Member Avatar for leader2345

I have a form in php that allows users to edit their user profile after the user logs in. It is prefilled with the users current info and when it is submitted, it updates the database. However, when it returns to the edit user profile page, the prefilled text is not updated. It only seems to update when the user re-logins. I followed this old article Update SESSION Variabled when form is submitted. I've added 'session_start();' but it still doees not reflect the changes.
**
Login-exec.php**

<?php
    //Start session
    session_start();

    //Include database connection details
    require_once('config.php');

    //Array to store validation errors
    $errmsg_arr = array();

    //Validation error flag
    $errflag = false;

    //Connect to mysql server
    $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
    if(!$link) {
        die('Failed to connect to server: ' . mysql_error());
    }

    //Select database
    $db = mysql_select_db(DB_DATABASE);
    if(!$db) {
        die("Unable to select database");
    }

    //Function to sanitize values received from the form. Prevents SQL injection
    function clean($str) {
        $str = @trim($str);
        if(get_magic_quotes_gpc()) {
            $str = stripslashes($str);
        }
        return mysql_real_escape_string($str);
    }

    //Sanitize the POST values
    $login = clean($_POST['login']);
    $password = clean($_POST['password']);



    //Create query
    $qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'";
    $result=mysql_query($qry);

    //Check whether the query was successful or not
    if($result) {
        if(mysql_num_rows($result) == 1) {
            //Login Successful
            session_regenerate_id();
            $member = mysql_fetch_assoc($result);
            $_SESSION['SESS_MEMBER_ID'] = $member['member_id'];
            $_SESSION['SESS_FIRST_NAME'] = $member['firstname'];
            $_SESSION['SESS_LAST_NAME'] = $member['lastname'];
            $_SESSION['SESS_AGE'] = $member['age'];
            $_SESSION['SESS_GENDER'] = $member['gender'];
            $_SESSION['SESS_DISEASES'] = $member['diseases'];
            session_write_close();
            header("location: member-profile.php");
            exit();
        }else {
            //Login failed
            header("location: login-failed.php");
            exit();
        }
    }else {
        die("Query failed");
    }
?>

Member-Profile.php

<?php
    //Start session
    session_start();
    require_once('auth.php');
    require_once('config.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<script src="http://code.jquery.com/jquery-1.7.1.min.js"></script>
<script src="http://code.jquery.com/mobile/1.1.0/jquery.mobile-1.1.0.min.js"></script>

<link rel="stylesheet" href="themes/GreenDay.min.css" />
<link rel="stylesheet" href="http://code.jquery.com/mobile/1.1.0/jquery.mobile.structure-1.1.0.min.css" />



<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>My Profile</title>
</head>
<body>

    <style>  
        .nav-glyphish-example .ui-btn .ui-btn-inner { padding-top: 40px !important; }
        .nav-glyphish-example .ui-btn .ui-icon { width: 30px!important; height: 30px!important; margin-left: -15px !important; box-shadow: none!important; -moz-box-shadow: none!important; -webkit-box-shadow: none!important; -webkit-border-radius: none !important; border-radius: none !important; }
        #profile .ui-icon { background:  url(glyphish-icons/111-user.png) 50% 50% no-repeat; background-size: 24px 22px; }
        #diary .ui-icon { background:  url(glyphish-icons/96-book.png) 50% 50% no-repeat; background-size: 24px 22px;  }
        #scan .ui-icon { background:  url(glyphish-icons/06-magnify.png) 50% 50% no-repeat;  background-size: 24px 22px; }

    </style>

<h1>My Profile </h1>

<a href="member-index.php">Home</a> | <a href="logout.php">Logout</a>

<p>This is another secure page. </p>

<div data-role="page" data-title="Add User Profile">

    <div data-role="header">
            <h1>Edit/View User Profile</h1>
            <a href="logout.php" data-icon="back" class="ui-btn-right">Logout</a>
            <div data-role="navbar" class="nav-glyphish-example" >
            <ul>
                <li><a href="#" id="profile" class="ui-btn-active" data-icon="profile" data-iconpos="right" >Profile</a></li>
                <li><a href="#" id="diary" data-icon="diary" data-iconpos="right">Diary</a></li>
                <li><a href="FoodOutlets_Menu1.php" data-icon="search" data-iconpos="right">Search for food outlets</a></li>
            </ul>
        </div><!-- /navbar -->
        </div><!-- /header -->

<div data-role="content">
<h1>Welcome <?php echo $_SESSION['SESS_FIRST_NAME'];?> to Eat-It-Or-Not</h1>

<form action="save_edit.php" id="memberprofile" method="post"  />
  <div data-role="fieldcontain">
        <label for="name">First Name:</label>
        <center><input type="text" name="fname" id="fname" value="<?php echo $_SESSION['SESS_FIRST_NAME']; ?>"  data-theme="a"/></center>
    </div> 

   <div data-role="fieldcontain">
        <label for="name">Last Name:</label>
        <center><input type="text" name="lname" id="lname" value="<?php echo $_SESSION['SESS_LAST_NAME']; ?>"  data-theme="a"/></center>
    </div>  

    <div data-role="fieldcontain">
        <label for="age">Age:</label>
        <input type="number" name="age" id="age" value="<?php echo $_SESSION['SESS_AGE']; ?>" data-inline="true" data-theme="a" />
    </div>

    <div data-role="fieldcontain">
        <label for="age">Gender:</label>
        <input type="text" name="gender" id="gender" value="<?php echo $_SESSION['SESS_GENDER']; ?>" data-inline="true" data-theme="a" />
    </div>

    <div data-role="fieldcontain">
        <label for="age">Affected Diseases</label>
        <input type="text" name="diseases_new" id="gender" value="<?php echo $_SESSION['SESS_DISEASES']; ?>" data-inline="true" data-theme="a" />
    </div>

  <center><input type="submit" value="update"  data-theme="a" data-inline="true" data-transition="flip" id="submit"/></center>
  <h4>Note: Type in only Cancer, Heart Disease or Diabetes for 'Affected Diseases'.</h4>
    </form>
  </div>
</div>

</body>
</html>

save_edit.php

<?php
//Start session
session_start();
require_once('auth.php');
require_once('config.php');
// connect to SQL
$con = mysql_connect("localhost", "root", "2345fypj");
if (!$con) {
  echo( "<P>Unable to connect to the database server at this time.</P>" );
  exit();
}

//connect to database
$dbcon = mysql_select_db("my_db", $con);
if (!$dbcon) {
  echo( "<P>Unable to locate DB table at this time.</P>" );
  exit();
}

$fname=$_POST['fname'];
$lname=$_POST['lname'];
$age=$_POST['age'];
$gender=$_POST['gender'];
$diseases=$_POST['diseases_new'];

foreach ($_POST as $key => $value) $_POST[$key] = mysql_real_escape_string($value);

$sql = "UPDATE members SET 
        firstname='$_POST[fname]',
        lastname='$_POST[lname]', 
        age='$_POST[age]',
        gender='$_POST[gender]',
        diseases='$_POST[diseases_new]'
        WHERE member_id='".$_SESSION['SESS_MEMBER_ID']."'";

if (!mysql_query($sql,$con)) {
  die('Error: ' . mysql_error());
}

mysql_close($con);

echo "You have updated your record"
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<link rel="stylesheet" href="themes/GreenDay.min.css" />
<link rel="stylesheet" href="http://code.jquery.com/mobile/1.1.0/jquery.mobile.structure-1.1.0.min.css" />
<script src="http://code.jquery.com/jquery-1.7.1.min.js"></script>
<script src="http://code.jquery.com/mobile/1.1.0/jquery.mobile-1.1.0.min.js"></script>

<head>
    <title></title>
</head>
<body>
<div data-role="page" data-url="insert.php" data-theme="a" >
    <div data-role="header" data-theme="a">
        <h1>Congrats</h1>
    </div>
    <div data-role="content" data-theme="a">
        <center><p>You have successfully edited your User Profile.</p></center>
            <center><a href="member-profile.php" data-role="button" data-theme="a" data-inline="true">Go back.</a></center>
</center>
    </div>

</body>
</html>
  • 2 Contributors
  • 3 Replies
  • 4K Views
  • 3 Hours Discussion Span
  • Latest Post Latest Post by diafol

Recommended Answers

All 3 Replies

Member Avatar for diafol

surely the session changes should happen immediately after you successfully update the db in save_edit.php?

Member Avatar for leader2345

Only the database is updated. The fields that are supposed to be updated are not.

Member Avatar for diafol

all pages: login form -> loginscript.php: get user details (into session) - if success (return to previous page if not) -> profile.php: profile page (populated) - if edit and send -> save_edit.php: new data into DB and session - redirect -> profile page

That's how I see it should work.

Edited by diafol
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.