-4

ユーザープロファイル情報の更新ページを作成していますが、機能していないようです。つまり、パスワードが更新されるだけでユーザーテーブルが更新されないということです。

account_setting.php

<?php 
require_once('for members/scripts/connect.php');

ob_start();
session_start();


   $login = ($_SESSION['login']);
   $userid = ($_SESSION['user_id']);
   $login_user = ($_SESSION['username']);
   $email = $_SESSION['email_address'];
   $fname = ($_SESSION['first_name']);
   $lname = ($_SESSION['last_name']);





//functionssss



function specializationQuery(){

$specData = mysql_query("SELECT * FROM specialization");

  while($recordJob = mysql_fetch_array($specData)){

     echo'<option value="' . $recordJob['specialization_id'] .  '">' . $recordJob['specialization_name'] . '</option>';

  }


}



///end of functionsss 




if($login)
{



$message = "";
$errorMSG = ""; 


    if(isset($_POST['edit_pass'])){
     $oldpassword = $_POST['oldpass'];
     $newpassword = $_POST['pass1'];
     $repeatpassword = $_POST['pass2'];


   ///passwordquerry
   $passwordquery = mysql_query ("SELECT * FROM user WHERE user_id = '$userid' ")or die(mysql_error());
   while($row = mysql_fetch_assoc($passwordquery))
   {
       $dbpassword = $row['password'];

       //check for the old password  is equal  dbpassword
       if($oldpassword == $dbpassword)
       {

           if($newpassword == $repeatpassword)
           {
               if(strlen($newpassword) <=8)
               {
                   $message = "your password is less than 8 charachters";
               }
               else
               {
               $password_update_query = mysql_query("UPDATE user SET password = '$newpassword' WHERE user_id = '$userid'")or die(mysql_error());
                    $message = "Your password has been updated";
               }
           }
           else
           {
               $message = "your password do not match!!";
           }
       }
       else
       {
           $message = "your password is incorrect!!";
       }
   }

}


    // get the previouse first name and last name from the database and make it the default 

    $get_info = mysql_query("SELECT first_name, last_name, user_name, email_address FROM user WHERE user_id = '$userid'") or die(mysql_error());
    $get_row = mysql_fetch_assoc($get_info);
    $fname = $get_row['first_name'];
    $lname = $get_row['last_name'];
    $username = $get_row['user_name'];
    $email = $get_row['email_address'];



    //submit what the user types into the database
    if(isset($_POST['edit'])){
     $fname = mysql_real_escape_string ($_POST['fname']);
     $lname = mysql_real_escape_string ($_POST['lname']);
     $spec = mysql_real_escape_string($_POST['specialization']);
     $governorate = mysql_real_escape_string($_POST['governorate']);
     @$district = mysql_real_escape_string($_POST['district']);
     @$village = mysql_real_escape_string($_POST['village']);
     $email = mysql_real_escape_string($_POST['email']);
     $aboutme = mysql_real_escape_string($_POST['aboutme']);



      //$about_query = mysql_query("INSERT INTO user (interest) VALUES ('$aboutme')")or die(mysql_error());
    if(strlen($fname) <= 3)
    {
        $errorMSG = "your first name is must be at least 3 charachters ";
    }
    else

     if(strlen($lname) <=4)
      {
          $errorMSG = "your last name is must be at least 4 charachters ";
      }
      else
     $edit_query = mysql_query("UPDATE user SET first_name= '$fname', last_name= '$lname', user_name = '$username', email_address = '$email', specialization= '$spec', governorate = '$governorate', district = '$district', village = '$village', interest = '$aboutme' WHERE user_id = '$userid'") or die(mysql_error());
    $errorMSG = "Update successfuly";
    var_dump($fname);
  }
}

else
{
    die("YOU MUST LOGIN FIRST ");
}



 ?>

 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Edit Profile</title>
<link href="style/stylesheet.css"rel="stylesheet" type="text/css"/>
<script type = "text/javascript" src = "http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
<script type="text/javascript">

 $(document).ready(function(){
                $("select#district").attr("disabled","disabled");
                $("select#village").attr("disabled","disabled");
                $("select#governorate").change(function(){
                $("select#district").attr("disabled","disabled");
                $("select#district").html("<option>wait...</option>");
                var id = $("select#governorate option:selected").attr('value');
                $.post("select_district.php", {id:id}, function(data){
                    $("select#district").removeAttr("disabled");
                    $("select#district").html(data);
                });
            });
            $("select#district").change(function(){ 
            id = $(this).val(); 
            $("select#village").attr("disabled","disabled");
            $("select#village").html("<option>wait...</option>");
            $.post("select_village.php", {id:id}, function(data){


            $("select#village").removeAttr("disabled");
            $("select#village").html(data);
         });
        });
            $("form#registerform").submit(function(){
                var cat = $("select#governorate option:selected").attr('value');
                var type = $("select#district option:selected").attr('value');
                var village = $("select#village option:selected").attr('value');

            });
    });


</script>

</head>

<body>
<div class="container">
<!--<?php require_once('header.php'); ?>-->

<br />
<br />
<br />

    <div class="registerTitle">
      <h2>Edit you account setting below </h2>
    </div>
    <div id="eidtProfile">
   <?php echo "welcome <b>$login_user</b> you can now edit your profile"; ?>
   <hr />

      <div id="editProfileImage">
        <p>Upload profile photo</p>

        <!-- check if the user has upload a profile pic or not-->
         <?php
         $check_pic = mysql_query("SELECT profile_pic FROM user WHERE user_name= '$login_user'")or die(mysql_error());
         $get_pic_row = mysql_fetch_assoc($check_pic);
         $profile_pic_db = $get_pic_row['profile_pic'];
         if($profile_pic_db == "") 
         {
             $profile_pic = "images/default_img.jpg";
         }
         else
         {
             $profile_pic = "userdata/profile_pics/".$profile_pic_db;
         }
         ?>
         <!--upload profile img script-->
         <?php
          if(isset($_FILES['profilepic'])){
   if(($_FILES["profilepic"] ["type"] == "image/jpeg")|| ($_FILES["profilepic"] ["type"] == "image/png") && ($_FILES["profilepic"] ["size"] < 1048576))//1 MB
   {
    $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
    $rand_dir_name = substr(str_shuffle($chars), 0, 15);
    mkdir("userdata/profile_pics/$rand_dir_name");

     if(file_exists("userdata/profile_pics/$rand_dir_name/".$_FILES["profilepic"] ["name"]))
     {
       echo $_FILES["profilepic"] ["name"]."Already exists";    
     }
     else
     {
         move_uploaded_file($_FILES["profilepic"] ["tmp_name"], "userdata/profile_pics/$rand_dir_name/".$_FILES["profilepic"] ["name"]);
         //echo "Uploaded and stored  in: userdata/profile_pics/$rand_dir_name/".$_FILES["profilepic"] ["name"];
      $profile_pic_name = $_FILES["profilepic"] ["name"];
      $profile_pic_query = mysql_query("UPDATE user SET profile_pic = '$rand_dir_name/$profile_pic_name' WHERE user_name = '$login_user'") or die(mysql_error());
      header("Location: account-setting.php");

     }
   }
   else
   {
       echo " INVALIDE File! your image must not be large than 1MB and .jpg or .jpeg or .png";
   }

 }
 ?>
        <form action="" = "" method="post" enctype="multipart/form-data">
        <img src="<?php echo $profile_pic; ?>" width="80" />
        <input type="file" name="profilepic" /><br />
        <input type="submit" name="upload" value="Upload Img">
        </form>

      </div>

<hr />
<?php include "select.class.php"; ?>
<form action="account-setting.php" method="post">

<p>Update your Password</p><br />
<p style="color:#FF0000"><?php echo $message; ?></p><br />
Old Password: <input type="password" name="oldpass" id="oldpassword" placeholder="Password" />
New Password: <input type="password" name="pass1" id="newpassword" placeholder="Password" />
Reapet Password: <input type="password" name="pass2" id="repeatpassword" placeholder="Validate Password" /><br />
<input type="submit" name="edit_pass" value="edit password" />
<hr />

<p>Update Your Profile Info</p><br />
<p style="color:#FF0000"><?php echo $errorMSG; ?></p><br />
First Name: <input type="text" name="fname" placeholder="Firstname" value="<?php echo $fname; ?>" />

Last Name: <input type="text" name="lname" placeholder="Lastname" value="<?php echo $lname; ?>" />
<br />
User Name: <input type="text" name="username" placeholder="Username" value="<?php echo $login_user; ?>" />

Email_address: <input type="text" name="email" placeholder="email address" value="<?php echo $email; ?>" />
<br />
<br />
Specialization: <select name="specialization"  class="select">
      <option value="0">-- Select Your Specialization --</option>

        <?php specializationQuery(); ?>
      </select>
<hr />
<p>Update Location Info</p>
 Governorate
        <select id="governorate" name = 'governorate'>

                <?php echo $opt->ShowGovernorate(); ?>


                </select>

District
      <select id="district" name="district">
                    <option value="0">choose...</option>
                </select>

Village
       <select id="village" name="village">
                    <option value="0">choose...</option>
                </select>


      <br />
About Me: <textarea name="aboutme" rows="5" cols="30"> </textarea><br />
<input type="submit" name="edit" id="edit" value="edit Profile" />








</form>




    </div>
 </div>
</body>
</html>

<?php ob_end_flush(); ?>
4

1 に答える 1