CODEWITHSUNDEEP
phpmysqlsql-update
RapsFan1981
RapsFan1981

Reputation: 1197

PHP not performing UPDATE

I created a database with user's first name, last name, email, and temp password. When a user logs in for the first time they are shown a profile with the information already in the database as well as some additional fields they must fill in. On clicking submit the form should then update their profile in the database but it doesn't. The database is called 'users'. Could someone please tell me what I'm doing wrong?

 <?php
$testerID = preg_replace('#[^0-9]#i', '', $_SESSION["id"]); // filter everything but numbers and letters
$tester = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["tester"]); // filter everything but numbers and letters
$password = preg_replace('#[^A-Za-z0-9]#i', '', $_SESSION["password"]); // filter everything but numbers and letters

include "scripts/connect_to_mysql.php"; 
    $sql = mysql_query("SELECT * FROM users WHERE id='$testerID' AND username='$tester' AND password='$password' LIMIT 1"); // query the person
    $row = mysql_fetch_array($sql);
    $fname = $row['fname'];
    $lname = $row['lname'];
    $email = $row['email'];

$existCount = mysql_num_rows($sql); // count the row nums
if ($existCount == 0) { // evaluate the count
     echo "Your login session data is not on record in the database.";
     exit();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Tester Home</title>
</head>

<body>
<table width="886">
  <tr>
    <td width="876"><h1>Welcome 
    <?php  
    echo $fname;
    ?> 
    to the Closed Beta</h1></td>
  </tr>
</table>
<p>&nbsp;</p>
<div id="content">
<?php
$date = getdate();
// Parse the form data and add inventory item to the system
if (isset($_POST['$new_password'])) {
    $new_email = mysql_real_escape_string($_POST['email']);
    $new_password = mysql_real_escape_string($_POST['new_password']);
    $phone_model = mysql_real_escape_string($_POST['phone_model']);
    $carrier = mysql_real_escape_string($_POST['carrier']);

    $sql_update = mysql_query("UPDATE users SET email='$new_email', password='$new_password', phone_model='$phone_model', carrier='$carrier' WHERE id='$testerID'");
}
if(is_null($test_start)){ 
    echo "
    <form action=\"index.php\" enctype=\"multipart/form-data\" name=\"myForm\" id=\"myform\" method=\"post\">
    <table width=\"90%\" border=\"0\" cellspacing=\"0\" cellpadding=\"6\">
      <tr>
        <td width=\"20%\" align=\"right\">ID: </td>
        <td width=\"80%\"><label>
          $testerID 
        </label></td>
      </tr>
      <tr>
        <td align=\"right\">Username: </td>
        <td><label>
          $tester
          </label></td>
      </tr>
      <tr>
        <td align=\"right\">First Name: </td>
        <td><label>
          $fname
          </label></td>
      </tr>
      <tr>
        <td align=\"right\">Last Name: </td>
        <td><label>
          $lname
          </label></td>
      </tr>
      <tr>
        <td align=\"right\">Email Address: </td>
        <td><label>
          <input type=\"text\" name=\"email\" id=\"email\" value=\"\"/>
        </label></td>
      </tr>
      <tr>
        <td align=\"right\">Old password: (the one you were assigned)</td>
        <td><label>
          <input type=\"text\" name=\"old_password\" id=\"old_password\" value=\"$password\"/>
        </label></td>
      </tr>
      <tr>
        <td align=\"right\">New Password: </td>
        <td><label>
          <input type=\"text\" name=\"new_password\" id=\"newPassField\" />
        </label></td>
      </tr>
      <tr>
        <td align=\"right\">Confirm New Password: </td>
        <td><label>
          <input type=\"text\" name=\"confirm_password\" id=\"newPassField\" />
        </label></td>
      </tr>
      <tr>
        <td align=\"right\">Phone Model: </td>
        <td><label>
          <input type=\"text\" name=\"phone_model\" id=\"phone_model\" value=\"$phone_model\"/> (a 4 digit number)
        </label></td>
      </tr>
      <tr>
        <td align=\"right\">Carrier: </td>
        <td><label>
          <input type=\"text\" name=\"carrier\" id=\"carrier\" cols=\"64\" rows=\"5\" value=\"$carrier\"/>
          </label></td>
      </tr>
          <input type=\"submit\" name=\"button\" id=\"button\" value=\"Update\" />
    </table>
    </form>";   
}else{

}
?>
</div>
<p>&nbsp;</p>
</body>
</html>

Upvotes: 0

Views: 137

Answers (3)

bumperbox
bumperbox

Reputation: 10214

if there is an error in your sql then the best way to find out what it is, is to add in error checking code

or die(mysql_error());

i have added it to the end of your query here

$sql_update = mysql_query("UPDATE users SET email='$new_email', password='$new_password', phone_model='$phone_model', carrier='$carrier' WHERE id='$testerID'") or die(mysql_error());

Upvotes: 1

AleksanderKseniya
AleksanderKseniya

Reputation: 347

Where have you defined your mysql_select_db for the DB selection?

Also, I'm not quite used to apply for UPDATE selections, but you could use INSERT with a DUPLICATE value, if you know the ids or a similar column that is fixed for each user. Something like:

$query = "INSERT INTO users (_columns_) VALUES (_$columns_) ON DUPLICATE KEY UPDATE _column_='_$column_'";

Changing your columns and the posted values from the form with a post method, of course. Add there a WHERE clause if needed, even thought that would be something to look for on the db.

Upvotes: 1

jprofitt
jprofitt

Reputation: 10964

You have isset($_POST['$new_password']) instead of isset($_POST['new_password']). Notice the added $

Upvotes: 2

Related Questions