user3311898 user3311898 - 1 year ago 59
SQL Question

PHP update profile works fine on local host when hosted on server stop works

I have my PHP code working on my localhost perfectly fine but once i have uploaded the page to a server it comes out differently, can anyone suggest whats the problem

I shouldn't be getting the fields with this bit of code in it:


here is the link to the page I am talking about:


Here is the code:


header("location: user1.php"+$u);
} else {
header ("location: index.php");
// see if the form has been completed
// Initialize any variables that the page might echo
$u = "";
$firstname = "";
$surname = "";
$gender = "Male";
$country = "";
$weight = "";
$height = "";

$u = preg_replace('#[^a-z0-9]#i', '', $_GET['u']);

$sql = "SELECT * FROM users WHERE username='$u' AND activated='1' LIMIT 1";
$user_query = mysqli_query($db_conx, $sql);

// check if the user exists in the database
while ($row = mysqli_fetch_array($user_query, MYSQLI_ASSOC)) {
$firstname = $row["firstname"];
$surname = $row["surname"];
$weight = $row["weight"];
$height = $row["height"];
$email = $row["email"];
$gender = $row ["gender"];
if (isset($_POST['submit'])){
$firstname = $_POST['firstname'];
$surname = $_POST['surname'];
$weight = $_POST['weight'];
$height = $_POST['height'];
$email = $_POST['email'];
$gender = $_POST['gender'];
mysql_connect ("studentnet","k1003140","k1003140"); mysql_select_db('db_k1003140');
// check if that user exist
$exists = mysql_query ("SELECT * FROM users WHERE firstname='" . $firstname . "'") or die ("query cant connect");
if (mysql_num_rows ($exists) != 0) {
// update the description in the database
mysql_query("UPDATE users SET firstname='$firstname', surname='$surname', weight='$weight', height='$height' WHERE firstname='$firstname'") or die ("update could not be applied");
echo "successful";
} else echo "the name does not exist";

Here is the PHP of my code

<!DOCTYPE html>
<title>update MySql form</title>
<div id="pageMiddle">

<form action="user1.php" method="POST">
<p>First Name: <input type="text" name="firstname" id="firstname" value="<?=$firstname?>"></p>
<p>Surname: <input type="text" name="surname" id="surname" value="<?=$surname?>"></p>
<p>Weight: <input type="text" name="weight" id="weight" value="<?=$weight?>"></p>
<p>Height: <input type="text" name="height" id="height" value="<?=$height?>"></p>
<p> <input type="submit" name="submit" id="submit" value="Update Description"></p>

Can anyone suggest how i can make user to edit their detail with $u not firstname because if anyone has the same name will be changing the other users detail, also is this safe or can anyone update anyone's detail.

Answer Source

Before PHP 5.4 The short syntax operator for printing

<?= $var ?>

required short_open_tag to be turned on in the php.ini

The issue is most likely because you have short_open_tag enabled (or a newer version of php on your test server than on your live one.

If you edit your php.ini and make sure it is set to

short_open_tag = On

Then restart your webserver this should solve your problem

If you are not able to edit the php.ini then it is also possible to set short_open_tag via the .htaccess file