Welcome, Guest: Register On Nairaland / LOGIN! / Trending / Recent / New
Stats: 3,208,837 members, 8,003,979 topics. Date: Saturday, 16 November 2024 at 04:03 AM

Please I Need A Help In My Code - Webmasters - Nairaland

Nairaland Forum / Science/Technology / Webmasters / Please I Need A Help In My Code (863 Views)

. / Please, Everyone I Need A Help On How I Can Track Or Hack Someone's Whatsapp Acc / My Adsense Earning Is Not Up To $100 - I Want To Share My Code (2) (3) (4)

(1) (Reply) (Go Down)

Please I Need A Help In My Code by Cordova: 6:26pm On Jan 19, 2016
Please I need professionals to help me identify any error that is in this code.

I created a form where after login, members will have to update there profile before accessing other part of the portal. Everything is working fine but the update profile page failed to work. This is the code. Please, I need your help. Though I have similar one which was successful but I can't figure out what is wrong here.

Thanks

if(isset($_POST['update'])){

if($_POST['addy']="" || $_POST['tel']=="" || $_POST['email']=="" || $_POST['age']=="" || $_POST['prof']=="" || $_POST['work']=="" || $_POST['post']==""wink{
echo "<script>alert('Please fill all the fields before you proceed')</script>";
}else{

$uname = $_POST['username'];
$fname = $_POST['fname'];
$mname = $_POST['mname'];
$add = $_POST['addy'];
$tel = $_POST['tel'];
$mail = $_POST['email'];
$age = $_POST['age'];
$prof = $_POST['prof'];
$work =$_POST['work'];
$post = $_POST['post'];



$suid = $_SESSION['user_id'];
$qupdate = "UPDATE registermember SET Address = '$add', Phone='$tel', Email='$mail', Age Bracket='$age', Profession='$prof', Place of work='$work', Position='$post' WHERE id=$suid ";
$res = mysql_query($qupdate);
header('Location: dashboard.php');
}
}
Re: Please I Need A Help In My Code by onyengbu: 6:35pm On Jan 19, 2016
First,
if($_POST['addy']="" || should be
if($_POST['addy']=="" ||

You missed one equals sign.

Then I don't know if you actually named your database table columns with spaces in them for eg: "Age Bracket".
If you did, that's bad. Change it ASAP.
Re: Please I Need A Help In My Code by Cordova: 6:37pm On Jan 19, 2016
onyengbu:
First,
if($_POST['addy']="" || should be
if($_POST['addy']=="" ||
You missed one equals sign.
Then I don't know if you actually named your database table columns with spaces in them for eg: "Age Bracket".
If you did, that's bad. Change it ASAP.

Ok onyengbu. I will effect the correction right away and get back to you. Thanks so much
Re: Please I Need A Help In My Code by 9jawebdev(m): 7:21pm On Jan 19, 2016
Cordova:
Please I need professionals to help me identify any error that is in this code.

I created a form where after login, members will have to update there profile before accessing other part of the portal. Everything is working fine but the update profile page failed to work. This is the code. Please, I need your help. Though I have similar one which was successful but I can't figure out what is wrong here.

Thanks

if(isset($_POST['update'])){

if($_POST['addy']="" || $_POST['tel']=="" || $_POST['email']=="" || $_POST['age']=="" || $_POST['prof']=="" || $_POST['work']=="" || $_POST['post']==""wink{
echo "<script>alert('Please fill all the fields before you proceed')</script>";
}else{

$uname = $_POST['username'];
$fname = $_POST['fname'];
$mname = $_POST['mname'];
$add = $_POST['addy'];
$tel = $_POST['tel'];
$mail = $_POST['email'];
$age = $_POST['age'];
$prof = $_POST['prof'];
$work =$_POST['work'];
$post = $_POST['post'];



$suid = $_SESSION['user_id'];
$qupdate = "UPDATE registermember SET Address = '$add', Phone='$tel', Email='$mail', Age Bracket='$age', Profession='$prof', Place of work='$work', Position='$post' WHERE id=$suid ";
$res = mysql_query($qupdate);
header('Location: dashboard.php');
}
}

Also, you are setting a session without setting the session id,
$suid = $_SESSION['user_id'];

$suid is undefined. whats the value of the 'user_id'


to properly use session , make it the first line like

<?php session_start();?>

<html>
......
</html>

Hope this helps
Re: Please I Need A Help In My Code by A7(m): 7:49pm On Jan 19, 2016
If your variable is holding a string, while updating values of your db table[column] use '".$variable."' and if the variable is an integer use ".$variable."

And always try to catch exceptions, for instance after querying the db before relocating members back to another page use:

If($query){
//redirect
}else{//log the error somewhere}
Re: Please I Need A Help In My Code by 0luwatope(m): 3:34pm On Jan 20, 2016
@Cordova Try to validate your inputs because of sql injection attacks and try to use new mysqli object oriented or PDO because mysql has been depreciated

Your database should not necessarily contain uppercase and spaces, your db should be easier to understand

Check your <input type='submit' name='update'> if yu misspelt the word update


Then please and please use the empty() function
$addy=htmlspecialchars(strip_tags($_POST['addy'])):
//that is how to validate, I gat no time to write you a function for that

if(empty($_POST['addy']) || empty($_POST['tel']......);
{
echo "<script>alert('Please fill all the fields before you
proceed')</script>";
}
// please try and create a div class for displaying errors so you will just echo the error msg **
else
{
session_start();
$suid=$_SESSION['user_id'];

$qupdate = "UPDATE registermember SET Address = '$addy',
Phone='$tel', Email='$mail', Age Bracket='$age',
Profession='$prof', Place of work='$work', Position='$post'
WHERE id=$suid ";
$res = mysql_query($qupdate);
header();
}
Change all your address, phone, email to lowercases and remove all spaces because in your code, you didn't give room for an error message from your sql server...

Did you even echo your $suid to know if it corresponds with the data on your db??

Greetings to my boss that will correct my codes.... Am a learner trying to be a geek
Re: Please I Need A Help In My Code by Craigston: 1:50pm On Jan 21, 2016
You did not open a connection to the database. Try enabling error reporting in your program.
Re: Please I Need A Help In My Code by Cordova: 6:34pm On Jan 22, 2016
I appreciate every single suggestion by all and by God's grace everything has been noted.

However, I just copied a part of the code to examine the lines of code.

The application starts by members registering to create account with first name, surname etc

After login, they will be prompted to change the default assigned password before proceeding to the dashboard where they can choose to update their profile. The login was successful, password change was successful, login, session and logout worked well, downloads work well etc. The only aspect that refused to work was the edit profile function that was why I pasted only the aspect that deals with the edit profile.

The page actually started with this

ob_start();
error_reporting(1);
session_start();
include 'cons.php';
include 'session.php';

if(loggedin()){
echo 'Welcome You are logged In ';
}else{
header('Location: login_rl.php');
}

The session created is in login file and a function was created in session.php for the login


each time I echo the session id, I get the value that is in the database.

Concerning the sql injection, I uses addslashes(htmlentities($_POST['addy'])) for the fields.

Once again I appreciate all our suggestion.
Re: Please I Need A Help In My Code by ps3o(m): 12:59am On Jan 23, 2016
Cordova:
I appreciate every single suggestion by all and by God's grace everything has been noted.

However, I just copied a part of the code to examine the lines of code.

The application starts by members registering to create account with first name, surname etc

After login, they will be prompted to change the default assigned password before proceeding to the dashboard where they can choose to update their profile. The login was successful, password change was successful, login, session and logout worked well, downloads work well etc. The only aspect that refused to work was the edit profile function that was why I pasted only the aspect that deals with the edit profile.

The page actually started with this

ob_start();
error_reporting(1);
session_start();
include 'cons.php';
include 'session.php';

if(loggedin()){
echo 'Welcome You are logged In ';
}else{
header('Location: login_rl.php');
}

The session created is in login file and a function was created in session.php for the login


each time I echo the session id, I get the value that is in the database.

Concerning the sql injection, I uses addslashes(htmlentities($_POST['addy'])) for the fields.

Once again I appreciate all our suggestion.




if it can output the session id or variable correctly ensure that mysql query to update the set password to what the user supplied in the input box.
should u need further advice, don't hesitate to WhatsApp/call/SMS 07031175291

(1) (Reply)

Please Help: Cant Boost My Posts On My Page, It Shows Boost Unavalaible / Get Real Traffic TO Your Website- Hot!!! / Nigerian Adsense Acoount With 1.18 Dollars For Sale

(Go Up)

Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health
religion celebs tv-movies music-radio literature webmasters programming techmarket

Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10)

Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 27
Disclaimer: Every Nairaland member is solely responsible for anything that he/she posts or uploads on Nairaland.