how to allow users logged in to UPDATE / EDIT their profile settings/information

Question

Question at hand:

How do I create the php code to let users who are logged into my site edit/update their profile settings/information?

I have 1 part working correctly for users to change their password, however, have no idea where to start when it comes to allowing users who are logged in to edit/update their other settings such as:

(1) nickname, (2) country, (3) date of birth, (4) gender, (5) motto and (6) bio

I'll provide the php and html code below that I have that is working for changing password, but I know that I need more to let users change/edit/update their other information. I tried using what is below as a reference to create the php code for the other information, but it didn't work so I have no idea where to even begin! Any help will be much appreciated...

PHP reference code:

if($_POST['submit']=='Change')
{
    $err = array();
    if(!$_POST['password1'] || !$_POST['passwordnew1'])
        $err[] = 'All the fields must be filled in!';
    if(!count($err))
    {
        $_POST['password1'] = mysql_real_escape_string($_POST['password1']);
        $_POST['passwordnew1'] = mysql_real_escape_string($_POST['passwordnew1']);
        $row = mysql_fetch_assoc(mysql_query("SELECT id,username FROM members WHERE username='{$_SESSION['username']}' AND pass='".md5($_POST['password1'])."'"));
        if($row['username'])
    {
        $querynewpass = "UPDATE members SET pass='".md5($_POST['passwordnew1'])."' WHERE username='{$_SESSION['username']}'";
        $result = mysql_query($querynewpass) or die(mysql_error());
        $_SESSION['msg']['passwordchange-success']='* You have successfully changed your password!';
    }
        else $err[]='Wrong password to start with!';
    }
    if($err)
    $_SESSION['msg']['passwordchange-err'] = implode('
',$err);
    header("Location: members.php?id=" . $_SESSION['username']);
    exit;
}

HTML reference code:

 
    Current Password:
    
    New Password:
    
    
      
    '.$_SESSION['msg']['passwordchange-err'].'';
        unset($_SESSION['msg']['passwordchange-err']);
    }
    if($_SESSION['msg']['passwordchange-success'])
    {
        echo ''.$_SESSION['msg']['passwordchange-success'].'';
        unset($_SESSION['msg']['passwordchange-success']);
    }
    ?>

So how would I create the php code to make this work for users to be able to edit/update their own profile settings/information from the numeric list I provided above (1-6)?

And I know using mysqli/pdo is a better alternative to use, but I unfortunately need to use the old deprecated mysql_* stuff for this project at this time...

If you need more info, let me know ;)

EDIT: Additional Question,

I'd assume too that I'd need to create variables for each column too such as:

$nickname = $_POST['nickname'];

$country = $_POST['country'];

etc...or is that not correct?

RE-EDIT:

Would something like this be applicable?

$id = $_SESSION['id'];
if ($_POST['country']) {
    $country = $_POST['country'];
    $nickname = $_POST['nickname'];
    $DOB = $_POST['DOB'];
    $gender = $_POST['gender'];
    $motto = $_POST['motto'];
    $bio = $_POST['bio'];
    $sql = mysql_query("UPDATE members SET country='$country', nickname='$nickname', DOB='$DOB', gender='$gender', motto='$motto', bio='$bio' WHERE id='$id'"); 

exit;
}

$sql = mysql_query("SELECT * FROM members WHERE id='$id' LIMIT 1");
while($row = mysql_fetch_array($sql)){
$country = $row["country"];
$nickname = $row["nickname"];
$DOB = $row["DOB"];
$gender = $row["gender"];
$motto = $row["motto"];
$bio = $row["bio"];
}

Or am I way off base?

how to allow users logged in to UPDATE / EDIT their profile settings/information

Answers (1)

Related Questions