0

Hello all, I have a page that allows the user to update their account detail. The prblem is that when the page loads the users inforamtion doesn't appear in the text fields. I've checked the code and i cant see any errors nor does php flag any errors. Can someone else see what i've missed.

Thanks.

<?php
session_start();
require("config.php");

if(isset($_SESSION['USERNAME']) == FALSE) {
	header("Location: " . $config_basedir);
}

$db = mysql_connect($dbhost, $dbuser, $dbpassword);
mysql_select_db($dbdatabase, $db);

if(isset($_GET['id']) == TRUE) {
	if(is_numeric($id) == FALSE) {
		$error = 1;
	}                                      
	if($error == 1) {
		header("Location: " . $config_basedir);
	}
	else {
		$validentry = $_GET['id'];
	}
}
else {
	$validentry = 0;
}

if($_POST['submit']) {   

	   $usersql = "UPDATE users SET  
     username = '" . $_POST['username'] 
     . "',password = '" . $_POST['password'] 
     . "',title = '" . $_POST['title'] 
     . "',firstname = '" . $_POST['firstname'] 
     . "',surname  = '" . $_POST['surname'] 
     . "',addresstype = '" . $_POST['addresstype']  
     . "',address = '" . $_POST['address']  
     . "',areacode = '" . $_POST['areacode'] 
     . "',postalcode  = '" . $_POST['postalcode'] 
     . "',borough  = '" . $_POST['borough'] 
     . "',city = '" . $_POST['city'] 
     . "',country = '" . $_POST['country'] 
     . "',tel = '" . $_POST['tel'] 
     . "',mobile  = '" . $_POST['mobile'] 
     . "',fax = '" . $_POST['fax'] 
     . "',email = '" . $_POST['email']  
     . "',website = '" . $_POST['website'] 
     . "' WHERE id = "  
     . $validentry . ";";
     mysql_query($usersql)or die(mysql_error());  
		
     header("Location: " . $config_basedir . "/editregister1.php?id=" . $validentry);  
}
else { 
	
  require("header.php");  
  	
 $datausersql = "SELECT * FROM users WHERE id = " . $validentry . ";";
$datauserresult = mysql_query($datausersql);
 $datauserrow = mysql_fetch_assoc($datauserresult);  
  	
?>
<h1>Your Account Details.</h1>	
<form action="<?php echo $SCRIPT_NAME . "?id=" . $validentry; ?>"method="POST">
	
<table>
<tr>
 <td  colspan="2" bgcolor="#f0f8ff"> <label class="text"><strong>To upate your Account , fill in the form below.</strong></label></td>
</tr> 
<tr>
<td>Username</td>
<td><input type="text" name="username"id="username"size="10" maxlength="20"value="<?php echo $datauserrow['username']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="password1"id="password1"size="10" maxlength="20"value="<?php echo $datauserrow['password']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Password (again)</td>
<td><input type="password" name="password2"id="password2"size="10" maxlength="20"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td> </td>   
<td>  			      
<select <?php echo $datauserrow['title']; ?> name="title"> 	 <option value="Mr"<?php if ($datauserrow['title'] == "Mr"){ echo ' selected="selected"';}?> />Mr</option>
<option value="Mrs"<?php if ($datauserrow['title'] == "Mrs"){ echo ' selected="selected"';}?> />Mrs</option>
<option value="Miss"<?php if ($datauserrow['title'] == "Miss"){ echo ' selected="selected"';}?> />Miss</option>
<option value="Dr"<?php if ($datauserrow['title'] == "Dr"){ echo ' selected="selected"';}?> />Dr</option> 
</select>          	        
</td>
</tr>
<tr>
<td>Firstname</td>
<td><input type="text" name="firstname"id="firstname"size="10" maxlength="20"value="<?php echo $datauserrow['firstname']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Surname</td>
<td><input type="text" name="surname"id="surname"size="10" maxlength="20"value="<?php echo $datauserrow['surname']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td  colspan="2" bgcolor="#f0f8ff"> <label class="text"><strong>Business/Home.</strong></label></td>
</tr>
<tr>  
<td> </td>    
<td>                   			
<select <?php echo $datauserrow['addresstype']; ?> name="addresstype">  			
<option value="Home"<?php if ($datauserrow['addresstype'] == "Home"){ echo ' selected="selected"';}?> />Home</option>
<option value="Business"<?php if ($datauserrow['addresstype'] == "Business"){ echo ' selected="selected"';}?> />Business</option>
</select>         			
</td>
</tr>
<tr>
<td>Address</td>
<td><input type="text" name="address"id="address"size="50" maxlength="100"value="<?php echo $datauserrow['address']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Area code</td>
<td><input type="text" name="areacode"id="areacode"size="7" maxlength="7"value="<?php echo $datauserrow['areacode']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Postal code</td>
<td><input type="text" name="postalcode"id="postalcode"size="7" maxlength="7"value="<?php echo $datauserrow['postalcode']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Borough</td>
<td><input type="text" name="borough"id="borough"size="20" maxlength="30"value="<?php echo $datauserrow['borough']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>City</td>
<td><input type="text" name="city"id="city"size="20" maxlength="30"value="<?php echo $datauserrow['city']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Country</td>
<td>  	                           				
 <select <?php echo $datauserrow['country']; ?> name="country"> <option value="England"<?php if ($datauserrow['country'] == "England"){ echo ' selected="selected"';}?> />England</option>
<option value="Scotland"<?php if ($datauserrow['country'] == "Scotland"){ echo ' selected="selected"';}?> />Scotland</option>
<option value="Ireland"<?php if ($datauserrow['country'] == "Ireland"){ echo ' selected="selected"';}?> />Ireland</option>
<option value="Walse"<?php if ($datauserrow['country'] == "Walse"){ echo ' selected="selected"';}?> />Walse</option>      			
</select>  
</td>
</tr> 
<tr>
 <td  colspan="2" bgcolor="#f0f8ff"> <label class="text"><strong>Contact details.</strong></label></td>
</tr>
<tr>
<td>Tel</td>
<td><input type="text" name="tel"id="tel"size="20" maxlength="30"value="<?php echo $datauserrow['tel']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Mobile</td>
<td><input type="text" name="mobile"id="mobile"size="11" maxlength="11"value="<?php echo $datauserrow['mobile']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Fax</td>
<td><input type="text" name="fax"id="fax"size="11" maxlength="11"value="<?php echo $datauserrow['fax']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Email</td>
<td><input type="text" name="email"id="email"size="50" maxlength="100"value="<?php echo $datauserrow['email']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Website URL - optional</td>                                                                     
<td><input type="text" name="website"id="website"size="40" maxlength="100"value="<?php echo $datauserrow['website']; ?>"onfocus="clearMe(this)"/>(Recommended)</td>
</tr>
<tr>
 <td> </td>
<td><input type="submit" name="submit"id="submit" value="Update Your Account!"/></td>
</tr>
</table>
</form> ?>
3
Contributors
2
Replies
3
Views
7 Years
Discussion Span
Last Post by Will Gresham
0

Insert following code at line no 60. and see whether it is fetching correct data or not

print"<pre>";
var_dump($datauserrow);
print"</pre>";
0

What urtivedi said, although I prefer print_r() as this is much easier to look at and read (IMO)

Also, you check the ID is numeric which is a start, but you also need to sanitize all of the POST data before entering it into the database, if someone entered an SQL injection attempt into one of the fields, they could cause serious problems :)

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.