I've been so out of touch with using PHP outside of content management systems that I've forgot some of the basic syntax etc. What I'm trying to build is a simple form that collects some user data and sends it to a database table called 'creathive_applications'.
Here is my HTML form:
<form action="<?php bloginfo('home'); ?>" method="post">
<fieldset id="membershipform">
<ul class="clearfix">
<li id="li-status">
<span>I am a:</span>
<menu>
<li><label for="student"><input disabled="disabled" type="radio" name="status" id="student" checked="checked" value="Graduate" /> Graduate</label></li>
<li><label for="student2"><input disabled="disabled" type="radio" name="status" id="student2" value="Undergraduate" /> Undergraduate</label></li>
</menu>
</li>
<li id="li-firstname">
<label for="firstname">First Name</label> <input name="firstname" disabled="disabled" type="text" placeholder="First Name" id="firstname" title="First Name" />
</li>
<li id="li-lastname">
<label for="lastname">Last Name</label> <input name="lastname" disabled="disabled" type="text" placeholder="Last Name" id="lastname" title="Last Name" />
</li>
<li id="li-email">
<label for="email">Email address</label> <input name="email" disabled="disabled" type="text" placeholder="Email address" id="email" title="Email address" />
</li>
<li id="li-url">
<label for="url">URL</label> <input name="url" disabled="disabled" type="text" placeholder="URL of something you've made" id="url" title="URL of something you've made" />
</li>
<li id="li-buttons">
<input name="submit" type="submit" value="Send Application ►" title="Send Application" onclick="alert('Invites available from March 2011');" />
</li>
</ui>
</fieldset>
</form>
and here is the PHP jazz:
if(isset($_POST['submit']))
{
$status = $_POST['status'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email = $_POST['email'];
$url = $_POST['url'];
$host = '####';
$username = '####';
$pass = '####';
mysql_connect($host,$username,$pass);
mysql_select_db($username);
$query = "INSERT INTO creathive_applications VALUES (NULL,'".$status."','".$firstname."','".$lastname."','".$email."','".$url."')";
$result = mysql_query($query);
}
Can anyone help me fix this as I can't remember how to run my SQL statement and send the data to the database :/ Also I've added the database username and password as well as host but what about the database name? Where does that go again?
I know this is a rather n00b question, but any help would be much appreciated.
THANKS A LOT
Well, with no error it's impossible to tell what to fix.
However, there are some obvious things to do.
See the comments:
<?
//show all possible errors. should be ALWAYS set to that level
error_reporting(E_ALL);
echo "landed at form handler<br>";
// sometimes buttons not being sent or gets misspelled
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
echo "here goes POST processing<br>";
$host = '####';
$username = '####';
$pass = '####';
mysql_connect($host,$username,$pass);
mysql_select_db($username);
// all strings should be escaped
// and it should be done after connecting to DB
$status = mysql_real_escape_string($_POST['status']);
$firstname = mysql_real_escape_string($_POST['firstname']);
$lastname = mysql_real_escape_string($_POST['lastname']);
$email = mysql_real_escape_string($_POST['email']);
$url = mysql_real_escape_string($_POST['url']);
$query = "INSERT INTO creathive_applications
VALUES (NULL,'$status','$firstname','$lastname','$email','$url')";
echo $query;
// always run your queries this way to be notified in case of error
$result = mysql_query($query) or trigger_error(mysql_error().". Query: ".$query);
var_dump($result);
}
in case you still see no error, add this line temporarily to the top of the script
ini_set('display_errors',1);
and remove it immediately after you get the problem solved.
EDIT
added some debug info.
If you see none of it's messages, you're sending your form to the wrong URL.
If you see some of them, post it here
As Brian noted, you should post if any errors are happening.
The main thing I notice is that you are using variables that potentially have no values. Radio buttons do not send their values if they are not toggled.
Use something like this to cover your bases:
if(isset($_POST['status']))
{
$status = $_POST['status'];
}
Don't know if that's your problem. Consider adding more information. :)
if(count($_POST) > 0){
$status = $_POST['status'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$email = $_POST['email'];
$url = $_POST['url'];
$host = '####';
$username = '####';
$pass = '####';
$mydb = mysql_connect($host,$username,$pass);
// mysql_select_db($username);
//are you using your username as db name?
mysql_select_db("yourdbname");
$query = "INSERT INTO creathive_applications VALUES (NULL,'".mysql_real_escape_string($status)."','".mysql_real_escape_string($firstname)."','".mysql_real_escape_string($lastname)."','".mysql_real_escape_string($email)."','".mysql_real_escape_string($url)."')"; //use mysql_real_escape_string for security
$result = mysql_query($query);
//show error if query fails.
if (!$result) {
die('Invalid query: ' . mysql_error());
}
mysql_close($mydb); //close the connection
}
add the mysql_error(); and see if it prints out errors
Related
I've been trying to resolve this but i can't see the error. please help me. This is my code so far. What should i do? i checked every detail but cant find it. when i click the button, there's no error and it will return in the reservation.php page. I also have a "res_id" in my database which is auto increment. how should i include it in the insert statement?
Php code:
<?
$conn = mysqli_connect("localhost","root","") or die(mysql_error());
mysqli_select_db("hoteldb",$hoteldb) or die("no db found");
if(isset($_POST['confirm'])){
$fname= $_POST['fname'];
$lname= $_POST['lname'];
$contact= $_POST['contact'];
$username= $_POST['username'];
$password= $_POST['password'];
$email= $_POST['email'];
$address= $_POST['address'];
$checkin= $_POST['checkin'];
$checkout= $_POST['checkout'];
$query="INSERT INTO reservation(fname,lname,contact,username,password,email,address,checkin,checkout)
VALUES ('$fname','$lname','$contact','$username','$password','$email','$address','$checkin','$checkout')";
mysql_query($query,$conn);
mysqli_close($conn);
}
?>
Html code:
<form action="reservation.php" method="post">
<div>
<label>Title:</label>
<select name="title">
<option value="ms">Ms.</option>
<option value="mr">Mr.</option>
<option value="mrs">Mrs.</option>
</select>
</div>
<div >
<label>First Name:</label>
<input type="text" name="fname">
</div>
<div>
<label>Last Name:</label>
<input type="text" name="lname">
</div>
<div>
<label>Phone Number:</label>
<input type="text" name="contact">
</div>
<div>
<label>Username:</label>
<input type="text" name="username" >
</div>
<div >
<label>Password:</label>
<input type="password" name="password" >
</div>
<div >
<label>Email Address:</label>
<input type="text" name="email" >
</div>
<hr>
<h5>Address</h5>
<div >
<label>Full Address:</label>
<input type="text" name="address" >
</div>
<hr>
<h5>Date</h5>
<div >
<legend>Check-in</legend>
<input type="date" name="checkin">
<legend>Checkout </legend>
<input type="date" name="checkout">
</div>
<input type="submit" name="confirm">
</form>
or is it because of the date picker? if so, can you please teach me how to use the date picker? its my first time using it. Thank you! :)
try to get error description: (add after $query's definition)
if (!mysqli_query($conn, $query)) {
echo("Error description: " . mysqli_error($conn));
}
Try turning on PHP errors to not get just an empty page.
http://php.net/manual/en/mysqli.query.php
mysql_query($query, $conn);
this should be
mysqli_query($conn, $query);
I also have a "res_id" in my database which is auto increment. how should i include it in the insert statement?
Since it's set to "auto increment", you dont need to do anything with it
Also, try looking at PDO, it's safer and takes less code to use.
When you connect to the database you use mysql, after this you are trying to insert data using mysqli_query, it is impossible. You have to replace
mysql_query($query,$conn);
with
mysqli_query($conn, $query);
so your php will look like this
<?
$conn = mysqli_connect("localhost","root","") or die(mysql_error());
mysqli_select_db("hoteldb",$hoteldb) or die("no db found");
if(isset($_POST['confirm'])){
$fname= $_POST['fname'];
$lname= $_POST['lname'];
$contact= $_POST['contact'];
$username= $_POST['username'];
$password= $_POST['password'];
$email= $_POST['email'];
$address= $_POST['address'];
$checkin= $_POST['checkin'];
$checkout= $_POST['checkout'];
$query="INSERT INTO reservation(fname,lname,contact,username,password,email,address,checkin,checkout)
VALUES ('$fname','$lname','$contact','$username','$password','$email','$address','$checkin','$checkout')";
mysqli_query($conn, $query);
mysqli_close($conn);
}
?>
This is main problem.
You can use this templates any time u need insert something in your database
https://www.w3schools.com/php/php_mysql_insert.asp
If u want to use mysqli go to
Example (MySQLi Procedural) part
But I would recommend to use PDO;
The error in Mysqli_select_db statement.
You need correct your statement.
mysqli_select_db("hoteldb",$hoteldb) or die("no db found");
insted of this
mysqli_select_db($conn,"hoteldb") or die("no db found");
I have the tables users and register in my database. I've created a login page which starts a session using the users table, then people fill out a form to insert data into the register table. I've used the following code to insert the data. My code doesn't have errors but the thing is it is not inserted to my table. Please help me. Thanks.
<?php
include("includes/db.php");
session_start();
if(!isset($_SESSION['user_name'])){
header("location: login.php");
}
else { ?>
<html>
<body>
<h2>New users Signup!</h2>
<form action="login.php" method="post">
<input type="text" name = "firstname" placeholder="Firstname"/>
<input type="text" name = "lastname" placeholder="Lastname"/>
<input type="text" name = "address" placeholder="Address"/>
<input type="text" name = "contact" placeholder="Contact"/>
<input type="text" name = "email" placeholder="Email Address"/>
<input type="password" name = "password" placeholder="Password"/>
<div class = "bttn">
<button type="submit" name = "submit" class="btn btn-default">Signup</button>
</div>
</form>
</body>
</html>
<?php
if(isset($_POST['submit']))
{
$users_firstname = $_POST['firstname'];
$users_lastname = $_POST['lastname'];
$users_address = $_POST['address'];
$users_contact = $_POST['contact'];
$users_email = $_POST['email'];
$users_password = $_POST['password'];
$users_date = date('Y-m-d');
if($users_firstname=='' or $users_lastname=='' or $users_address=='' or $users_contact=='' or $users_email=='' or $users_password=='')
{
echo "<script>alert('Any of the fields is empty')</script>";
exit();
} else {
$insert_query = mysql_query("insert into users (users_firstname,users_lastname,users_address,users_contact,users_email,users_password,users_date) values ('$users_firstname','$users_lastname','$users_address','$users_contact','$users_email','$users_password','$users_date')");
$users_id=mysql_insert_id();
if(mysql_query($insert_query)) {
echo "<script>alert('post published successfuly')</script>";
}
}
}
} ?>
Now try this code:
<?php
include("includes/db.php");
session_start();
if(!isset($_SESSION['user_name'])){
header("location: login.php");
}
else {
?>
<html>
<body>
<?php
if(isset($_POST['submit']))
{
$users_firstname = $_POST['firstname'];
$users_lastname = $_POST['lastname'];
$users_address = $_POST['address'];
$users_contact = $_POST['contact'];
$users_email = $_POST['email'];
$users_password = $_POST['password'];
$users_date = date('Y-m-d');
if($users_firstname=='' or $users_lastname=='' or $users_address=='' or $users_contact=='' or $users_email=='' or $users_password=='')
{
echo "<script>alert('Any of the fields is empty')</script>";
exit();
}
else
{
$insert_query = mysql_query("INSERT INTO `users` (users_firstname, users_lastname, users_address, users_contact, users_email, users_password, users_date) values ('$users_firstname', '$users_lastname', '$users_address', '$users_contact', '$users_email', '$users_password', '$users_date')");
$users_id=mysql_insert_id();
echo "<script>alert('post published successfuly')</script>";
}
}
?>
<h2>New users Signup!</h2>
<form action="" method="post">
<input type="text" name="firstname" placeholder="Firstname"/>
<input type="text" name="lastname" placeholder="Lastname"/>
<input type="text" name="address" placeholder="Address"/>
<input type="text" name="contact" placeholder="Contact"/>
<input type="text" name="email" placeholder="Email Address"/>
<input type="password" name="password" placeholder="Password"/>
<div class="bttn">
<button type="submit" name="submit" class="btn btn-default">Signup</button>
</div>
</form>
</body>
</html>
<?php } ?>
I have:
Repositioned your PHP code for inserting to be at the top of the form
changed <form action="login.php" to <form action="" because we are executing from the same page
Your query has already run so removed the if(mysql_query...
Removed the spaces in the form e.g. name = " nameofform" to name="nameofform"
I don't see any reason for having this $users_id=mysql_insert_id();, YOu should use auto-increment for the userID on your database
But since we don't know how you have connected to your database, because also that can be an issue: you can also try this way
<?php
//connect to DB
$hostname_localhost = "localhost"; //hostname if it is not localhost
$database_localhost = "databasename";
$username_localhost = "root"; //the username if it is not root
$password_localhost = "password_if_any"; //if no password leave empty
$localhost = mysql_pconnect($hostname_localhost, $username_localhost, $password_localhost) or trigger_error(mysql_error(),E_USER_ERROR);
?>
<?php
// include("includes/db.php");
if (!isset($_SESSION)) {
session_start();
}
if(!isset($_SESSION['user_name'])){
header("location: login.php");
}
else {
?>
<html>
<body>
<?php
if(isset($_POST['submit']))
{
$users_firstname = $_POST['firstname'];
$users_lastname = $_POST['lastname'];
$users_address = $_POST['address'];
$users_contact = $_POST['contact'];
$users_email = $_POST['email'];
$users_password = $_POST['password'];
$users_date = date('Y-m-d');
if($users_firstname=='' or $users_lastname=='' or $users_address=='' or $users_contact=='' or $users_email=='' or $users_password=='')
{
echo "<script>alert('Any of the fields is empty')</script>";
exit();
}
else
{
$insert_query = sprintf("INSERT INTO `users` (users_firstname, users_lastname, users_address, users_contact, users_email, users_password, users_date) values ('$users_firstname', '$users_lastname', '$users_address', '$users_contact', '$users_email', '$users_password', '$users_date')");
mysql_select_db($database_localhost, $localhost);
$Result = mysql_query($insert_query, $localhost) or die(mysql_error());
echo "<script>alert('post published successfuly')</script>";
}
}
?>
<h2>New users Signup!</h2>
<form action="" method="post">
<input type="text" name="firstname" placeholder="Firstname"/>
<input type="text" name="lastname" placeholder="Lastname"/>
<input type="text" name="address" placeholder="Address"/>
<input type="text" name="contact" placeholder="Contact"/>
<input type="text" name="email" placeholder="Email Address"/>
<input type="password" name="password" placeholder="Password"/>
<div class = "bttn">
<button type="submit" name="submit" class="btn btn-default">Signup</button>
</div>
</form>
</body>
</html>
<?php } ?>
You should removed the whitespaces in your html-code:
Wrong
<input type="text" name = "firstname" placeholder="Firstname"/>
^^^^^
Correct
<input type="text" name="firstname" placeholder="Firstname"/>
Do not put the variables in single quotes:
$insert_query = mysql_query("INSERT INTO users
(users_firstname,users_lastname,users_address,users_contact,users_email,users_password,users_date)
VALUES
($users_firstname,$users_lastname,$users_address,$users_contact,$users_email,$users_password,$users_date)");
Update: This was wrong. The whole string is in double-quotes so the OP did correct and my notice was wrong. For information-purposes i will let stand the link to the documentation here.
Note: Unlike the double-quoted and heredoc syntaxes, variables and escape sequences for special characters will not be expanded when they occur in single quoted strings.
Read more about single- and double-quotes in the PHP documentation.
Do not double-run the query/perform wrong function-call
$insert_query = mysql_query(".......");
........
if(mysql_query($insert_query)){
echo "<script>alert('post published successfuly')</script>";
}
You already have run the query in the first line. If you want to check if it was successful, you have to use if($insert_query) {}. The call mysql_query($insert_query) is wrong because mysql_query() returns a ressource instead of the sql-query.
Do not use mysql_*() function calls. You mysqli_*() instead.
Warning
This extension was deprecated in PHP 5.5.0, and it was removed in PHP 7.0.0. Instead, the MySQLi or PDO_MySQL extension should be used. See also MySQL: choosing an API guide and related FAQ for more information. Alternatives to this function include:
mysqli_query()
PDO::query()
Check your use of session.
You are checking the $_SESSION for user_name and if it is not set, you are redirecting via header("location: login.php").
The problem is, that you are never inserting the user_name into the session, so it will always be not set.
You can set the value via $_SESSION['user_name'] = $_POST['user_name']. Have in mind that you have to set the session before checking the session-value. ;-)
remove action
Try this
<form action="" method="post">
I am making a PHP Journal through a form, but no matter what I do, it always comes up as successfully posted. I've tried using empty() and null but I'm not sure what I'm doing wrong.
Here is the HTML for the form:
<form action="journal_post.php" method="post">
<p>Give your entry a title.</p>
<input class="input" type="text" name="title" />
<p>What is your mood today?</p>
<input class="input" type="text" name="mood" />
<p>Now please tell me about your day.</p>
<textarea class="input" name="entry" rows="12" cols="75" type="text"> </textarea>
<br>
<br>
<input class="submit" type="image" src="submit.png" name="submit" value="Submit" />
<form>
Here is the PHP:
<?php
$servername = "localhost";
$username = "root";
$password = "blahblah";
debug_to_console($password);
//Establishing Connection with Server
$connection = mysql_connect($servername, $username, $password);
//Selecting Database from Server
$journal_db = mysql_select_db("journal_db", $connection);
if(isset($_POST['submit'])){
//Fetching variables of the form which travels in URL
$title = $_POST['title'];
$mood = $_POST['mood'];
$entry = $_POST['entry'];
if($title !=''||$entry !=''){
//Insert Query of SQL
$query = mysql_query("insert into entrys(j_title, j_mood, j_entry) values ( '$title', '$mood', '$entry')");
echo "<br/><br/><span>Journal entry recorded..!!</span>";
}
else{
echo "<p>Insertion Failed <br/> Some Fields are Blank....!!</p>";
}
}
//Closing Connection with Server
mysql_close($connection);
?>
Change:
if($title !=''||$entry !=''){
to:
if($title !=''&&$entry !=''){
You want to check that both $title and $entry aren't empty, not either-or.
You should definitely use isset() to check the field before insertion into database
the line
<textarea class="input" name="entry" rows="12" cols="75" type="text"> </textarea>
actually adds a space in the entry, change it to
<textarea class="input" name="entry" rows="12" cols="75" type="text"></textarea>
hi i am trying to create a registration page using html and php and the database is mysql. the IDE i am using is cloud9. the code for my form is as follows:
<form action="signup_code.php" method="post">
<p>Name<br/><input type="text" name="name" maxlength="20" ></p>
<p>Phone Number<br/><input type="number" name="phone" maxlength="20" ></p>
<p>Email<br/><input type="email" name="email" maxlength="50" ></p>
<p>Password<br/><input type="password" name="pass1" maxlength="20" ></p>
<p>Confirm Password<br/><input type="password" name="pass2" maxlength="20" ></p>
<p>Address<br/><input type="text" name="address" maxlength="20" ></p>
<button type="submit" class="btn btn-default">Signup
</button>
</form>
the code in the signup_code .php is :
<?php
$IP = "0.0.0.0";
$dbuser = "bhaskey";
$conn = mysqli_connect($IP, $dbuser, "","trydb");
if(! $conn )
{
die('Could not connect: ' . mysqli_error());
}
$name = $_POST['name'];
$phone = $_POST['phone'];
$email = $_POST['email'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
$address = $_POST['address'];
$query = "SELECT email FROM user_main where email='".$email."'";
$result = mysqli_query($conn,$query);
$numResults = mysqli_num_rows($result);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) // Validate email address
{
$message = "Invalid email address please type a valid email!!";
}
elseif($numResults>=1)
{
$message = $email." Email already exist!!";
}
else
{
mysqli_query("(insert into user_main(name,phone, email,pass1, pass2, address) values
('".$name."','".$phone."', '".$email."', '".pass1."','",$pass2."','".$address."')");
echo $message = "Signup Sucessfully!!";
}
mysqli_close($conn);
?>
however when i am executing the the code i.e clicking the signup button in the form, it is giving me the following result
"Cannot POST /bhaskey/eshopper/signup_code.php"
where i am going wrong. i am sure it must be a silly mistake. but since i am pretty new and still in learning phase, it is becoming troublesome for me.
EDIT: i tried to pass the whole path of the .php file to the action in form. but after i click on the submit button, the page turns whte and nothing is displayed anymore.
i tried clearing browser cache but its not helping.
You have to replace your this code
$conn = mysql_connect($IP, $dbuser, "","trydb");
to this code
$conn = new mysqli($IP, $dbuser, "","trydb");
and also replace this code
mysql_close($conn);
to this code
mysqli_close($conn);
$IP = "0.0.0.0";?
Instead you should use 'localhost' or possibly 127.0.0.1.
Question at hand:
How do I create the php code to let users who are logged into my site edit/update their profile settings/information?
I have 1 part working correctly for users to change their password, however, have no idea where to start when it comes to allowing users who are logged in to edit/update their other settings such as:
(1) nickname,
(2) country,
(3) date of birth,
(4) gender,
(5) motto and
(6) bio
I'll provide the php and html code below that I have that is working for changing password, but I know that I need more to let users change/edit/update their other information. I tried using what is below as a reference to create the php code for the other information, but it didn't work so I have no idea where to even begin! Any help will be much appreciated...
PHP reference code:
if($_POST['submit']=='Change')
{
$err = array();
if(!$_POST['password1'] || !$_POST['passwordnew1'])
$err[] = 'All the fields must be filled in!';
if(!count($err))
{
$_POST['password1'] = mysql_real_escape_string($_POST['password1']);
$_POST['passwordnew1'] = mysql_real_escape_string($_POST['passwordnew1']);
$row = mysql_fetch_assoc(mysql_query("SELECT id,username FROM members WHERE username='{$_SESSION['username']}' AND pass='".md5($_POST['password1'])."'"));
if($row['username'])
{
$querynewpass = "UPDATE members SET pass='".md5($_POST['passwordnew1'])."' WHERE username='{$_SESSION['username']}'";
$result = mysql_query($querynewpass) or die(mysql_error());
$_SESSION['msg']['passwordchange-success']='* You have successfully changed your password!';
}
else $err[]='Wrong password to start with!';
}
if($err)
$_SESSION['msg']['passwordchange-err'] = implode('<br />',$err);
header("Location: members.php?id=" . $_SESSION['username']);
exit;
}
HTML reference code:
<form action="" method="post">
<label class="grey" for="password1">Current Password:</label>
<input class="field" type="password" name="password1" id="password1" value="" size="23" />
<label class="grey" for="password">New Password:</label>
<input class="field" type="password" name="passwordnew1" id="passwordnew1" size="23" />
<input type="submit" name="submit" value="Change" class="bt_register" style="margin-left: 382px;" />
<div class="clear"></div>
<?php
if($_SESSION['msg']['passwordchange-err'])
{
echo '<div class="err">'.$_SESSION['msg']['passwordchange-err'].'</div>';
unset($_SESSION['msg']['passwordchange-err']);
}
if($_SESSION['msg']['passwordchange-success'])
{
echo '<div class="success">'.$_SESSION['msg']['passwordchange-success'].'</div>';
unset($_SESSION['msg']['passwordchange-success']);
}
?>
</form>
So how would I create the php code to make this work for users to be able to edit/update their own profile settings/information from the numeric list I provided above (1-6)?
And I know using mysqli/pdo is a better alternative to use, but I unfortunately need to use the old deprecated mysql_* stuff for this project at this time...
If you need more info, let me know ;)
EDIT:
Additional Question,
I'd assume too that I'd need to create variables for each column too such as:
$nickname = $_POST['nickname'];
$country = $_POST['country'];
etc...or is that not correct?
RE-EDIT:
Would something like this be applicable?
$id = $_SESSION['id'];
if ($_POST['country']) {
$country = $_POST['country'];
$nickname = $_POST['nickname'];
$DOB = $_POST['DOB'];
$gender = $_POST['gender'];
$motto = $_POST['motto'];
$bio = $_POST['bio'];
$sql = mysql_query("UPDATE members SET country='$country', nickname='$nickname', DOB='$DOB', gender='$gender', motto='$motto', bio='$bio' WHERE id='$id'");
exit;
}
$sql = mysql_query("SELECT * FROM members WHERE id='$id' LIMIT 1");
while($row = mysql_fetch_array($sql)){
$country = $row["country"];
$nickname = $row["nickname"];
$DOB = $row["DOB"];
$gender = $row["gender"];
$motto = $row["motto"];
$bio = $row["bio"];
}
Or am I way off base?
short version ;)
HTML file:
<form action="./change.php" method="post">
Nickname: <input type="text" name="nickname"><br />
Country: <input type="text" name="country"><br />
Date of birth: <input type="text" name="date_of_birth"><br />
Gender: <input type="text" name="gender"><br />
Motto: <input type="text" name="motto"><br />
Bio: <input type="text" name="bio"><br />
<input type="submit" value="Submit">
</form>
change.php:
<?php
function filter($date)
{
return trim(htmlspecialchars($date));
}
$nickname = filter($_POST['nickname'])
$country = filter($_POST['country'])
$date_of_birth = filter($_POST['date_of_birth'])
$gender = filter($_POST['gender'])
$motto = filter($_POST['motto'])
$bio = filter($_POST['bio'])
if (isUserLogIn)
{
//SQL update query
}
?>