0
    <?php require_once('connections/careergroup.php'); ?>
<?php


    if (!function_exists("GetSQLValueString")) {


function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 


    {




      if (PHP_VERSION < 6) {


    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;


      }



  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);



      switch ($theType) {


    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;


      }


  return $theValue;


    }




    }



mysql_select_db($database_careergroup, $careergroup);
$query_Recordset1 = "SELECT first_name, last_name, email, password, sex FROM members";
$Recordset1 = mysql_query($query_Recordset1, $careergroup) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>


        <html>


    <head>
    <title> <?php echo $first_name; ?> <?php echo $lastname; ?>s Profile</title>
    </head>
    <body>
    <?php
    // Check for a form submission
    if (isset($_GET["text"])){
    $text = $_GET['text'];

    mysql_connect ("$hostname_careergroup", "$username_careergroup", "$password_careergroup")
    or die ("Could not connect to the server");
    mysql_select_db("careergroup") or die ("That database could not be found");
    $userquery = mysql_query("SELECT * FROM members WHERE email= '$text'") or die ("the query");
    if (mysql_num_rows($userquery) != 1) /* I think this line is the problem but how to i fix this */
    {
    die ("that member could not be found!");

    while($row_Recordset1 = mysql_fetch_array ($userquery, MYSQL_ASSOC)){
    $row_Recordset1['first_name'];
    $row_Recordset1['last_name'];
    $row_Recordset1['email'];
    $row_Recordset1['password'];
    $row_Recordset1['sex'];
    $row_Recordset1['email'];
    }

    if ($text != $row_Recordset1['email']) {
    die ("there has been a fatal erroe. please try again. ");
    }
    if ($activated == 0) {
    $active = "The account has not been activated.";
    }else{
    $active = "The account has been activated.";
    }
    // See what lever the user is
    if ($access == 0) {
    $admin = "This user is not an administrator.";
    }else {
    $admin = "This use is an administrator.";
    }
    }
    ?>
    <h2><?php echo $row_Recordset1['first_name']; ?> <?php echo $row_Recordset1['last_name']; ?>s Profile</h2><br />
    <table>
    <tr><td> Firstname:</td><td><?php echo $row_Recordset1['first_name']; ?></td></tr>
    <tr><td> Lastname:</td><td><?php echo $row_Recordset1['last_name']; ?></td></tr>
    <tr><td> Email:</td><td><?php echo $row_Recordset1['email']; ?></td></tr>
    <tr><td> Password:</td><td><?php echo $row_Recordset1['password']; ?></td></tr>
    <tr><td> Sex:</td><td><?php echo $row_Recordset1['sex']; ?></td></tr>
    <?php
    } else die ("you need to specify a username!");
    ?>
    </body>
</html>


        <?php


mysql_free_result($Recordset1);
?>

Edited by Dani: Formatting fixed

5
Contributors
5
Replies
30
Views
4 Years
Discussion Span
Last Post by phaneendrahari
0
if (mysql_num_rows($userquery) != 1) /* I think this line is the problem but how to i fix this */
{
    die ("that member could not be found!");

These lines are saying: If not exactly one record is found, stop the script. Why don't you use this instead?:

if (mysql_num_rows($userquery) < 1)
{
    die ("that member could not be found!");
}
else
{
    // Your script goes here.
}

On top of that you could add a LIMIT 1 to this query: $query_Recordset1 = "SELECT first_name, last_name, email, password, sex FROM members"; as you seem to be selecting only the first retrieved result in the next lines.

0

how would i use a while loop to check each row for the input value until it find a match and display the right profile. i did what you said but it keep giveing me the first value in the database.

0

If you would like to have all records displayed you need to use a while loop or a foreach loop.

echo '<div>';
while($row = mysql_fetch_array($stm, $conn)){
echo '<p>row: '.$row.'</p>';
}
echo '</div>';

This loop will produce.

<div>
<p>row: 1</p>
<p>row: 2</p>
<p>row: 3</p>
<p>row: 4</p>
<p>row: 5</p>
<p>row: 6</p>
<p>row: 7</p>
</div>

Looks like you are trying to access all your records outside your loop.

0
 <title> <?php echo $first_name; ?> <?php echo $lastname; ?>s Profile</title>

Where do these vars come from? These aren't initialised anywhere. Don't you mean...

 <title> <?php echo $row_Recordset1['first_name']; ?> <?php echo $row_Recordset1['lastname']; ?>&rsquo;s Profile</title>

Anyway...

SELECT first_name, last_name, email, password, sex FROM members

Gives every record in the table. There's no LIMIT to restrict it to one record and no WHERE clause to filter the recordset. So as far as I can make out, you'll get the same data every time for $row_Recordset1.

You use this...

 $text = $_GET['text'];

in your SQL...

SELECT * FROM members WHERE email= '$text'

without cleaning it with mysql_real_escape_string - you are therefore a prime candidate for SQL injection. So clean it up.

After the second query, you change to...

 while($row_Recordset1 = mysql_fetch_array ($userquery, MYSQL_ASSOC)){

So now the $row_Recordset1 is referring to the second recordset, overwriting any data from the first query recordset. So it has to be asked, what the hell was the point of it? Not even the $totalRows_Recordset1 seems to be used.

What is this supposed to do?

while($row_Recordset1 = mysql_fetch_array ($userquery, MYSQL_ASSOC)){
    $row_Recordset1['first_name'];
    $row_Recordset1['last_name'];
    $row_Recordset1['email'];
    $row_Recordset1['password'];
    $row_Recordset1['sex'];
    $row_Recordset1['email'];
}

There's no echo or concatenation, just a list of variables. And this...

if ($activated == 0) {
    $active = "The account has not been activated.";
}else{
    $active = "The account has been activated.";
}

Where is $activated initialised? I can't see any reference to it prior to this line. Likewise for this...

if ($access == 0) {
    $admin = "This user is not an administrator.";
}else {
    $admin = "This use is an administrator.";
}

$access ? Where is it references prior to this?

I don't mean to be rude, but this code is a mess. How about cutting out all the stuff you don't need and initialising the variables correctly?

0

mysql_fetch_row/assoc will get you the first column of the Database values not the whole set. I faced the same problem when I was learning php.

You have to find the num of rows is the result using mysql_num_rows, then loop the mysql_fetch_assoc/row that many times to get each column.

May be you can save the each column in an multi-dimensional array.
ex:

$count= mysql_num_rows($result);
$data = array();
for($i=0;$i<$count; $i++){
    $data[$i] = mysql_fetch_assoc($result);
}

Now $data has all the values related to the used query.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.