I'm new to php and I have a login system and an account which allows users to edit their details however when they fill in the form the database does not update and my error message does not show? Can anyone help?
accountamend.php
<?php
include 'connection.php'; // this includes my connection to the database
$ID=$_GET['ID'];
$query="SELECT ID, email, password, FROM users WHERE ID=$ID";
$result=mysqli_query($connection,$query) or die (mysqli_error($connection));
if (mysqli_num_rows($result)>0){
$row=mysqli_fetch_assoc($result);
} else {
$row=NULL;
}
?>
<html>
<head>
<title> Update Details </title>
<link rel="stylesheet" href="homecss.css"/>
<link href='http://fonts.googleapis.com/css?family=Nunito:400,700' rel='stylesheet' type='text/css'>
</head>
<body>
<form method ="post" action="amendaccount.php">
<fieldsetclass="fieldset-width">
<legend>
Enter New Details
</legend>
<input type="hidden" name"ID" value="<?php echo $ID; ?>" />
<label for="email">Email: </label>
<input type = "text" name="email" value="<?php echo $row['email']; ?>" />
<br/>
<label for ="password"> Password: </label>
<input type = "password" name="password" value="<?php echo $row['password']; ?>" />
</fieldset>
<input type="submit" value="submit" name="submit" />
<input type="reset" value="clear" />
</form>
</body>
</html>
editaccount.php
<?php
include 'connection.php';
$ID=$_POST['ID'];
$email=$_POST['email'];
$password=$_POST['password'];
$query="UPDATE users SET email='$email', password='$password' WHERE ID='$ID'";
mysqli_query($connection,$query);
echo "Update Success";
?>
Looks like you have an error in your code here:
<input type="hidden" name"ID" value="<?php echo $ID; ?>" />
Should be:
<input type="hidden" name="ID" value="<?php echo $ID; ?>" />
in your editaccount.php you could add something like
printf("Errormessage: %s\n", mysqli_error($connection));
after your mysqli_query statement so you could see the latest error (if any).
Did you output your $query and try to execute it by hand? Maybe this shows you an error as well?
Related
This code is intended to just take an ID and Pass without any kind of authentication and remember the data if the checkbox were to be checked. I can not figure it why is it not saving the data to cookies.
<?php
if(isset($_POST["chk"],$_POST["id"],$_POST["pass"])) {
$id=$_POST["id"];
$pwd=$_POST["pass"];
if (isset($_POST["chkbx"])){
setcookie("id","$id",time()+3600);
setcookie("pwd","$pwd",time()+3600);
$id=$_COOKIE["id"];
$pwd=$_COOKIE["pwd"];
}
print "Your ID " . $id;
print "Your PASS ". $pwd;
}
?>
<html>
<head>
<title>
Remember Me
</title>
</head>
<body>
Please Enter ID and PASS
<form method="post" >
Enter ID
<input type="text" name="id" />
Enter PASS
<input type="text" name="pass" />
<input type="submit" value="submit" /><br>
<input type="checkbox" name="chkbx" />Remember Me
<input type="hidden" name="chk" value="true" />
</form>
</body>
</html>
You code is correct but it needs to clean it up
in this part I add a condition to check is there is anything first in the $_COOKIE
before print it
if(isset($_COOKIE['id']) && isset($_COOKIE['pwd'])){
print "Your ID: " . $_COOKIE['id'] . '<br>';
print "Your PASS: ". $_COOKIE['pwd'] . '<br>';
}
your code will be like this
<?php
if($_SERVER['REQUEST_METHOD'] == 'POST') {
$id = $_POST["id"];
$pwd = $_POST["pass"];
if (isset($_POST["chkbx"])){
setcookie("id", $id ,time()+3600);
setcookie("pwd", $pwd, time()+3600);
}
}
if(isset($_COOKIE['id']) && isset($_COOKIE['pwd'])){
print "Your ID: " . $_COOKIE['id'] . '<br>';
print "Your PASS: ". $_COOKIE['pwd'] . '<br>';
}
?>
<html>
<head>
<title>
Remember Me
</title>
</head>
<body>
Please Enter ID and PASS
<form method="post" >
Enter ID
<input type="text" name="id" value="<?= isset($_COOKIE['id'])? $_COOKIE['id']: '' ?>" />
Enter PASS
<input type="text" name="pass" value="<?= isset($_COOKIE['pwd'])? $_COOKIE['pwd']: '' ?>" />
<input type="submit" value="submit" /><br>
<input type="checkbox" name="chkbx" />Remember Me
<input type="hidden" name="chk" value="true" />
</form>
</body>
</html>
After clicking on the login button it remains on the same page and it does not give nay output for example:if i put in a wrong userid or password it should echo something but it does not echo anything and stays the same
the code for LOGIN.PHP FILE is:
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>title of the document</title>
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<form action"signin.php" method="POST">
<input type="text" name="uid" placeholder="Username"><br>
<input type="password" name="password" placeholder="PAssword"><br>
<button type="submit">SIGN IN</button><br>
</form>
<br><br><br><br>
<form action="signup1.php" method="POST">
<input type="text" name="firstname" placeholder="Firstname"><br>
<input type="text" name="lastname" placeholder="Lastname"><br>
<input type="text" name="uid" placeholder="Username"><br>
<input type="password" name="password" placeholder="PAssword"><br>
<button type="submit">SIGN UP</button><br>
</form>
</body>
</html>
the signin.php file is:
<?php
include 'dbh1.php';
$userid=$_POST['uid'];
$pwd=$_POST['password'];
$sql="select * from userlogin where uid='$userid' AND password='$pwd'";
$result = $conn->query($sql);
if (!$row = $result->fetch_assoc())
{
echo "YOU ARE NOT LOGGED IN INCORRECT CREDENTIALS!!";
}
else {
echo "SUCCESFULLY LOGGED IN!!";
}
I have tried this and it is working. Here learn prepared statements
<form action"signin.php" method="POST">
<input type="text" name="uid" placeholder="Username"><br>
<input type="password" name="password" placeholder="PAssword"><br>
<input type="submit" value="Sign In" />
</form>
<?php
include 'database.php';
$userid=$_POST['uid'];
$pwd=$_POST['password'];
$stmt = $conn->prepare("select * from userlogin where uid=? AND password=?");
$stmt->bind_param("ss",$userid, $pwd);
$stmt->execute();
$result = $stmt->get_result();
$row = $result->fetch_assoc();
$stmt->close();
With prepared statements you have achieved a lot of things. Just try to check it.
Using php, i created an edit option that basically lets u change the data in the record. However, after clicking on submit, the data doesn't get saved on the table nor do i get any errors.. I am quite confused. Here r my codes:
<html>
<body>
<?php
include('db.php');
if (isset($_GET['Id'])) {
$Id=$_GET['Id'];
if (isset($_POST['submit'])) {
$Fname=$_POST['Fname'];
$Lname=$_POST['Lname'];
$Age=$_POST['Age'];
$Nationality=$_POST['Nationality'];
$PhoneNumber=$_POST['PhoneNumber'];
$Email=$_POST['Email'];
$query3=mysql_query("UPDATE `students` SET `Fname`='$Fname',`Lname`='$Lname',`Age`='$Age',`Nationality`='$Nationality',`PhoneNumber`='$PhoneNumber',`Email`='$Email' WHERE `Id`='$Id'");
if($query3) {
header('location:index1.php');
}
}
$query1=mysql_query("select * from students where Id='$Id'");
$query2=mysql_fetch_array($query1);
?>
<form method="post" action="">
First Name:<input type="text" name="name" value="<?php echo $query2['Fname']; ?>" /><br />
Last Name:<input type="text" name="name" value="<?php echo $query2['Lname']; ?>" /><br />
Age:<input type="text" name="age" value="<?php echo $query2['Age']; ?>" /><br />
Nationality:<input type="text" name="name" value="<?php echo $query2['Nationality']; ?>" /><br />
Phone Number:<input type="text" name="name" value="<?php echo $query2['PhoneNumber']; ?>" /><br />
Email:<input type="text" name="name" value="<?php echo $query2['Email']; ?>" /><br />
<br />
<input type="submit" name="submit" value="update" />
</form>
<?php
}
?>
</body>
</html>
This is the code for saving the information into mysql database from a FORM.
In the HTML section the form is being handled i.e. retrieving required data from user.
In the PHP section storing data has been handled.
But the problem is it doesn't store data.
I'm using XAMPP server.
<html>
<head>
<title>signup</title>
<link rel="stylesheet" href="css/insert.css" />
</head>
<body>
<div class="maindiv">
<!--HTML form -->
<div class="form_div">
<div class="title"><h2>Insert Data In Database Using PHP.</h2> </div>
<form action="signup.php" method="post"> <!-- method can be set POST for hiding values in URL-->
<h2>Form</h2>
<label>Name:</label>
<br />
<input class="input" type="text" name="name" value="" />
<br />
<label>Email:</label><br />
<input class="input" type="text" name="mail" value="" />
<br />
<label>Phone:</label><br />
<input class="input" type="text" name="phone" value="" />
<br />
<label>Password:</label><br />
<input class="input" type="text" name="pass" value="" />
<br />
<label>Address:</label><br />
<textarea rows="5" cols="25" name="add"></textarea>
<br />
<input class="submit" type="submit" name="submit" value="Insert" />
<?php
//Establishing Connection with Server
$connection = mysql_connect("localhost", "root", "buet2010");
//Selecting Database from Server
$db = mysql_select_db("tanni", $connection);
if(isset($_POST['submit'])){
//Fetching variables of the form which travels in URL
$name = $_POST['name'];
$mail = $_POST['mail'];
$phone = $_POST['phone'];
$pass = $_POST['pass'];
$add = $_POST['add'];
if($name !=''||$email !=''){
//Insert Query of SQL
$query = mysql_query($db, "INSERT INTO user (name, mail, phone, pass, add)VALUES('$name', '$mail', '$phone', '$pass', '$add')");
echo "<br/><br/><span>Data Inserted successfully...!!</span>";
}
else{
echo "<p>Insertion Failed <br/> Some Fields are Blank....!!</p>";
}
}
//Closing Connection with Server
mysql_close($connection);
?>
</form>
</div>
</div>
</body>
I don't understand what can be the problem.
Thanks all. I got the problem.
Actually the sequence of the column in my database was not matching with the query in php code.
I have solved this by changing the variable sequence in the query which is maintained in the database.
$query = mysql_query("INSERT INTO user (`name`, `mail`, `pass`, `address`, `phone`)VALUES('".$name."', '".$mail."', '".$pass."', '".$address."', '".$phone."')");
Here is the code and it will work for your..
I have passed connection link in your mysql_query. and used PHP_SELF for current page.
<html>
<head>
<title>signup</title>
<link rel="stylesheet" href="css/insert.css" />
</head>
<body>
<div class="maindiv">
<!--HTML form -->
<div class="form_div">
<div class="title"><h2>Insert Data In Database Using PHP.</h2> </div>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <!-- method can be set POST for hiding values in URL-->
<h2>Form</h2>
<label>Name:</label>
<br />
<input class="input" type="text" name="name" value="" />
<br />
<label>Email:</label><br />
<input class="input" type="text" name="mail" value="" />
<br />
<label>Phone:</label><br />
<input class="input" type="text" name="phone" value="" />
<br />
<label>Password:</label><br />
<input class="input" type="text" name="pass" value="" />
<br />
<label>Address:</label><br />
<textarea rows="5" cols="25" name="add"></textarea>
<br />
<input class="submit" type="submit" name="submit" value="Insert" />
<?php
//Establishing Connection with Server
$connection = mysql_connect("localhost", "root", "buet2010");
//Selecting Database from Server
$db = mysql_select_db("tanni", $connection);
if(isset($_POST['submit'])){
//Fetching variables of the form which travels in URL
$name = $_POST['name'];
$mail = $_POST['mail'];
$phone = $_POST['phone'];
$pass = $_POST['pass'];
$add = $_POST['add'];
if($name !=''||$email !=''){
//Insert Query of SQL
$query = mysql_query($db, "INSERT INTO user (name, mail, phone, pass, add)VALUES('$name', '$mail', '$phone', '$pass', '$add')",$connection);
echo "<br/><br/><span>Data Inserted successfully...!!</span>";
}
else{
echo "<p>Insertion Failed <br/> Some Fields are Blank....!!</p>";
}
}
//Closing Connection with Server
mysql_close($connection);
?>
</form>
</div>
</div>
</body>
I'm creating a website which allows users to register an account and login with it. Now, I would like for them to be able to update their particulars like username and email. I've followed a guide here as I happened to be using the same code as him in register.php however it did not work. I'm quite a beginner in php so please bear with me! Help is appreciated.
register.php
<?php
if(!empty($_POST['username']) && !empty($_POST['password']))
{
$username = mysql_real_escape_string($_POST['username']);
$password = md5(mysql_real_escape_string($_POST['password']));
}
$email = mysql_real_escape_string($_POST['email']);
$checkusername = mysql_query("SELECT * FROM users WHERE username = '".$username."'");
if(mysql_num_rows($checkusername) == 1)
{
echo "<h1>Error</h1>";
echo "<p>Sorry, that username is taken. Please go back and try again.</p>";
}
else
{
$registerquery = mysql_query("INSERT INTO users (username, password, email) VALUES('".$username."', '".$password."', '".$email."')");
if($registerquery)
{
echo "<h1>Success</h1>";
echo "<p>Your account was successfully created. Please click here to login.</p>";
}
else
{
echo "<h1>Error</h1>";
echo "<p>Sorry, your registration failed. Please go back and try again.</p>";
}
}
?>
<h1>Register</h1>
<p>Please enter your details below to register.</p>
<form method="post" action="register.php" name="registerform" id="registerform">
<fieldset>
<label for="username">Username:</label><input type="text" name="username" id="username" /><br />
<label for="password">Password:</label><input type="password" name="password" id="password" /><br />
<label for="email">Email Address:</label><input type="text" name="email" id="email" /><br />
<input type="submit" name="register" id="register" value="Register" />
</fieldset>
</form>
</div>
</body>
</html>
When I enter editprofile.php, the page is blank. this is my editprofile.php
<?php
include "base.php";
session_start();
if(!empty($_SESSION['LoggedIn']) && !empty($_SESSION['username']))
{
$nameuser = $_SESSION['username'];
$checkinfo = mysql_query("SELECT * FROM users WHERE username = '$nameuser'");
while($results = mysql_fetch_array($checkinfo,MYSQL_ASSOC)) {
$id = $results['id'];
$username = $results['username'];
$email = $results['email'];
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$editNAME=$_POST['username'];
$editEMAIL=$_POST['email'];
$editID=$_POST['id'];
$editquery = mysql_query("UPDATE users SET username='$editNAME' , email='$editEMAIL' WHERE id='$editID'");
if($editquery)
{
echo "<b>Success!</b>";
echo "Your profile was successfully updated. Please click here to view.";
}
else
{
echo "<b>Error</b>";
echo "<p>Sorry, your profile update failed. Please go back and try again.</p>";
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Edit Profile</title>
<link rel="stylesheet" href="styles.css" type="text/css" />
</head>
<body>
<form method="post" action="editprofile.php" name="editform" id="editform">
<p>Username: <input type="text" name="username" id="username" value="<?php echo $username; ?>" /></p>
<p>Email Address : <input type="email" name="email" id="email" value="<?php echo $email; ?>"></p>
<input type="submit" name="save" value="Save"/>
<input type="hidden" name="id" value="<?php echo $id; ?>" />
</form>
</body>
<?php
include "base.php";
session_start();
?>
<?php
if(!empty($_SESSION['LoggedIn']) && !empty($_SESSION['username']))
{
$nameuser = $_SESSION['username'];
$checkinfo = mysql_query("SELECT * FROM users WHERE username = '$nameuser'");
while($results = mysql_fetch_array($checkinfo,MYSQL_ASSOC)){
$id = $row['id'];
$username = $row['username'];
$email = $row['email'];
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$editNAME=$_POST['username'];
$editEMAIL=$_POST['email'];
$editID=$_POST['id'];
$editquery = mysql_query("UPDATE users SET username='$editNAME' , email='$editEMAIL' WHERE id='$editID'");
if($editquery)
{
echo "<b>Success!</b>";
echo "Your profile was successfully updated. Please click here to view.";
}
else
{
echo "<b>Error</b>";
echo "<p>Sorry, your profile update failed. Please go back and try again.</p>";
}
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8" />
<title>Edit Profile</title>
<link rel="stylesheet" href="styles.css" type="text/css" />
</head>
<body>
<form method="post" action="editprofile.php" name="editform" id="editform">
<p>Username: <input type="text" name="username" id="username" value="<?php echo $username; ?>" /></p>
<p>Email Address : <input type="email" name="email" id="email" value="<?php echo $email; ?>"></p>
<input type="submit" name="save" value="Save"/>
<input type="hidden" name="id" value="<?php echo $id; ?>" />
</form>
</body>
you try this....
Not 100% sure but you try..