John Johnson John Johnson - 7 months ago 23
SQL Question

php- Editing profile page of a user

Hi i would like to allow the user to update the details of himself (profile page)
my page works fine but when i click the update button the page just refreshes and the details stay unchange here is my code.

<?php
session_start();
include_once 'dbconfig.php';

if(!isset($_SESSION['user']))
{
header("Location: index.php");
}
$res=mysql_query("SELECT * FROM users WHERE user_id=".$_SESSION['user']);
$userRow=mysql_fetch_array($res);



if( isset($_POST['username']) )
{
$username= $_POST['username'];
$id = $_POST['user_id'];
$sql = "UPDATE users SET user_name='$username' user_id=".$_SESSION['user'];
$res = mysql_query($sql)
or die("Could not update".mysql_error());
echo "<meta http-equiv='refresh' content='0;url=profile.php'>";
}
if( isset($_POST['useremail']) )
{
$useremail= $_POST['useremail'];
$id = $_POST['user_id'];
$sql = "UPDATE users SET user_email='$useremail' WHEREuser_id=".$_SESSION['user'];
$res = mysql_query($sql)
or die("Could not update".mysql_error());
echo "<meta http-equiv='refresh' content='0;url=profile.php'>";
}

if( isset($_POST['userabout']) )
{
$userabout= $_POST['userabout'];
$id = $_POST['user_id'];
$sql = "UPDATE users SET user_about='$userabout' WHERE user_id=".$_SESSION['user'];
$res = mysql_query($sql)
or die("Could not update".mysql_affected_rows());
echo "<meta http-equiv='refresh' content='0;url=profile.php'>";
}

error_reporting(-1);
?>






<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title><?php echo $userRow['user_email']; ?>s Profile</title>
<link rel="stylesheet" href="style.css" type="text/css" />
</head>
<body>

<div class="box">

<input type="button"/>

<div class="menubar">
<div class="menu">
<ul id="menubar">
<li><?php echo $userRow['user_email']; ?><a href="logout.php?logout">Sign Out</a></li>
</ul>
</div>
<div class="menu1">
<ul id="menubar">
<li><a class="upload" href="index1.php">Upload</a></li>
</ul>
</div>

</div>







<div class="main">
<form action="profile.php" method="POST">
<div>
<label for="uname"><a>User Name:</a></label>
<input type="text" name="username" value="<?php echo $userRow['user_name'];?>"/>
</div>

<div>
<label for="email"><a>Email:</a></label>
<input type="text" name="useremail" value="<?php echo $userRow['user_email'];?>"/>
</div>
<div>
<label for="about"><a>About me:</a></label>
<textarea name="userabout" rows="10" cols="30"><?php echo $userRow['user_about'];?></textarea>
</div>

<input type="submit" value="Update">
<div>
</div>

</form>







</div>



<div id="mainv">
<table width="80%" border="1">
<tr>
<th colspan="4">your uploads...<label><a href="index.php">upload new files...</a></label></th>
</tr>
<tr>
<td>File Name</td>
<td>File Type</td>
<td>File Size(KB)</td>
<td>View</td>
</tr>

<video width="700" height="500" controls="autoplay">
<source src="mmm.mp4" type="video/mp4">
</video>

<?php
$sql="SELECT * FROM tbl_uploads";
$result_set=mysql_query($sql);
while($row=mysql_fetch_array($result_set))
{
?>
</source>
<tr>
<td><?php echo $row['file'] ?></td>
<td><?php echo $row['type'] ?></td>
<td><?php echo $row['size'] ?></td>

<td><a href="uploads/<?php echo $row['file'] ?>"target="frame_a">view file</a></td>
</a>
</tr>
<?php
}
?>
</table>


</div>
<div class="mid">
<div class="main2"><div class="pop"><div class="pop1"><h2>More Popular videos<h2></div><div class="pop2"></div></div></div>
<div class="com"><div class="comm"><div class="comm1"><h2>Best comments of the week<h2></div><div class="comm2"></div></div></div>
</div>


</body>

</html>


i know this is old php but i started my project with it half way through the project i realized that there are newer version.

Could u help me out here thanks.

****I EDITED THE CODE AND I GOT THE FOLLWING ERROR****
Could not updateYou have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'user_id=36' at line 1

Crs Crs
Answer

Why bind $id to $_POST['user_id'] which the form in your html doesn't even post? Apparently you have the users ID in the $_SESSION['user'] variable.

Also, your SQL statements are broken.

Your code could look something like this:

if( isset($_POST['username']) )
{
    $username= $_POST['username'];
    $id  = $_SESSION['user'];
    $sql  = "UPDATE users SET user_name='$username' WHERE user_id=$id";
    $res    = mysql_query($sql) 
                                or die("Could not update".mysql_error());
    echo "<meta http-equiv='refresh' content='0;url=profile.php'>";
}

if( isset($_POST['useremail']) )
{
    $useremail= $_POST['useremail'];
    $id  = $_SESSION['user'];
    $sql  = "UPDATE users SET user_email='$useremail' WHERE user_id=$id";
    $res = mysql_query($sql) 
                                or die("Could not update".mysql_error());
    echo "<meta http-equiv='refresh' content='0;url=profile.php'>";
}

if( isset($_POST['userabout']) )
{
    $userabout= $_POST['userabout'];
    $id  = $_SESSION['user'];
    $sql = "UPDATE users SET user_about='$userabout' WHERE user_id=$id";
    $res = mysql_query($sql) 
                                or die("Could not update".mysql_affected_rows());
    echo "<meta http-equiv='refresh' content='0;url=profile.php'>";
}