.alert{
display:none;
}
#profileimg {
height: 100px;
width: auto;
}
</Style>
<div class="container">
<h1>Edit Profile</h1>
<hr>
<div class="row">
<!-- left column -->
<div class="col-md-3">
<div class="text-center">
<img src="//placehold.it/100" class="avatar img-circle" alt="avatar" id="profileimg">
<h6>Upload a different photo...</h6>
<input class="form-control" type="file" name="name">
</div>
</div>
<!-- edit form column -->
<div class="col-md-9 personal-info">
<div class="alert alert-success alert-dismissable">
<button type="button" class="close" data-dismiss="alert" aria-hidden="true">×</button>
<strong>Profile updated.</strong>
</div>
<h3>Personal info</h3>
<form class="form-horizontal" role="form" action="edit_profile.php" method="post">
<div class="form-group">
<label class="col-lg-3 control-label name">name:</label>
<div class="col-lg-8">
<input class="form-control" value="<?php echo $row['name'];?>" type="text" name="name" required>
</div>
</div>
<div class="form-group">
<label class="col-lg-3 control-label">Email:</label>
<div class="col-lg-8">
<input class="form-control" value="<?php echo $row['email'];?>" type="text" name="email" required>
</div>
</div>
<div class="form-group">
<label class="col-lg-3 control-label">DOB:</label>
<div class="col-lg-8">
<input class="form-control" value="<?php echo $row['DOB'];?>" type="date" name="DOB" required>
</div>
</div>
<div class="form-group">
<label class="col-lg-3 control-label">Country</label>
<div class="col-lg-8">
<input class="form-control" value="<?php echo $row['country'];?>" type="text" name="country" required>
</div>
</div>
<div class="form-group">
<label class="col-md-3 control-label"></label>
<div class="col-md-8">
<input class="btn btn-primary" value="Save Changes" type="submit">
<span></span>
<input class="btn btn-default" id="updated" value="Cancel" type="reset">
</div>
</div>
</form>
</div>
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
<!-- Include all compiled plugins (below), or include individual files as needed -->
<script src="js/bootstrap.min.js"></script>
<script>
$("#updated").click(function(){
$(".alert").hide().show('medium');
</script>
</body>
</html>
I then have another php file for the updating which is this:
<?php
session_start();
include("db.php");
$name = $_POST['name'];
$email = $_POST['email'];
$DOB = $_POST['DOB'];
$country = $_POST['country'];
$password = md5($salt.$_POST['password']);
$query = "UPDATE users SET name = '".$name."', email = '".$email."', DOB = '".$DOB."', country = '".$country."', password = '".$password."'";
$result = mysqli_query($link,$query);
header('Location: profile.php');
?>
So the short is it doesn't display or update and I am not sure why. I am new to PHP so go easy on me if this is simple, I have searched but can't seem to find the answer.
Thanks in advance.
Im also new to this but normally when I check if a SESSION id is active I use
if(isset($_SESSION['id'])) {
$query = "UPDATE users SET name = '".$name."', email = '".$email."', DOB = '".$DOB."', country = '".$country."', password = '".$password."' WHERE id='".$_SESSION['id']."'";
}
You also need to echo back the indexed rows that you are trying to query to display results
$name = row['username'];
echo $name;
There are lots of errors in your code: You are trying to upload a file in the same page whereas you send the form data to another page. How you handle form validation is also a little overhead. What I did change in the form is: I add name="save" in your submit button and added new hidden input for storing your user profile id. I am not sure what login() function did in your code, better stick to if($id){}.
Try this:
<?php
/* This script pulls the existing name input
and displays it when the user logs in. */
session_start();
include("db.php");
include("includes/header.php");
include("includes/nav.php");
$id = $_SESSION['id'];
if(loginned()) {//you can do if($id){}
$query="SELECT * FROM users WHERE id='$id' LIMIT 1";
$result = mysqli_query($link,$query);
$row = mysqli_fetch_array($result);
?>
<style>
.alert{
display:none;
}
#profileimg {
height: 100px;
width: auto;
}
</style>
<div class="container">
<h1>Edit Profile</h1>
<hr>
<div class="row">
<!-- left column -->
<!-- edit form column -->
<div class="col-md-9 personal-info">
<div class="alert alert-success alert-dismissable">
<button type="button" class="close" data-dismiss="alert"
aria-hidden="true">×</button>
<strong>Profile updated.</strong>
</div>
<h3>Personal info</h3>
<form class="form-horizontal" role="form"
action="edit_profile.php" method="post">
<div class="form-group">
<label class="col-lg-3 control-label name">name:</label>
<div class="col-lg-8">
<input class="form-control" value="<?php echo $row['name'];?>"
type="text" name="name" required>
</div>
</div>
<div class="col-md-3">
<div class="text-center">
<img src="//placehold.it/100" class="avatar
img-circle" alt="avatar" id="profileimg">
<h6>Upload a different photo...</h6>
<input class="form-control" type="file" name="name">
</div>
</div>
<div class="form-group">
<label class="col-lg-3 control-label">Email:</label>
<div class="col-lg-8">
<input class="form-control" value="<?php echo $row['email'];?>"
type="text" name="email" required>
</div>
</div>
<div class="form-group">
<label class="col-lg-3 control-label">DOB:</label>
<div class="col-lg-8">
<input class="form-control" value="<?php echo $row['DOB'];?>"
type="date" name="DOB" required>
</div>
</div>
<div class="form-group">
<label class="col-lg-3 control-label">Country</label>
<div class="col-lg-8">
<input class="form-control" value="<?php echo $row['country'];?>"
type="text" name="country" required>
</div>
</div>
<div class="form-group">
<input type="hidden" name="id" value="<?php echo $row['id'];?>">
<label class="col-md-3 control-label"></label>
<div class="col-md-8">
<input class="btn btn-primary" name="save"
value="Save Changes" type="submit">
<span></span>
<input class="btn btn-default" id="updated"
value="Cancel" type="reset">
</div>
</div>
</form>
</div>
<?php }else{ redirect("login.php"); } ?>
edit_profile.php First we check whether any post with a name of save is there, We validate the posted data. if validation is successful, we proceed to upload your file and then run your update query.
<?php
session_start();
include("db.php");
if(isset($_POST['save'])){
$id = isset($_POST['id'])? $_POST['id']:'';
$name = isset($_POST['name'])? $_POST['name']:'';
$email = isset($_POST['email'])? $_POST['email']:'';
$dob = isset($_POST['DOB'])? $_POST['DOB']:'';
$pass = isset($_POST['passwrd'])? md5($salt.$_POST['password']):'';
$country = isset($_POST['country'])? $_POST['country']:'';
if(empty($name)){
$error = 'Please enter your name';
}elseif(empty($email)){
$error = 'Please enter your email';
}elseif(empty($dob)){
$error = 'Please enter your date of birth';
}elseif(empty($country)){
$error = 'Please enter your country';
}elseif(empty($pass)){
$error = 'Please enter your password';
}else{
move_uploaded_file($_FILES['file']['tmp_name'],"img/".$_FILES['file']['name']);
$query = mysqli_query("UPDATE users SET image = '".$_FILES['file']['name']."'
WHERE id='$id'");
$query = "UPDATE users SET name = '$name', email = '$email',
DOB = '$DOB', country = '$country', password = '$password'
WHERE id='$id'";
$result = mysqli_query($link,$query);
header('Location: profile.php');
}
}
?>
<?php if(!empty($error)){
echo '<div class="alert alert-success
alert-dismissable">'.addslashes($error).'</div>';
}else{
echo '<div class="alert alert-success">Success</div>';
}
?>
I have added a demo here. At least this will help:
PHP Code
<?php
if (!isset($_SESSION)) { session_start(); }
include "connect.php";
include "functions.php";
if (!isset($_SESSION['login']) || $_SESSION['login'] !== true) {
header('location: no_acces.php');
exit();
} else {
$id_user = $_SESSION['userid'];
$q_user = mysqli_query($conn, "SELECT * FROM users WHERE id = $id_user");
if (mysqli_num_rows($q_user) === 1) {
$r_user = mysqli_fetch_assoc($q_user);
} else {
unset($_SESSION['login']);
unset($_SESSION['userid']);
header('location: no_acces.php');
exit();
}
}
$error = "";
$userQuery = mysqli_query($conn, "SELECT username FROM users");
$user = mysqli_fetch_assoc($userQuery);
$id = $_GET['id'];
if (isset($_POST['edit_contact'])) {
$roepnaam = $_POST['roepnaam'];
$naam = $_POST['naam'];
$land = $_POST['land'];
$bedrijf = $_POST['bedrijf'];
$adres1 = $_POST['adres1'];
$adres2 = $_POST['adres2'];
$stad = $_POST['stad'];
$postcode = $_POST['postcode'];
$provincie = $_POST['provincie'];
$telefoon = $_POST['telefoon'];
$email = $_POST['email'];
$captcha= $_POST['g-recaptcha-response'];
if(!$captcha){
$error = "Er is een fout opgetreden";
}
if ($error == "") {
$insertUser = ("UPDATE address SET
roepnaam = '$roepnaam', naam = '$naam', bedrijf = '$bedrijf', telefoon = '$telefoon', email = '$email', adres1 = '$adres1', adres2 = '$adres2', stad = '$stad', postcode = '$postcode', provincie = '$provincie', land = '$land' WHERE id = $id");
if (mysqli_query($conn, $insertUser)) {
$_SESSION['edit_contact'] = true;
header('location: address_book.php');
} else {
$error = "Er is een fout opgetreden";
}
}
}
?>
HTML Code
<!DOCTYPE html>
<html lang="en">
<body>
<form action="" method="post">
<?php if ($error !== "") { ?>
<div class="row">
<div class="col-md-12 error">
<?php echo $error; ?>
</div>
</div>
<?php } ?>
<label for="firstName" class="control-label">Naam:</label>
<div class="row ">
<div class="col-md-6">
<input type="text" class="form-control" id="firstName" placeholder="Roepnaam" name="roepnaam" value="<?php if (isset($_POST['roepnaam'])) { echo $_POST['roepnaam']; } ?>" required/>
</div>
<div class="col-md-6">
<input type="text" class="form-control" id="lastName" placeholder="Naam" name="naam" value="<?php if (isset($_POST['naam'])) { echo $_POST['naam']; } ?>" required/>
</div>
</div>
<label for="username" class="control-label">Bedrijf:</label>
<div class="row ">
<div class="col-md-12">
<input type="text" class="form-control" id="username" placeholder="Bedrijf" name="bedrijf" value="<?php if (isset($_POST['bedrijf'])) { echo $_POST['bedrijf']; } ?>" required/>
</div>
</div>
<label for="password" class="control-label">Telefoonnummer:</label>
<div class="row ">
<div class="col-md-12">
<input type="text" class="form-control" id="password" placeholder="Telefoonnummer" name="telefoon" value="<?php if (isset($_POST['telefoon'])) { echo $_POST['telefoon']; } ?>" required/>
</div>
</div>
<label for="email" class="control-label">Email:</label>
<div class="row ">
<div class="col-md-12">
<input type="text" class="form-control" id="email" placeholder="E-mailadres" name="email" value="<?php if (isset($_POST['email'])) { echo $_POST['email']; } ?>" required/>
</div>
</div>
<label for="adres1" class="control-label">Adres:</label>
<div class="row">
<div class="col-md-12">
<input type="text" class="form-control" id="adres1" placeholder="Adres 1" name="adres1" value="<?php if (isset($_POST['adres1'])) { echo $_POST['adres1']; } ?>" required/>
</div>
</div>
<div class="row padding-top-10">
<div class="col-md-12">
<input type="text" class="form-control" id="adres2" placeholder="Adres 2" name="adres2" value="<?php if (isset($_POST['adres2'])) { echo $_POST['adres2']; } ?>"/>
</div>
</div>
<div class="row">
<div class="col-md-3">
<label for="postcode" class="control-label">Postcode:</label>
</div>
<div class="col-md-5">
<label for="city" class="control-label">Stad:</label>
</div>
<div class="col-md-4">
<label for="regio" class="control-label">Regio:</label>
</div>
</div>
<div class="row ">
<div class="col-md-3">
<input type="text" class="form-control" id="postcode" placeholder="Postcode" name="postcode" value="<?php if (isset($_POST['postcode'])) { echo $_POST['postcode']; } ?>" required/>
</div>
<div class="col-md-5">
<input type="text" class="form-control" id="city" placeholder="Stad" name="stad" value="<?php if (isset($_POST['stad'])) { echo $_POST['stad']; } ?>" required/>
</div>
<div class="col-md-4">
<input type="text" class="form-control" id="regio" placeholder="Provincie" name="provincie" value="<?php if (isset($_POST['provincie'])) { echo $_POST['provincie']; } ?>" required/>
</div>
</div>
<label for="land" class="control-label">Land:</label>
<div class="row ">
<div class="col-md-12">
<input type="text" class="form-control" id="password" placeholder="Land" name="land" value="<?php if (isset($_POST['land'])) { echo $_POST['land']; } ?>" required/>
</div>
</div>
<div class="row">
<div class="col-md-8 padding-top-10 ">
<div class="g-recaptcha " data-sitekey="6LcCsBoTAAAAAK72uzyJSrgWwD8xuF6jFIfgFaHX"></div>
</div>
</div>
<div class="row">
<div class="col-md-2 padding-top-10">
<input type="submit" name="edit_contact" class="btn btn-succes" value="Wijzigen">
</div>
<div class="col-md-2 padding-top-10">
<input type="text" name="delete_contact" action="delete_contact.php" class="btn btn-succes" value="Contact verwijderen">
</div>
</div>
</form>
</body>
</html>
PHP Code
<?php
if (!isset($_SESSION)) { session_start(); }
include "connect.php";
include "functions.php";
if (!isset($_SESSION['login']) || $_SESSION['login'] !== true || !isset($_SESSION['userid']) || $_SESSION['userid'] == "") {
header('location: login.php');
exit();
} else {
session_regenerate_id();
}
$id = $_GET['id'];
$query = "DELETE FROM address WHERE id= $id";
mysqli_query ($query);
if (mysql_affected_rows() == 1) {
header('location: addressbook.php');
} else {
echo "Verwijderen mislukt";
}
?>
I'm trying to make a delete button for my contacts within the addressbook. but everytime I click "Contact verwijderen" the webpage resets it self and the contact won't be deleted. Could anyone help me to fix this?
You input is a text input and you don't have a form asociated with it,create one and change the type of submit to submit
<form action="delete_contact.php" method="post">
//other inputs
<input type="submit" name="delete_contact" class="btn btn-succes" value="Contact verwijderen">
</form>
You are mixing MySQL and MySQLi functions:
mysqli_query ($query);
if (mysql_affected_rows() == 1)
You cannot mix MySQL with MySQLi, your code should be:
mysqli_query ($query);
if (mysqli_affected_rows($conn) == 1)
Add a normal link to delete the contact, you don't need a form.
<a href="delete_contact.php?id=<?php echo $id ?>">
Contact verwijderen
</a>