私のスクリプトでは、[更新] ボタンをクリックすると失敗します。基本的に、入力フィールドが正しく入力されているかどうかはチェックしません。また、フォームに正しく入力しても、実際には情報が更新されません。つまり、エラー チェックと更新コードの処理が機能していません。これが私のスクリプトです。
<?php
error_reporting (E_ALL ^ E_NOTICE);
session_start();
$userid = $_SESSION['userid7906'];
$username = $_SESSION['username7906'];
$email = $_SESSION['email7906'];
$one = $_SESSION['yes7906'];
$zero = $_SESSION['no7906'];
?>
<!DOCTYPE html>
<html>
<head>
<title>Profile Settings</title>
<meta http-equiv="Content=Type" content="text/html; charset=utf-8" />
<LINK REL=StyleSheet HREF="./css/profile_settings.css" TYPE="text/css" MEDIA=screen>
</head>
<body>
<?php
$info = $_COOKIE['user7906']." <a href='./logout.php'>Log Out</a> <a href='./memberpage.php'>Home</a> <b><a href='./profile.php? user=$_COOKIE[user7906]'>Profile</a></b> > Edit <a href='./search.php'>User Search</a> <a href='./account.php'>Account</a> <br/><hr/>";
$info2 = $_COOKIE['user7906']." <a href='./logout.php'>Log Out</a> <a href='./memberpage.php'>Home</a> <b><a href='./profile.php?user=$username'>Profile</a></b> > Edit <a href='./search.php'>User Search</a> <a href='./account.php'>Account</a> <br/><hr/>";
if (isset($_COOKIE['user7906']) && isset($_COOKIE['pass7906']) && isset($_COOKIE['email7906'])) {
echo $info."<br/>";
if (isset($_COOKIE['no7906'])) {
header("Location: ./profile.php?user=$_COOKIE[user]");
}
else {
require('./connect.php');
$fgh = mysql_query("SELECT * FROM `users` WHERE username='$_COOKIE[user7906]'");
$abc = mysql_num_rows("$fgh");
if ($abc !== 0) {
$osu = mysql_fetch_assoc($fgh);
$harv = $osu['id'];
$usr = $osu['username'];
$et = mysql_query("SELECT * FROM `profiles` WHERE users_id='$harv'");
$elm = mysql_num_rows($et);
if ($elm !== 0) {
$c = mysql_fetch_assoc($et);
$mm = $c['email'];
$bio = $c['about'];
$fnm = $c['first_name'];
$lnm = $c['last_name'];
$lc4 = $c['location'];
echo "<center><b>Profile Settings</b></center><br/><br/>";
if (isset($_POST['submit']) === true) {
$value=$_REQUEST['fn'];
}
else {
$value=$fnm;
}
if (isset($_POST['go']) === true) {
$value=$_REQUEST['fn'];
$value2=$_REQUEST['ln'];
$value3=$_REQUEST['email'];
$value4=$_REQUEST['about'];
$value5=$_REQUEST['locate'];
}
else {
$value=$fnm;
$value2=$lnm;
$value3=$mm;
$value4=$bio;
$value5=$lc4;
}
?><center>
<form action='./profile_settings.php' method='POST' name='lp' />
<table>
<tr>
<td>First Name:</td>
<td><input type='text' name='fn' value="<?php echo $value; ?>" /><br/></td>
</tr>
<tr>
<td>Last Name:</td>
<td><input type='text' name='ln' value="<?php echo $value2; ?>" /><br/></td>
</tr>
<tr>
<td>Email:</td>
<td><input type='text' name='email' value="<?php echo $value3; ?>" /><br/></td>
</tr>
<tr>
<td>About:</td>
<td><input type='text' name='about' value="<?php echo $value4; ?>" /><br/></td>
</tr>
<tr>
<td>Location:</td>
<td><input type='text' name='locate' value="<?php echo $value5; ?>" /><br/></td>
</tr>
</table>
<center><input type='submit' name='go' value='Update' /> <?php echo "<a href='./profile.php?user=$_COOKIE[user7906]'>Cancel</a>"; ?></center>
</center></form>
<?php
$go = $_POST['go'];
$fn = $_POST['fn'];
$ln = $_POST['ln'];
$em = trim(strtolower($_POST['email']));
$ab = $_POST['about'];
$lc = $_POST['locate'];
if (isset($go)==='Update') {
if ((!empty($fn)) && (!empty($ln)) && (!empty($em)) && (!empty($ab)) && (!empty($lc)) && (strlen($em) > 6) && (strstr($em, "@")) == false && (strstr($em, ".")) == false) {
require("./connect.php");
$update = mysql_query("UPDATE `profiles` SET first_name='$fn' WHERE users_id='$harv' ");
$update2 = mysql_query("UPDATE `profiles` SET last_name='$ln' WHERE users_id='$harv' ");
$update3 = mysql_query("UPDATE `profiles` SET email='$em' WHERE users_id='$harv' ");
$update4 = mysql_query("UPDATE `profiles` SET about='$ab' WHERE users_id='$harv' ");
$update5 = mysql_query("UPDATE `profiles` SET location='$lc' WHERE users_id='$harv' ");
echo '<br/>Profile updated successfully';
}
elseif (!isset($_POST)) {
echo '<br/><center>Please fill out this form.</center>';
}
elseif (isset($fn)==='') {
echo '<br/><center>Enter your first name.</center>';
}
elseif (isset($ln)==='') {
echo '<br/><center>Enter your last name.</center>';
}
elseif (isset($em)==='') {
echo '<br/><center>Enter your email.</center>';
}
elseif ((strlen($em) < 7) || (strstr($em, "@")) === false || (strstr($em, ".")) === false) {
echo '<br/><center>Invalid email</center>';
}
elseif (isset($ab)==='') {
echo '<br/><center>Write something about yourself.</center>';
}
elseif (isset($lc)==='') {
echo '<br/><center>Enter your location.</center>';
}
else {
echo '<center>An error has occured.</center>';
}
}
}
else {
header("Location: ./profile.php?user=$_COOKIE[user7906]");
}
}
else {
echo '<center>An error has occured.</center>';
}
}
}
elseif(isset($username) && isset($userid) && isset($email)) {
echo $username.$info2."<br/>";
require('./connect.php');
$fgh = mysql_query("SELECT * FROM `users` WHERE username='$username'");
$abc = mysql_num_rows($fgh);
if ($abc !== 0) {
$osu = mysql_fetch_assoc($fgh);
$harv = $osu['id'];
$usr = $osu['username'];
$et = mysql_query("SELECT * FROM `profiles` WHERE users_id='$harv'");
$elm = mysql_num_rows($et);
if ($elm !== 0) {
$c = mysql_fetch_assoc($et);
$mm = $c['email'];
$bio = $c['about'];
$fnm = $c['first_name'];
$lnm = $c['last_name'];
$lc4 = $c['location'];
echo "<center><b>Profile Settings</b></center><br/><br/>";
if (isset($_POST['go']) === true) {
$value=$_REQUEST['fn'];
$value2=$_REQUEST['ln'];
$value3=$_REQUEST['email'];
$value4=$_REQUEST['about'];
$value5=$_REQUEST['locate'];
}
else {
$value=$fnm;
$value2=$lnm;
$value3=$mm;
$value4=$bio;
$value5=$lc4;
}
?>
<form action='./profile_settings.php' method='POST' name='lp' /><center>
<table>
<tr>
<td>First Name:</td>
<td><input type='text' name='fn' value="<?php echo $value; ?>" /><br/></td>
</tr>
<tr>
<td>Last Name:</td>
<td><input type='text' name='ln' value="<?php echo $value2; ?>" /><br/></td>
</tr>
<tr>
<td>Email:</td>
<td><input type='text' name='email' value="<?php echo $value3; ?>" /><br/></td>
</tr>
<tr>
<td>About:</td>
<td><input type='text' name='about' value="<?php echo $value4; ?>" /><br/></td>
</tr>
<tr>
<td>Location:</td>
<td><input type='text' name='locate' value="<?php echo $value5; ?>" /><br/></td>
</tr>
</table>
<center><input type='submit' name='go' value='Update' /> <?php echo "<a href='./profile.php?user=$username'>Cancel</a>"; ?></td></center>
</center></form>
<?php
$go = $_POST['go'];
$fn = $_POST['fn'];
$ln = $_POST['ln'];
$em = trim(strtolower($_POST['email']));
$ab = $_POST['about'];
$lc = $_POST['locate'];
if (isset($go)==='Update') {
if ((!empty($fn)) && (!empty($ln)) && (!empty($em)) && (!empty($ab)) && (!empty($lc)) && (strlen($em) > 6) && (strstr($em, "@")) == false && (strstr($em, ".")) == false) {
require("./connect.php");
$update = mysql_query("UPDATE `profiles` SET first_name='$fn' WHERE users_id='$userid' ");
$update2 = mysql_query("UPDATE `profiles` SET last_name='$ln' WHERE users_id='$userid' ");
$update3 = mysql_query("UPDATE `profiles` SET email='$em' WHERE users_id='$userid' ");
$update4 = mysql_query("UPDATE `profiles` SET about='$ab' WHERE users_id='$userid' ");
$update5 = mysql_query("UPDATE `profiles` SET location='$lc' WHERE users_id='$userid' ");
echo '<br/>Profile updated successfully';
}
elseif (!isset($_POST)) {
echo '<br/><center>Please fill out this form.</center>';
}
elseif (isset($fn)==='') {
echo '<br/><center>Enter your first name.</center>';
}
elseif (isset($ln)==='') {
echo '<br/><center>Enter your last name.</center>';
}
elseif (isset($em)==='') {
echo '<br/><center>Enter your email.</center>';
}
elseif ((strlen($em) < 7) || (strstr($em, "@")) === false || (strstr($em, ".")) === false) {
echo '<br/><center>Invalid email</center>';
}
elseif (isset($ab)==='') {
echo '<br/><center>Write something about yourself.</center>';
}
elseif (isset($lc)==='') {
echo '<br/><center>Enter your location.</center>';
}
else {
echo '<center>An error has occured.</center>';
}
}
}
else {
header("Location: ./profile.php?user=$username");
}
}
else {
echo '<center>An error has occured.</center>';
}
}
else {
echo "<center>Please <a href='./login.php'log in</a> for access to this page.</center>";
}
?>