我正在为用户个人资料信息创建一个更新页面,但它似乎不起作用意味着它不更新用户表只是更新了密码其他它从未改变过的任何东西都可以帮助我吗??????
account_setting.php
<?php
require_once('for members/scripts/connect.php');
ob_start();
session_start();
$login = ($_SESSION['login']);
$userid = ($_SESSION['user_id']);
$login_user = ($_SESSION['username']);
$email = $_SESSION['email_address'];
$fname = ($_SESSION['first_name']);
$lname = ($_SESSION['last_name']);
//functionssss
function specializationQuery(){
$specData = mysql_query("SELECT * FROM specialization");
while($recordJob = mysql_fetch_array($specData)){
echo'<option value="' . $recordJob['specialization_id'] . '">' . $recordJob['specialization_name'] . '</option>';
}
}
///end of functionsss
if($login)
{
$message = "";
$errorMSG = "";
if(isset($_POST['edit_pass'])){
$oldpassword = $_POST['oldpass'];
$newpassword = $_POST['pass1'];
$repeatpassword = $_POST['pass2'];
///passwordquerry
$passwordquery = mysql_query ("SELECT * FROM user WHERE user_id = '$userid' ")or die(mysql_error());
while($row = mysql_fetch_assoc($passwordquery))
{
$dbpassword = $row['password'];
//check for the old password is equal dbpassword
if($oldpassword == $dbpassword)
{
if($newpassword == $repeatpassword)
{
if(strlen($newpassword) <=8)
{
$message = "your password is less than 8 charachters";
}
else
{
$password_update_query = mysql_query("UPDATE user SET password = '$newpassword' WHERE user_id = '$userid'")or die(mysql_error());
$message = "Your password has been updated";
}
}
else
{
$message = "your password do not match!!";
}
}
else
{
$message = "your password is incorrect!!";
}
}
}
// get the previouse first name and last name from the database and make it the default
$get_info = mysql_query("SELECT first_name, last_name, user_name, email_address FROM user WHERE user_id = '$userid'") or die(mysql_error());
$get_row = mysql_fetch_assoc($get_info);
$fname = $get_row['first_name'];
$lname = $get_row['last_name'];
$username = $get_row['user_name'];
$email = $get_row['email_address'];
//submit what the user types into the database
if(isset($_POST['edit'])){
$fname = mysql_real_escape_string ($_POST['fname']);
$lname = mysql_real_escape_string ($_POST['lname']);
$spec = mysql_real_escape_string($_POST['specialization']);
$governorate = mysql_real_escape_string($_POST['governorate']);
@$district = mysql_real_escape_string($_POST['district']);
@$village = mysql_real_escape_string($_POST['village']);
$email = mysql_real_escape_string($_POST['email']);
$aboutme = mysql_real_escape_string($_POST['aboutme']);
//$about_query = mysql_query("INSERT INTO user (interest) VALUES ('$aboutme')")or die(mysql_error());
if(strlen($fname) <= 3)
{
$errorMSG = "your first name is must be at least 3 charachters ";
}
else
if(strlen($lname) <=4)
{
$errorMSG = "your last name is must be at least 4 charachters ";
}
else
$edit_query = mysql_query("UPDATE user SET first_name= '$fname', last_name= '$lname', user_name = '$username', email_address = '$email', specialization= '$spec', governorate = '$governorate', district = '$district', village = '$village', interest = '$aboutme' WHERE user_id = '$userid'") or die(mysql_error());
$errorMSG = "Update successfuly";
var_dump($fname);
}
}
else
{
die("YOU MUST LOGIN FIRST ");
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Edit Profile</title>
<link href="style/stylesheet.css"rel="stylesheet" type="text/css"/>
<script type = "text/javascript" src = "http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
<script type="text/javascript">
$(document).ready(function(){
$("select#district").attr("disabled","disabled");
$("select#village").attr("disabled","disabled");
$("select#governorate").change(function(){
$("select#district").attr("disabled","disabled");
$("select#district").html("<option>wait...</option>");
var id = $("select#governorate option:selected").attr('value');
$.post("select_district.php", {id:id}, function(data){
$("select#district").removeAttr("disabled");
$("select#district").html(data);
});
});
$("select#district").change(function(){
id = $(this).val();
$("select#village").attr("disabled","disabled");
$("select#village").html("<option>wait...</option>");
$.post("select_village.php", {id:id}, function(data){
$("select#village").removeAttr("disabled");
$("select#village").html(data);
});
});
$("form#registerform").submit(function(){
var cat = $("select#governorate option:selected").attr('value');
var type = $("select#district option:selected").attr('value');
var village = $("select#village option:selected").attr('value');
});
});
</script>
</head>
<body>
<div class="container">
<!--<?php require_once('header.php'); ?>-->
<br />
<br />
<br />
<div class="registerTitle">
<h2>Edit you account setting below </h2>
</div>
<div id="eidtProfile">
<?php echo "welcome <b>$login_user</b> you can now edit your profile"; ?>
<hr />
<div id="editProfileImage">
<p>Upload profile photo</p>
<!-- check if the user has upload a profile pic or not-->
<?php
$check_pic = mysql_query("SELECT profile_pic FROM user WHERE user_name= '$login_user'")or die(mysql_error());
$get_pic_row = mysql_fetch_assoc($check_pic);
$profile_pic_db = $get_pic_row['profile_pic'];
if($profile_pic_db == "")
{
$profile_pic = "images/default_img.jpg";
}
else
{
$profile_pic = "userdata/profile_pics/".$profile_pic_db;
}
?>
<!--upload profile img script-->
<?php
if(isset($_FILES['profilepic'])){
if(($_FILES["profilepic"] ["type"] == "image/jpeg")|| ($_FILES["profilepic"] ["type"] == "image/png") && ($_FILES["profilepic"] ["size"] < 1048576))//1 MB
{
$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
$rand_dir_name = substr(str_shuffle($chars), 0, 15);
mkdir("userdata/profile_pics/$rand_dir_name");
if(file_exists("userdata/profile_pics/$rand_dir_name/".$_FILES["profilepic"] ["name"]))
{
echo $_FILES["profilepic"] ["name"]."Already exists";
}
else
{
move_uploaded_file($_FILES["profilepic"] ["tmp_name"], "userdata/profile_pics/$rand_dir_name/".$_FILES["profilepic"] ["name"]);
//echo "Uploaded and stored in: userdata/profile_pics/$rand_dir_name/".$_FILES["profilepic"] ["name"];
$profile_pic_name = $_FILES["profilepic"] ["name"];
$profile_pic_query = mysql_query("UPDATE user SET profile_pic = '$rand_dir_name/$profile_pic_name' WHERE user_name = '$login_user'") or die(mysql_error());
header("Location: account-setting.php");
}
}
else
{
echo " INVALIDE File! your image must not be large than 1MB and .jpg or .jpeg or .png";
}
}
?>
<form action="" = "" method="post" enctype="multipart/form-data">
<img src="<?php echo $profile_pic; ?>" width="80" />
<input type="file" name="profilepic" /><br />
<input type="submit" name="upload" value="Upload Img">
</form>
</div>
<hr />
<?php include "select.class.php"; ?>
<form action="account-setting.php" method="post">
<p>Update your Password</p><br />
<p style="color:#FF0000"><?php echo $message; ?></p><br />
Old Password: <input type="password" name="oldpass" id="oldpassword" placeholder="Password" />
New Password: <input type="password" name="pass1" id="newpassword" placeholder="Password" />
Reapet Password: <input type="password" name="pass2" id="repeatpassword" placeholder="Validate Password" /><br />
<input type="submit" name="edit_pass" value="edit password" />
<hr />
<p>Update Your Profile Info</p><br />
<p style="color:#FF0000"><?php echo $errorMSG; ?></p><br />
First Name: <input type="text" name="fname" placeholder="Firstname" value="<?php echo $fname; ?>" />
Last Name: <input type="text" name="lname" placeholder="Lastname" value="<?php echo $lname; ?>" />
<br />
User Name: <input type="text" name="username" placeholder="Username" value="<?php echo $login_user; ?>" />
Email_address: <input type="text" name="email" placeholder="email address" value="<?php echo $email; ?>" />
<br />
<br />
Specialization: <select name="specialization" class="select">
<option value="0">-- Select Your Specialization --</option>
<?php specializationQuery(); ?>
</select>
<hr />
<p>Update Location Info</p>
Governorate
<select id="governorate" name = 'governorate'>
<?php echo $opt->ShowGovernorate(); ?>
</select>
District
<select id="district" name="district">
<option value="0">choose...</option>
</select>
Village
<select id="village" name="village">
<option value="0">choose...</option>
</select>
<br />
About Me: <textarea name="aboutme" rows="5" cols="30"> </textarea><br />
<input type="submit" name="edit" id="edit" value="edit Profile" />
</form>
</div>
</div>
</body>
</html>
<?php ob_end_flush(); ?>