無法更新用戶個人資料中的某些字段
[英]Can't update some fields in user profile
問題描述
我對 PHP 和 MySQL 比較陌生,我正在嘗試學習如何創建允許用戶編輯其信息的用戶配置文件頁面。 我遇到的問題是某些字段不會更改,例如用戶名、email 和聯系人字段。 但是,我可以單獨更改名稱字段,但不能與其他字段一起更改。 我沒有被重定向回來,也沒有彈出錯誤,所以我不確定如何解決這個問題。 下面是我的代碼。
<?php
include 'db_conn.php';
session_start();
if (!isset($_SESSION['userid'])){
header("Location:login.php");
}
$select = mysqli_query($con, "SELECT * FROM user WHERE userid = $_SESSION[userid]") or die('query failed');
if(mysqli_num_rows($select) > 0){
$fetch = mysqli_fetch_assoc($select);
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Profile</title>
<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/water.css@2/out/water.css">
</head>
<body>
<form action="update-profile-check.php" method="post">
<h2>PROFILE</h2>
<?php if (isset($_GET['error'])) { ?>
<p class="error"><?php echo $_GET['error']; ?></p>
<?php } ?>
<?php if (isset($_GET['success'])) { ?>
<p class="success"><?php echo $_GET['success']; ?></p>
<?php } ?>
<label>User Name</label>
<input type="text"
name="uname"
placeholder="User Name"
value="<?php echo $fetch['username']; ?>"><br>
<label>Name</label>
<input type="text"
name="name"
placeholder="Name"
value="<?php echo $fetch['name']; ?>"><br>
<label>Email</label>
<input type="text"
name="email"
placeholder="Email"
value="<?php echo $fetch['email']; ?>"><br>
<label>Contact</label>
<input type="text"
name="contact"
placeholder="Contact"
value="<?php echo $fetch['contact']; ?>"><br>
<button type="submit">Update Profile</button>
<a href="profile.php" class="delete-btn">go back</a>
<a href="change-pw.php" class="delete-btn">change password</a>
</form>
</body>
</html>
<?php
session_start();
include "db_conn.php";
$select = mysqli_query($con, "SELECT * FROM user WHERE userid = $_SESSION[userid]") or die('query failed');
if(mysqli_num_rows($select) > 0){
$fetch = mysqli_fetch_assoc($select);
}
$oguname = $fetch['username'];
$ogemail = $fetch['email'];
$ogcontact = $fetch['contact'];
$ogname = $fetch['name'];
$userid = $_SESSION["userid"];
if (isset($_POST['uname']) || isset($_POST['name']) || isset($_POST['email']) || isset($_POST['contact'])) {
function validate($data){
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}
$uname = validate($_POST['uname']);
$name = validate($_POST['name']);
$email = validate($_POST['email']);
$contact = validate($_POST['contact']);
$user_data = 'uname='. $uname. '&name='. $name. '&email='. $email. '&contact='. $contact;
if (empty($uname)) {
header("Location: update-profile.php?error=User Name is required&$user_data");
exit();
}
else if(empty($name)){
header("Location: update-profile.php?error=Name is required&$user_data");
exit();
}
else if(empty($email)){
header("Location: update-profile.php?error=Email is required&$user_data");
exit();
}
else if(empty($contact)){
header("Location: update-profile.php?error=Contact is required&$user_data");
exit();
}
else if(!preg_match("/^([a-zA-Z-' ]+)$/", $name)){
header("Location:update-profile.php?error=Name can only contain letters&$user_data");
exit();
}
else if (strlen($name) > 51){
header("Location:update-profile.php?error=Name is too long&$user_data");
exit();
}
else if ($oguname !== $_POST['uname']){
$sql = "SELECT * FROM user WHERE username='$uname' ";
$result = mysqli_query($con, $sql);
if (!preg_match("/^[A-Za-z][A-Za-z0-9]{2,16}$/", $uname)){
header("Location: update-profile.php?error=Username can only contain letters (a-z) and numbers (0-9) and must have a minimum of three characters and maximum of 15 characters&$user_data");
exit();
}
if (mysqli_num_rows($result) > 0) {
header("Location: update-profile.php?error=That username is already taken&$user_data");
exit();
}
}
else if($ogemail !== $_POST['email']){
$sql2 = "SELECT * FROM user WHERE email='$email' ";
$result2 = mysqli_query($con, $sql2);
if (!filter_var($email, FILTER_VALIDATE_EMAIL)){
header("Location: update-profile.php?error=Invalid Email&$user_data");
exit();
}
if (mysqli_num_rows($result2) > 0) {
header("Location: update-profile.php?error=That email has already been used!&$user_data");
exit();
}
}
else if ($ogcontact !== $_POST['contact']){
$sql3 = "SELECT * FROM user WHERE contact='$contact' ";
$result3 = mysqli_query($con, $sql3);
if(!preg_match("/^[89]\d{7}$/", $contact)){
header("Location: update-profile.php?error=Invalid Phone Number&$user_data");
exit();
}
if (mysqli_num_rows($result3) > 0) {
header("Location: update-profile.php?error=Phone number has already been used&$user_data");
exit();
}
}
else{
$sql4= "UPDATE user SET username = ?, email = ?, contact = ?, name = ? WHERE userid = ?; ";
$query = $con->prepare($sql4);
$query->bind_param("ssisi" ,$uname, $email, $contact, $name, $userid);
if ($query -> execute()){
header("Location: update-profile.php?success=Succesfully updated");
exit();
}else {
header("Location: update-profile.php?error=unknown error occurred&$user_data");
exit();
}
}
}
else{
header("Location:update-profile.php");
exit();
}
我不確定為什么只能更改名稱字段,但 rest 只是重定向並且什么也沒改變。 另外,我正在嘗試合並更多准備好的語句,以防止以后發生 SQL 注入。
1 個解決方案
解決方案1
0 2023-01-06 15:44:55
通過刪除帶有 $sql4 的 else 語句解決了這個問題。
有沒有辦法使用 WooCommerce 操作同時更新用戶角色和 WordPress 中用戶配置文件上的 ACF 字段?
[英]Is there a way to update a user role and update ACF fields on the user profile in WordPress at the same time using WooCommerce actions?
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.