cannot edit profile

Ask about a PHP problem here.
User avatar
leverkusen
Posts: 69
Joined: Sun Nov 18, 2012 10:09 pm
Location: Belgrade
Contact:

Re: cannot edit profile

Post by leverkusen »

edit.profile.php
    <?php
    session_start();
    include('core/init.inc.php');

    if(isset($_POST['username'])){
    $errors = array();
    }
    if(isset($_POST['grad'])){
    $errors = array();
    }
    if(isset($_POST['drzava'])){
    $errors = array();
    }
    if(isset($_POST['fan'])){
    $errors = array();
    }
    if(isset($_POST['website'])){
    $errors = array();
    }
           
                if (empty($errors)){
        $grad = htmlentities($_POST['grad']);
        $drzava = htmlentities($_POST['drzava']);
        $fan = htmlentities($_POST['fan']);
        $website = htmlentities($_POST['website']);
         
         mysql_query("UPDATE `users` SET `grad` = '{$grad}', `drzava` = '{$drzava}',`fan` = '{$fan}', `website` = '{$website}' WHERE `uid`='{$uid}'");
         
         
                $user_info = array();
                          $user_info['grad'] = "$grad";
                          $user_info['drzava'] = "$drzava";
                          $user_info['fan'] = "$fan";
                          $user_info['website'] = "$website";
     
     
        }else{
             $user_info = fetch_user_info($_SESSION['uid']);
        }
         
        ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-type" content="text/html; charset=utf-8" />
    <title>Global Betting</title>
    </head>
    <body>
    <div>
        <?php
           
            if (isset($errors) ==false){
                echo 'Click update to edit your profile.';
            }else if (empty($errors)){
                    echo 'Your profile has been updated!';
                    }else{
                        echo '<ul><li>'. implode('</li><li>'. $errors). '</li></ul>';
            }
           
            ?>
<?php
if(!empty($_SESSION['LoggedIn']) && !empty($_SESSION['Username']) && !empty($_SESSION['uid']))
{
	 ?>
            </div>
            <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method ="POST">
                
                        <div>
                        <label for="username">Username</label>
                            <input type="text" name="username" id="username" value="<?php echo $user_info ['username']; ?>" />
                            </div><div>
                        <label for="grad">Grad</label>
                            <input type="text" name="grad" id="grad" value="<?php echo $user_info['grad']; ?>" />
                            </div>
                            <div>
                        <label for="drzava">Drzava</label>
                            <input type="text" name="drzava" id="drzava" value="<?php echo $user_info ['drzava']; ?>" />
                            </div>
                            <div>
                        <label for="fan">Fan</label>
                            <input type="text" name="fan" id="fan" value="<?php echo $user_info ['fan']; ?>" />
                            </div>
                            <div>
                        <label for="website">Website</label>
                            <input type="text" name="website" id="website" value="<?php echo $user_info ['website']; ?>" />
                            </div>
                            <div>
                                 <input type="submit" value="Update" />
                                     </div>
                                     </form>
                                     </body>
                                     </html>
<?php
}
elseif(!empty($_POST['username']) && !empty($_POST['password']))
{
	 $username = mysql_real_escape_string($_POST['username']);
         $password = md5(mysql_real_escape_string($_POST['password']));
    
	 $checklogin = mysql_query("SELECT * FROM users WHERE username = '".$username."' AND password = '".$password."'");
    
    if(mysql_num_rows($checklogin) == 1)
    {
    	 $row = mysql_fetch_array($checklogin);
        
        $_SESSION['Username'] = $username;
        $_SESSION['LoggedIn'] = 1;
        $_SESSION['uid'] = $row['uid'];

        
    	 echo "<h1><center>Success</center></h1>";
        echo "<p><center>We are now redirecting you to the member area.</center></p>";
        echo "<meta http-equiv='refresh' content='=2;user.php' />";
    }
    else
    {
    	 echo "<h1>Error</h1>";
        echo "<p>Sorry, your account could not be found. Please <a href=\"user.php\">click here to try again</a>.</p>";
    }
}
else
{
	?>
<?php
}
?>
login.php
<?php
}
elseif(!empty($_POST['username']) && !empty($_POST['password']))
{
	 $username = mysql_real_escape_string($_POST['username']);
    $password = md5(mysql_real_escape_string($_POST['password']));
    
	 $checklogin = mysql_query("SELECT * FROM users WHERE Username = '".$username."' AND Password = '".$password."'");
    
    if(mysql_num_rows($checklogin) == 1)
    {
    	 $row = mysql_fetch_array($checklogin);
        
        $_SESSION['Username'] = $username;
        $_SESSION['LoggedIn'] = 1;
        $_SESSION['uid'] = $row['uid'];

        
        echo "<h1><center>Success</center></h1>";
        echo "<p><center>We are now redirecting you to the member area.</center></p>";
        echo "<meta http-equiv='refresh' content='=2;user.php' />";
    }
    else
    {
    	 echo "<h1>Error</h1>";
        echo "<p>Sorry, your account could not be found. Please <a href=\"user.php\">click here to try again</a>.</p>";
    }
}
else
{
	?>
<?php
}
?>
init.inc.php
<?php

session_start();

$dbhost = ""; // this will ususally be 'localhost', but can sometimes differ
$dbname = ""; // the name of the database that you are going to use for this project
$dbuser = ""; // the username that you created, or were given, to access your database
$dbpass = ""; // the password that you created, or were given, to access your database

mysql_connect($dbhost, $dbuser, $dbpass) or die("MySQL Error: " . mysql_error());
mysql_select_db($dbname) or die("MySQL Error: " . mysql_error());


$path = dirname (__FILE__);

include "$path/inc/user.inc.php";

?>
user.inc.php
<?php
session_start();
     
                           
    function fetch_users (){
        $result = mysql_query('SELECT `uid` AS `id`, `username` AS `username` FROM `users`');
     
     
        $users = array();
     
            while (($row = mysql_fetch_assoc($result)) != false){
                $users[] = $row;
            }
     
        return $users;     
    }
     
     function fetch_user_info($uid){
        $uid = (int)$uid;
    
           
            $sql = "SELECT
                          `username` AS `username`,
                                      `grad` AS `grad`,
                                      `drzava` AS `drzava`,
                                      `fan` AS `fan`,
                                      `Website` AS `Website`
                                      FROM users
                                      WHERE `uid` = '$uid'";
                                     
            $result = mysql_query($sql);
     
        return mysql_fetch_assoc($result); 
    
     }
    function set_profile_info($username, $grad, $drzava, $fan, $website){
             $username = mysql_real_escape_string(htmlentities($username));
             $grad       =  mysql_real_escape_string(htmlentities($grad));
             $drzava       =  mysql_real_escape_string(htmlentities($drzava));
             $fan       =  mysql_real_escape_string(htmlentities($fan));
             $website       =  mysql_real_escape_string(htmlentities($website));
             $uid = $_SESSION['uid'];
             
        mysql_query("UPDATE `users` SET `username` = `$username`, `grad` = `$grad`, `drzava` = `$drzava`,`fan` = `$fan`, `website` = `$website` WHERE `uid`=`$uid`");             
    }
     
     
    ?>
ExtremeGaming
Posts: 205
Joined: Mon Jul 09, 2012 11:13 pm

Re: cannot edit profile

Post by ExtremeGaming »

Change:
if (empty($errors)){
        $grad = htmlentities($_POST['grad']);
        $drzava = htmlentities($_POST['drzava']);
        $fan = htmlentities($_POST['fan']);
        $website = htmlentities($_POST['website']);
         
         mysql_query("UPDATE `users` SET `grad` = '{$grad}', `drzava` = '{$drzava}',`fan` = '{$fan}', `website` = '{$website}' WHERE `uid`='{$uid}'");
In edit_profile.php to:
if (empty($errors)){
        $grad = mysql_real_escape_string(htmlentities($_POST['grad']));
        $drzava = mysql_real_escape_string(htmlentities($_POST['drzava']));
        $fan = mysql_real_escape_string(htmlentities($_POST['fan']));
        $website = mysql_real_escape_string(htmlentities($_POST['website']));
         
         mysql_query("UPDATE `users` SET `grad` = '{$grad}', `drzava` = '{$drzava}',`fan` = '{$fan}', `website` = '{$website}' WHERE `uid`='{$uid}'") or die(mysql_error());
<?php while(!$succeed = try()); ?>
User avatar
leverkusen
Posts: 69
Joined: Sun Nov 18, 2012 10:09 pm
Location: Belgrade
Contact:

Re: cannot edit profile

Post by leverkusen »

i dont get any mysql error very strange
hope you can take this scripts and edit them in your computer, then you will know when they will work
ExtremeGaming
Posts: 205
Joined: Mon Jul 09, 2012 11:13 pm

Re: cannot edit profile

Post by ExtremeGaming »

Insert this somewhere in edit_profile.php where you will be able to see it being displayed:
echo "<h1>The current SESSION UID is: ".$_SESSION['uid']."</h1>";
What does it display?

Also why is edit_profile.php containing what should be on login.php? Post login.php correctly as it won't start with an } else if...
<?php while(!$succeed = try()); ?>
User avatar
leverkusen
Posts: 69
Joined: Sun Nov 18, 2012 10:09 pm
Location: Belgrade
Contact:

Re: cannot edit profile

Post by leverkusen »

haha just what i though, its a session problem
The current SESSION UID is: :roll:
User avatar
leverkusen
Posts: 69
Joined: Sun Nov 18, 2012 10:09 pm
Location: Belgrade
Contact:

Re: cannot edit profile

Post by leverkusen »

btw i added in edit.profile.php a part from login because of users to not see the page if they are logged in(edit.profile.php)
ExtremeGaming
Posts: 205
Joined: Mon Jul 09, 2012 11:13 pm

Re: cannot edit profile

Post by ExtremeGaming »

Ok first step to debugging it is...do you actually have a column in your users database called uid?
Last edited by ExtremeGaming on Fri Dec 14, 2012 1:17 pm, edited 1 time in total.
<?php while(!$succeed = try()); ?>
User avatar
leverkusen
Posts: 69
Joined: Sun Nov 18, 2012 10:09 pm
Location: Belgrade
Contact:

Re: cannot edit profile

Post by leverkusen »

yes i have a column called uid auto increment primary
and how does login fails if i do not see the page when im logged out :x
ExtremeGaming
Posts: 205
Joined: Mon Jul 09, 2012 11:13 pm

Re: cannot edit profile

Post by ExtremeGaming »

What is user.php?

Are you using session_unset(); or session_destroy(); in any places other than logout?
<?php while(!$succeed = try()); ?>
User avatar
leverkusen
Posts: 69
Joined: Sun Nov 18, 2012 10:09 pm
Location: Belgrade
Contact:

Re: cannot edit profile

Post by leverkusen »

you mean profile.php?
<?php

include('core/init.inc.php');

$user_info = fetch_user_info($_GET['uid']);

?>
<?php

if ($user_info === false){
    echo 'That user does not exist.';
}else{

?>
<?php
}
?>
<!-- sidebar -->
<div id="sidebar">

<div class="block">
<div class="block-bot">
<div class="head"><div class="head-cnt"><h3><?php echo $user_info['username']; ?> profile</h3></div></div><font size="3"><b><table cellspacing="5"><tr></tr><tr><td> <a>Titles:</a><font color="orange"><?php echo $user_info['titles']; ?></font></td></tr><tr><td> <a>Name:</a><font color="orange"><?php echo $user_info['username']; ?></font></td></tr><tr><td> <a>Country:</a><font color="orange"><?php echo $user_info['drzava']; ?></font></td></tr><tr><td> <a>City:</a><font color="orange"><?php echo $user_info['grad']; ?></font></td></tr><tr><td> <a>Fan of:</a><font color="orange"><font color="orange"><?php echo $user_info['fan']; ?></font></font></td></tr><tr><td> <a>Website:</a><a target="_blank" href="<?php echo $user_info['website']; ?>"><font color="lime">link</font></td></tr><tr><td> <a href="index.php"><font color="lime"> <<< </font></a></td></tr><tr></tr></table></b></font></div>
</div>
Are you using session_unset(); or session_destroy(); in any places other than logout?: No
ExtremeGaming
Posts: 205
Joined: Mon Jul 09, 2012 11:13 pm

Re: cannot edit profile

Post by ExtremeGaming »

Your login page says you are redirecting users to a user.php.
<?php while(!$succeed = try()); ?>
User avatar
leverkusen
Posts: 69
Joined: Sun Nov 18, 2012 10:09 pm
Location: Belgrade
Contact:

Re: cannot edit profile

Post by leverkusen »

actually redirects to login.php again but on the content which cannot be seen without loggin in
ExtremeGaming
Posts: 205
Joined: Mon Jul 09, 2012 11:13 pm

Re: cannot edit profile

Post by ExtremeGaming »

Put this at the top of login.php within your php tags and remove the redirect for now so it remains on the same page.
error_reporting(E_ALL);
ini_set('display_errors', '1');
<?php while(!$succeed = try()); ?>
User avatar
leverkusen
Posts: 69
Joined: Sun Nov 18, 2012 10:09 pm
Location: Belgrade
Contact:

Re: cannot edit profile

Post by leverkusen »

:( still not editing the profile
ExtremeGaming
Posts: 205
Joined: Mon Jul 09, 2012 11:13 pm

Re: cannot edit profile

Post by ExtremeGaming »

If you put that on login.php, removed the redirect on login.php, and received no errors warnings or notices, I really have no idea
<?php while(!$succeed = try()); ?>
User avatar
leverkusen
Posts: 69
Joined: Sun Nov 18, 2012 10:09 pm
Location: Belgrade
Contact:

Re: cannot edit profile

Post by leverkusen »

really no erors, nothing, except we know that the session is empty somehow :(
i have 1 idea and now will try it, on other hosting, maybe is a hosting problem i had few problems with this hosting so i hope that is
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: cannot edit profile

Post by jacek »

Going off the last posted code I spotted a few problems.

This block
    session_start();
    include('core/init.inc.php');
 
    if(isset($_POST['username'])){
    $errors = array();
    }
    if(isset($_POST['grad'])){
    $errors = array();
    }
    if(isset($_POST['drzava'])){
    $errors = array();
    }
    if(isset($_POST['fan'])){
    $errors = array();
    }
    if(isset($_POST['website'])){
    $errors = array();
    }
makes no sense. You are probably meant to be validating the various inputs here in which case it would look more like
include('core/init.inc.php');

$errors = array();

if (!isset($_POST['username'])){
	$errors[] = 'You must enter your username';
}
You also do not need the session_start() since that is done in the init.inc.php file.

In the same file you are not using the set_profile_info() function like you should be, instead you use the raw SQL which just gets confusing and should be avoided.

The final problem is with the login system which seems to be from another tutorial, it's really not a good idea at all to combine two tutorials in the hope of making a working system. I have a full series on a much more organised login system which leads on to the profile system so it might be a good idea to start from there.
Image
User avatar
leverkusen
Posts: 69
Joined: Sun Nov 18, 2012 10:09 pm
Location: Belgrade
Contact:

Re: cannot edit profile

Post by leverkusen »

when i change
session_start();
    include('core/init.inc.php');
 
    if(isset($_POST['username'])){
    $errors = array();
    }
    if(isset($_POST['grad'])){
    $errors = array();
    }
    if(isset($_POST['drzava'])){
    $errors = array();
    }
    if(isset($_POST['fan'])){
    $errors = array();
    }
    if(isset($_POST['website'])){
    $errors = array();
    }
to
    include('core/init.inc.php');
     
    $errors = array();
     
    if (!isset($_POST['username'])){
            $errors[] = 'You must enter your username';
    }
     
i get error Warning: implode() [function.implode]: Argument must be an array in /home/a8772784/public_html/edit_profile.php on line 46
echo '<ul><li>'. implode('</li><li>'. $errors). '</li></ul>';
this is line 46
Now when i login i get echo of a user in html about his country and city, thats good, but still cant edit those information probably because of this error.
And some strange bolded black dot is appearing
ExtremeGaming
Posts: 205
Joined: Mon Jul 09, 2012 11:13 pm

Re: cannot edit profile

Post by ExtremeGaming »

Well, for starters, php functions use a comma to seperate arguments, not a period. So change
echo '<ul><li>'. implode('</li><li>'. $errors). '</li></ul>';
To
echo '<ul><li>'. implode('</li><li>', $errors). '</li></ul>';
The change you made could not possibly result in that error, so what else did you change?
<?php while(!$succeed = try()); ?>
User avatar
leverkusen
Posts: 69
Joined: Sun Nov 18, 2012 10:09 pm
Location: Belgrade
Contact:

Re: cannot edit profile

Post by leverkusen »

No i havent changed anything error in line 46 is gone
when i log in with usernames i get different informations whats good, but above html box i have 'You must enter your username'
When i want to edit anything in profile i get echo 'Your profile has been updated'! but when i refresh there are still old informations but no 'You must enter your username'
edit-profile.php
    <?php
    include('core/init.inc.php');
 
    $errors = array();
 
    if (!isset($_POST["username"])){
              $errors[] = 'You must enter your username';
    }        
    if (empty($errors)){
            $grad = mysql_real_escape_string(htmlentities($_POST['grad']));
            $drzava = mysql_real_escape_string(htmlentities($_POST['drzava']));
            $fan = mysql_real_escape_string(htmlentities($_POST['fan']));
            $website = mysql_real_escape_string(htmlentities($_POST['website']));
             
mysql_query("UPDATE `users` SET `grad` = '{$grad}', `drzava` = '{$drzava}',`fan` = '{$fan}', `website` = '{$website}' WHERE `uid`='{$uid}'") or die(mysql_error());

         
                $user_info = array();
                          $user_info['grad'] = "$grad";
                          $user_info['drzava'] = "$drzava";
                          $user_info['fan'] = "$fan";
                          $user_info['website'] = "$website";
     
     
        }else{
             $user_info = fetch_user_info($_SESSION['uid']);
        }
         
        ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-type" content="text/html; charset=utf-8" />
    <title>Global Betting</title>
    </head>
    <body>
    <div>
        <?php
           
            if (isset($errors) ==false){
                echo 'Click update to edit your profile.';
            }else if (empty($errors)){
                    echo 'Your profile has been updated!';
                    }else{
                         echo '<ul><li>'. implode('</li><li>', $errors). '</li></ul>';

            }
           
            ?>
<?php
if(!empty($_SESSION['LoggedIn']) && !empty($_SESSION['Username']) && !empty($_SESSION['uid']))
{
	 ?>
            </div>
            <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method ="POST">
                
                        <div>
                        <label for="username">Username</label>
                            <input type="text" name="username" id="username" value="<?php echo $user_info['username']; ?>" />
                            </div><div>
                        <label for="grad">Grad</label>
                            <input type="text" name="grad" id="grad" value="<?php echo $user_info['grad']; ?>" />
                            </div>
                            <div>
                        <label for="drzava">Drzava</label>
                            <input type="text" name="drzava" id="drzava" value="<?php echo $user_info['drzava']; ?>" />
                            </div>
                            <div>
                        <label for="fan">Fan</label>
                            <input type="text" name="fan" id="fan" value="<?php echo $user_info['fan']; ?>" />
                            </div>
                            <div>
                        <label for="website">Website</label>
                            <input type="text" name="website" id="website" value="<?php echo $user_info['website']; ?>" />
                            </div>
                            <div>
                                 <input type="submit" value="Update" />
                                     </div>
                                     </form>
                                     </body>
                                     </html>
<?php
}
?>
login(user).php
<?php include "base.php"; ?>
<?php
if(!empty($_SESSION['LoggedIn']) && !empty($_SESSION['Username']))
{
	 ?>
<?php

}
elseif(!empty($_POST['username']) && !empty($_POST['password']))
{
	 $username = mysql_real_escape_string($_POST['username']);
         $password = md5(mysql_real_escape_string($_POST['password']));
    
	 $checklogin = mysql_query("SELECT * FROM users WHERE Username = '".$username."' AND Password = '".$password."'");
    
    if(mysql_num_rows($checklogin) == 1)
    {
    	 $row = mysql_fetch_array($checklogin);
        
        $_SESSION['Username'] = $username;
        $_SESSION['LoggedIn'] = 1;
        $_SESSION['uid'] = $row['uid'];

        
        echo "<h1><center>Success</center></h1>";
        echo "<p><center>We are now redirecting you to the member area.</center></p>";
        echo "<meta http-equiv='refresh' content='=2;user.php' />";
    }
    else
    {
    	 echo "<h1>Error</h1>";
        echo "<p>Sorry, your account could not be found. Please <a href=\"user.php\">click here to try again</a>.</p>";
    }
}
else
{
	?>
<br>
<center>
<form method="post" action="/user.php">
<table align="center" cellpadding="2" cellspacing="5">
	<tbody><tr><td style="width: 100px;"><div align="left"><b>Username:</b></div></td><td><div align="left"><input required="required" name="username" class="login" size="32" type="text"></div></td></tr>
	<tr><td style="width: 100px;"><div align="left"><b>Password:</b></div></td><td><div align="left"><input required="required" name="password" class="login" size="32" type="password"></div></td></tr>
	<tr><td colspan="2"><div align="right"><input class="dugme_login" value="login" type="submit"></div></td></tr>
</tbody></table>
</form>
</center>
<br>
<?php
}
?>
User avatar
jacek
Site Admin
Posts: 3262
Joined: Thu May 05, 2011 1:45 pm
Location: UK
Contact:

Re: cannot edit profile

Post by jacek »

You blindly copied
if (!isset($_POST["username"])){
you were meant to substitute your variable name :P

the stuff I said about the login system still applied too.
Image
Post Reply