BetterPHP

you say that i should rename username? i dont understand

leverkusen wrote:you say that i should rename username? i dont understand

Your HTML form, for the username text-box is your name="username" or something else?
If it's something else, then change $_POST["username"] to whatever the name="" is on the form.
($_POST["ChangeThis"])

Wow, that was harder to explain than I thought.. Hope it makes sense

[syntax=php]<tbody><tr><td style="width: 100px;"><div align="left"><b>Username:</b></div></td><td><div align="left"><input required="required" name="username" class="login" size="32" type="text"></div></td></tr>[/syntax]
you see when i login, get good informations but cannot edit them and above i see 'You must enter your username' when im logged in and logged out

leverkusen wrote:[syntax=php]<tbody><tr><td style="width: 100px;"><div align="left"><b>Username:</b></div></td><td><div align="left"><input required="required" name="username" class="login" size="32" type="text"></div></td></tr>[/syntax]
you see when i login, get good informations but cannot edit them and above i see 'You must enter your username' when im logged in and logged out

could you post the full file again as it is now ? It's probably that you got the name wrong somewhere.

EDIT.PROFILE.PHP
[syntax=php]<?php
include('core/init.inc.php');

$errors = array();

if (!isset($_POST["username"])){
$errors[] = 'You must enter your username';
}
if (empty($errors)){
$grad = mysql_real_escape_string(htmlentities($_POST['grad']));
$drzava = mysql_real_escape_string(htmlentities($_POST['drzava']));
$fan = mysql_real_escape_string(htmlentities($_POST['fan']));
$website = mysql_real_escape_string(htmlentities($_POST['website']));

mysql_query("UPDATE `users` SET `grad` = '{$grad}', `drzava` = '{$drzava}', `fan` = '{$fan}', `website` = '{$website}' WHERE `uid`='{$uid}'") or die(mysql_error());


$user_info = array();
$user_info['grad'] = "$grad";
$user_info['drzava'] = "$drzava";
$user_info['fan'] = "$fan";
$user_info['website'] = "$website";


}else{
$user_info = fetch_user_info($_SESSION['uid']);
}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-type" content="text/html; charset=utf-8" />
<title>Global Betting</title>
</head>
<body>
<div>
<?php

if (isset($errors) ==false){
echo 'Click update to edit your profile.';
}else if (empty($errors)){
echo 'Your profile has been updated!';
}else{
echo '<ul><li>'. implode('</li><li>', $errors). '</li></ul>';

}

?>
<?php
if(!empty($_SESSION['LoggedIn']) && !empty($_SESSION['Username']) && !empty($_SESSION['uid']))
{
?>
</div>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method ="POST">

<div>
<label for="username">Username</label>
<input type="text" name="username" id="username" value="<?php echo $user_info['username']; ?>" />
</div><div>
<label for="grad">Grad</label>
<input type="text" name="grad" id="grad" value="<?php echo $user_info['grad']; ?>" />
</div>
<div>
<label for="drzava">Drzava</label>
<input type="text" name="drzava" id="drzava" value="<?php echo $user_info['drzava']; ?>" />
</div>
<div>
<label for="fan">Fan</label>
<input type="text" name="fan" id="fan" value="<?php echo $user_info['fan']; ?>" />
</div>
<div>
<label for="website">Website</label>
<input type="text" name="website" id="website" value="<?php echo $user_info['website']; ?>" />
</div>
<div>
<input type="submit" value="Update" />
</div>
</form>
</body>
</html>
<?php
}
?>[/syntax]

USER.INC.PHP
[syntax=php]<?php
session_start();


function fetch_users (){
$result = mysql_query('SELECT `uid` AS `id`, `username` AS `username` FROM `users`');


$users = array();

while (($row = mysql_fetch_assoc($result)) != false){
$users[] = $row;
}

return $users;
}

function fetch_user_info($uid){
$uid = (int)$uid;


$sql = "SELECT
`username` AS `username`,
`grad` AS `grad`,
`drzava` AS `drzava`,
`fan` AS `fan`,
`Website` AS `Website`
FROM users
WHERE `uid` = '$uid'";

$result = mysql_query($sql);

return mysql_fetch_assoc($result);

}
function set_profile_info($username, $grad, $drzava, $fan, $website){
$username = mysql_real_escape_string(htmlentities($username));
$grad = mysql_real_escape_string(htmlentities($grad));
$drzava = mysql_real_escape_string(htmlentities($drzava));
$fan = mysql_real_escape_string(htmlentities($fan));
$website = mysql_real_escape_string(htmlentities($website));
$uid = $_SESSION['uid'];

mysql_query("UPDATE `users` SET `username` = `$username`, `grad` = `$grad`, `drzava` = `$drzava`,`fan` = `$fan`, `website` = `$website` WHERE `uid`=`$uid`");
}


?>[/syntax]

LOGIN(USER).PHP
[syntax=php]<?php include "base.php"; ?>
<?php
if(!empty($_SESSION['LoggedIn']) && !empty($_SESSION['Username']))
{
?>
<?php

}
elseif(!empty($_POST['username']) && !empty($_POST['password']))
{
$username = mysql_real_escape_string($_POST['username']);
$password = md5(mysql_real_escape_string($_POST['password']));

$checklogin = mysql_query("SELECT * FROM users WHERE Username = '".$username."' AND Password = '".$password."'");

if(mysql_num_rows($checklogin) == 1)
{
$row = mysql_fetch_array($checklogin);

$_SESSION['Username'] = $username;
$_SESSION['LoggedIn'] = 1;
$_SESSION['uid'] = $row['uid'];


echo "<h1><center>Success</center></h1>";
echo "<p><center>We are now redirecting you to the member area.</center></p>";
echo "<meta http-equiv='refresh' content='=2;user.php' />";
}
else
{
echo "<h1>Error</h1>";
echo "<p>Sorry, your account could not be found. Please <a href=\"user.php\">click here to try again</a>.</p>";
}
}
else
{
?>
?php
}
?>[/syntax]
maybe is this happening because somewhere U is a big letter and some where not for username Username?

I notice in your login page you are selecting Username and username from other places. Column names are case-senstive. You need to fix your queries to either work off Username or username. Which ever is your column in the database.

sorry i dont undestand, i only did all small letters at Usernames everywhere

I highly doubt you have two columns for their username. Is the column in the table "users" called Username or username. Edit all your queries to select which one it is.

yea its username

I'm not really sure how any sessions are being set at all. Look at your query in login.php and look at what your WHERE clause

can you take all these scripts and edit them by yourself until they work correctly? if you have time of course?

Did you even try what I said?

ExtremeGaming wrote:Did you even try what I said?

Frustrating, ain't it

try what?, i edited $checklogin = mysql_query("SELECT * FROM users WHERE Username = '".$username."' AND Password = '".$password."'"); but it must be like this 'uid' cannot be

In some of your queries you use "Username" to select the column, in others you use "username". Which one is it? It's case-sensitive.

everywhere is username with small letter thats ok

So then change all your queries so that the column is lowercase. You have queries that use "Username".

it is i changed

Is the "Password" column actually Uppercase P or is it like "username"?

its password no uppercase

Copy and paste your code as you have it now.