TimDunton
asked on
Update record form by username and password
I'm new to Dreamweaver and Iweb-dev, 'm sure I'm overlooking something really simple and need some help please. I have created a user login form, an update record form, a delete record form etc in Dreamweaver CS$. All the functionality is working fine but I'm stuck on something and can't seem to find an answer anywhere.
I would like users to be able to update their own records without the user_id.
Ideally I would like users to enter their username and password (as with the login form) then retrieve their own details by automatically populating the update record form so they can make their amendments then click update.
At the moment, the update record form can only be populated by linking to it from a user list and obviously I don't want an individual user to see all other users' details.
I'm guessing I'm missing something very simple but maybe that's because I am very simple!
In simple terms, I would like to use a user-defined variable(his/her own user_id) to populate the client record form and for that variable to be defined by entering username and password. (I hope that makes sense!).
Thanks in advance for any help you can offer.
I would like users to be able to update their own records without the user_id.
Ideally I would like users to enter their username and password (as with the login form) then retrieve their own details by automatically populating the update record form so they can make their amendments then click update.
At the moment, the update record form can only be populated by linking to it from a user list and obviously I don't want an individual user to see all other users' details.
I'm guessing I'm missing something very simple but maybe that's because I am very simple!
In simple terms, I would like to use a user-defined variable(his/her own user_id) to populate the client record form and for that variable to be defined by entering username and password. (I hope that makes sense!).
Thanks in advance for any help you can offer.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks Jason,
I had the <?php session_start(); ?> in the head section, the form is populating but I have another issue... The form is no longer updating the database. What have I done now?
The form seems to be submitting but the records aren't changing
By the way, thank God for you... My question was on there for many painful hours until you came on. Thanks again.
I had the <?php session_start(); ?> in the head section, the form is populating but I have another issue... The form is no longer updating the database. What have I done now?
The form seems to be submitting but the records aren't changing
By the way, thank God for you... My question was on there for many painful hours until you came on. Thanks again.
<?php session_start(); ?>
<?php require_once('Connections/connpbw.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "userUpdateRecord")) {
$updateSQL = sprintf("UPDATE users SET email=%s, pwd=%s, first_name=%s, last_name=%s, country=%s, telephone=%s, wineExperience=%s, news=%s, offers=%s, advice=%s WHERE user_id=%s",
GetSQLValueString($_POST['email'], "text"),
GetSQLValueString($_POST['pwd'], "text"),
GetSQLValueString($_POST['first_name'], "text"),
GetSQLValueString($_POST['last_name'], "text"),
GetSQLValueString($_POST['country'], "text"),
GetSQLValueString($_POST['telephone'], "text"),
GetSQLValueString($_POST['wineExperience'], "text"),
GetSQLValueString($_POST['news'], "text"),
GetSQLValueString($_POST['offers'], "text"),
GetSQLValueString($_POST['advice'], "text"),
GetSQLValueString($_POST['user_id'], "int"));
mysql_select_db($database_connpbw, $connpbw);
$Result1 = mysql_query($updateSQL, $connpbw) or die(mysql_error());
$updateGoTo = "userupdate.php";
if (isset($_SERVER['QUERY_STRING'])) {
$updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
$updateGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $updateGoTo));
}
$colname_Recordset1 = "-1";
if (isset($_SESSION['MM_User_ID'])) {
$colname_Recordset1 = $_SESSION['MM_User_ID'];
}
mysql_select_db($database_connpbw, $connpbw);
$query_Recordset1 = sprintf("SELECT * FROM users WHERE user_id = %s", GetSQLValueString($colname_Recordset1, "int"));
$Recordset1 = mysql_query($query_Recordset1, $connpbw) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>PBW SITE</title>
<script type="text/javascript">
function mypopup(video)
{
mywindow = window.open("player.html?v=" + video, "mywindow", "toolbar=no,location=no,status=no,scrollbars=no, width=425,height=344");
}
</script>
<script src="Scripts/AC_ActiveX.js" type="text/javascript"></script>
<script src="Scripts/AC_RunActiveContent.js" type="text/javascript"></script>
<link href="pbw site.css" rel="stylesheet" type="text/css" />
<link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
body {
margin-top: 0px;
}
-->
</style>
<!-- TemplateParam name="width" type="text" value="475" -->
</head>
<body>
<div id="wrap">
<script type="text/javascript">
</script>
<?php include("includes/header.php"); ?>
<form action="<?php echo $editFormAction; ?>" method="POST" name="userUpdateRecord" class="form_background" id="userUpdateRecord">
<table width="982" border="0" class="form_background">
<tr>
<td bgcolor="#CCCCCC" class="form_background"> </td>
</tr>
</table>
<table align="center" class="form_format">
<tr valign="baseline">
<td height="25" colspan="2" align="center" fontsize="18" nowrap="nowrap" class="form_Title"> User Account Updater </td>
</tr>
<tr valign="baseline">
<td width="250" height="25" align="right" nowrap="nowrap">User ID:</td>
<td width="250"><?php echo $row_Recordset1['user_id']; ?></td>
</tr>
<tr valign="baseline">
<td width="250" height="25" align="right" nowrap="nowrap">Date Registered:</td>
<td width="250" ><?php echo $row_Recordset1['date_registered']; ?></td>
</tr>
<tr valign="baseline">
<td width="250" height="25" align="right" nowrap="nowrap">Email:</td>
<td width="250"> <input name="email" type="text" value="<?php echo $row_Recordset1['email']; ?>" size="32" /> </td>
</tr>
<tr valign="baseline">
<td width="250" height="25" align="right" nowrap="nowrap">Pwd:</td>
<td width="250"> <input name="pwd" type="password" value="<?php echo $row_Recordset1['pwd']; ?>" size="32" /> </td>
</tr>
<tr valign="baseline">
<td width="250" height="25" align="right" nowrap="nowrap">First Name:</td>
<td width="250"> <input name="first_name" type="text" value="<?php echo $row_Recordset1['first_name']; ?>" size="32" /> </td>
</tr>
<tr valign="baseline">
<td width="250" height="25" align="right" nowrap="nowrap">Last Name:</td>
<td width="250"> <input name="last_name" type="text" value="<?php echo $row_Recordset1['last_name']; ?>" size="32" /> </td>
</tr>
<tr valign="baseline">
<td width="250" height="25" align="right" nowrap="nowrap">Country:</td>
<td width="250"> <input name="country" type="text" value="<?php echo $row_Recordset1['country']; ?>" size="32" /> </td>
</tr>
<tr valign="baseline">
<td width="250" height="25" align="right" nowrap="nowrap">Telephone:</td>
<td width="250"> <input name="telephone" type="text" value="<?php echo $row_Recordset1['telephone']; ?>" size="32" /> </td>
</tr>
<tr valign="baseline">
<td width="250" align="right" nowrap="nowrap"> </td>
<td width="250" valign="baseline"><input name="wineExperience" type="hidden" id="wineExperience" value="<?php echo $row_Recordset1['wineExperience']; ?>" />
<input name="news" type="hidden" id="news" value="<?php echo $row_Recordset1['news']; ?>" />
<input name="offers" type="hidden" id="offers" value="<?php echo $row_Recordset1['offers']; ?>" />
<input name="advice" type="hidden" id="advice" value="<?php echo $row_Recordset1['advice']; ?>" />
<input name="hiddenField2" type="hidden" id="hiddenField2" /></td>
</tr>
<tr valign="baseline">
<td width="250" align="right" nowrap="nowrap"> </td>
<td width="250"> </td>
</tr>
<tr valign="baseline">
<td width="250" align="right" nowrap="nowrap"> </td>
<td width="250"><input name="update" type="submit" id="update" value="Update record" /></td>
</tr>
<tr valign="baseline">
<td align="right" nowrap="nowrap"> </td>
<td> </td>
</tr>
</table>
<p> </p>
<p>
<input type="hidden" name="user_id" value="<?php echo $row_rsUser['user_id']; ?>" />
</p>
<input type="hidden" name="MM_update" value="userUpdateRecord" />
</form>
<?php echo $_SESSION['MM_Username'];
?>
<br />
<?php echo $_SESSION['MM_UserGroup'];
?>
<br />
<?PHP echo $_SESSION['MM_User_ID'];
?>
<?php include("includes/footer.php"); ?>
<p> </p>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I suppose that's what happens when you' start tampering with things you don't understand!
Many thanks you've done it again, you should wear a cloak!
Many thanks you've done it again, you should wear a cloak!
ASKER
Unfortunately, I've been sitting here pulling my hair out for hours trying to work this out. I've used the login behaviour and can get the data to the update form (I can echo it) but I can't work out how to populate the form automatically. As you know I've never done this before so I'm not sure if I'm even doing the basic stuff right.I've now cleared most of the php that was entered through a DW wizrd from the update record form page but I can't work it out.
As mentioned, I would like to auto-populate the form by user_id
Advice in simple terms would be good, I've posted the code.... Please help, thanks.
Open in new window