curreent login user record updation Error In PHP
Question
i want that when ever a login user want they can change their record(address,etc). for such purpose i make a autofill form for the current login user.Now the Problem is that the data won,t be updated..
My Form Code IS........
<?php session_start();
include 'conn.php';
include '../includes/layouts/header.php';
if(!isset($_SESSION['user']))
{
header("location:signin.php");
}
$sql="SELECT * FROM signup";
$qry=mysql_query($sql);
$rows=mysql_fetch_array($qry);
?>
<div id="main">
<div id="navigation">
</div>
<div id="page">
<h2>Login Section</h2>
<p>Welcome to LMS</p>
<form method="post" action="update.php">
<div class="reg_section">
<h3>Your Personal Information</h3>
<input type="text" name="fname" value="<?php echo $rows[1];?>" placeholder="First Name"><br>
<input type="text" name="lname" value="<?php echo $rows[2];?>" placeholder="Last Name"><br>
<input type="text" name="uname" value="<?php echo $rows[3];?>" placeholder="Desired Username"><br>
<input type="text" name="email" value="<?php echo $rows[4];?>" placeholder="Email"><br>
<input type="text" name="department" value="<?php echo $rows[5];?>" placeholder="Department"><br>
<input type="text" name="id" value="<?php echo $rows[6];?>" placeholder="Id #"/><br>
<input type="text" name="phone" value="<?php echo $rows[7];?>" placeholder="Phone #"/><br>
</div>
<div class="reg_section">
<h3>Your Password</h3>
<input type="password" name="pass" value="<?php echo $rows[8];?>" placeholder="Your Password"><br>
<input type="password" name="cpass" value="<?php echo $rows[8];?>" placeholder="Confirm Password">
</div>
<div class="reg_section">
<h3>Your Address</h3>
<input type="text" name="address" value="<?php echo $rows[9];?>" placeholder="Address">
</div>
<p class="submit"><input type="submit" name="submit" value="Update Info"></p>
</form>
</div>
</div>
My PHP CODE IS..........
<?php session_start();
if(isset($_POST['submit']))
{
$fname=$_POST['fname'];
$lname=$_POST['lname'];
$user=$_POST['uname'];
$email=$_POST['email'];
$depart=$_POST['department'];
$id=$_POST['id'];
$phone=$_POST['phone'];
$pass=$_POST['pass'];
$address=$_POST['address'];
$qry="UPDATE signup SET First_Name=$$fname,Last_Name=$$lname,Username=$$user,Email=$$email,Department=$$depart,Employe_Id=$$id,Phone=$$phone,Password=$$pass,Address=$$address WHERE Username=$$user";
if(mysql_query($qry))
{
header('location:setting.php');
}
}
?>
Can any one know that what is the error...
2 answers
solution1
0 2014-04-19 08:22:08
As mentioned in my first comment above you have a problem in how you construct your query. You were using double dollar chars ( $$ ) which does not make any sense. The result is that you run an empty query which explains why not record is updated.
As a first step alter your query like this:
$qry = "UPDATE signup SET
First_Name='$fname', Last_Name='$lname', Username='$user',
Email='$email', Department='$depart', Employe_Id='$id',
Phone='$phone', Password='$pass', Address='$address'
WHERE Username='$user'";
You do not implement any form of error handling, that is why you don't see the error you get from mysql. Please take a look at some tutorials about how to do that.
Also consider my second comment about preventing sql injections. At least, as some kind of "hot fix" you should use mysql_real_ecape() on all user input you integrate into your query. But as said, the only real solution is to switch to "prepared statements".
solution2
0 ACCPTED 2014-04-19 08:25:29
try this sql
$qry="UPDATE signup
SET First_Name='$fname', Last_Name='$lname', Username='$user', Email='$email',Department='$depart', Employe_Id='$id', Phone='$phone', Password='$pass', Address='$address'
WHERE Username='$user' LIMIT 1 ";
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.