How to echo variables in a page outside of a function

I have an edit form which should be showing users details in a form once they have logged in and want to edit their details. If I use code in the actual page itself I have no problem, but I have put everything in a function and can't use the variables inside the form. How can I do this?

The function:

function updateProfile($link){
	
	
	
	$sql = "SELECT user_firstname, user_lastname, user_email FROM `users` WHERE user_username = '{$_SESSION['username']}'";
		$result = $link->query($sql);
			if($result->num_rows === 1){
				while($row = $result->fetch_assoc()){
					
					$db_firstname = htmlentities($row['user_firstname']);
					$db_lastname = htmlentities($row['user_lastname']);
					$db_username = htmlentities($_SESSION['username']);
					$db_email = htmlentities($row['user_email']);
					$db_userid = $row['user_id'];
				}
			}

	
	$message = "";
	
	if(isset($_POST['updateprofile'])){
		
		if(empty($_POST['user_firstname'])) {
			
			$message .= "First name required<br>";
		}
		
		if(empty($_POST['user_lastname'])) {
			
			$message .= "Last name is required<br>";
		}
		
		if(empty($_POST['user_username'])) {
			
			$message .= "Username is required<br>";
		}
		
		if(empty($_POST['user_email'])) {
			
			$message .= "Email address required";
		}
		
		if(!filter_var($_POST['user_email'], FILTER_VALIDATE_EMAIL)) {

			$message .= "Email address invalid";
		}
		
		if(!empty($_POST['someinput'])) {
				
				$message .= "Be gone spam bot!";
			}
		
		if ($message) {
			
			$message = "<div class='alert alert-danger'><strong>There were errors in your form:<br></strong>" .$message. "</div>";
			
		} else {
			
			$user_firstname = $link->real_escape_string($_POST['user_firstname']);
			$user_lastname = $link->real_escape_string($_POST['user_lastname']);
			$user_username = $link->real_escape_string($_POST['user_username']);
			$user_email = $link->real_escape_string($_POST['user_email']);
			
			
			$update_profile = "UPDATE `users` SET user_firstname = '$user_firstname', user_lastname = '$user_lastname', user_username = '$user_username', user_email = '$user_email' WHERE user_id = '$db_userid'";
				
			if($result = $link->query($update_profile) === TRUE){
				
				$message = "<div class='alert alert-success>User profile updated</div>";
			}
			
		}
	
	}
	
	return $message;
	
	
}

Open in new window


The form:

<form action="" method="post" enctype="multipart/form-data">
	<div class="form-group">
		<label for="firstname">First name</label>
		<input type="text" class="form-control" name="user_firstname" value="<?php echo $db_firstname;?>"> </div>
	<div class="form-group">
		<label for="lastname">Last Name</label>
		<input type="text" class="form-control" name="user_lastname" value="<?php echo $db_lastname;?>"> </div>
	<div class="form-group">
		<label for="Username">Username</label>
		<input type="text" class="form-control" name="user_username" value="<?php echo $db_username;?>"> </div>
	<div class="form-group">
		<label for="form-group">Email</label>
		<input type="email" class="form-control" name="user_email" value="<?php echo $db_email;?>"> </div>
	<div class="form-group">
		<label for="form-group">Password</label>
		<input type="password" class="form-control" name="user_password"> </div>
	<div class="form-group">
		<label for="form-group">Repeat password</label>
		<input type="password" class="form-control" name="password_repeat"> </div>
	<div class="form-group">
		<input type="text" style="display:none" name="someinput"> </div>
	<div class="form-group">
		<input class="btn btn-primary" type="submit" name="updateprofile" value="Update details"> </div>
	<div>
		<?php echo updateProfile($link);?>
	</div>
</form>

Open in new window

LVL 1
Black SulfurAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Mukesh YadavFull Stack DeveloperCommented:
You can make variables global you want to use in form to echo their values and there is no need of while statement:
$row = $result->fetch_assoc();

Open in new window

will also work.
0
zephyr_hex (Megan)DeveloperCommented:
You might consider creating an object outside of the function and update it inside the function.  This is a step towards OOP.
0
Black SulfurAuthor Commented:
I want to try achieve it without using global as I believe it isn't great to use that.
0
RobOwner (Aidellio)Commented:
you don't, you return the variables from the function (i use an associative array) and use them like that.

So you'll see that instead of echo updateProfile, it's now echo $form_vars['message']
I can't see anywhere (unless i've missed it) you've included userid so you might want to add that in as a sure way of identifying the data coming back?

<?php include 'functions.php' ?>

<?php 
// $link should be available from your functions.php
$form_vars = updateProfile($link);
// $form_vars will contain an associative array (see new updateProfile function below)

?>
<form action="" method="post" enctype="multipart/form-data">
	<div class="form-group">
		<label for="firstname">First name</label>
		<input type="text" class="form-control" name="user_firstname" value="<?php echo $form_vars['firstname'];?>"> </div>
	<div class="form-group">
		<label for="lastname">Last Name</label>
		<input type="text" class="form-control" name="user_lastname" value="<?php echo $form_vars['lastname'];?>"> </div>
	<div class="form-group">
		<label for="Username">Username</label>
		<input type="text" class="form-control" name="user_username" value="<?php echo $form_vars['username'];?>"> </div>
	<div class="form-group">
		<label for="form-group">Email</label>
		<input type="email" class="form-control" name="user_email" value="<?php echo $form_vars['email'];?>"> </div>
	<div class="form-group">
		<label for="form-group">Password</label>
		<input type="password" class="form-control" name="user_password"> </div>
	<div class="form-group">
		<label for="form-group">Repeat password</label>
		<input type="password" class="form-control" name="password_repeat"> </div>
	<div class="form-group">
		<input type="text" style="display:none" name="someinput"> </div>
	<div class="form-group">
		<input class="btn btn-primary" type="submit" name="updateprofile" value="Update details"> </div>
	<div>
		<?php echo $form_vars['message'];?>
	</div>
</form>

Open in new window


updateProfile function
function updateProfile($link){
	
	
	
	$sql = "SELECT user_firstname, user_lastname, user_email FROM `users` WHERE user_username = '{$_SESSION['username']}'";
		$result = $link->query($sql);
			if($result->num_rows === 1){
				while($row = $result->fetch_assoc()){
					
					$db_firstname = htmlentities($row['user_firstname']);
					$db_lastname = htmlentities($row['user_lastname']);
					$db_username = htmlentities($_SESSION['username']);
					$db_email = htmlentities($row['user_email']);
					$db_userid = $row['user_id'];
				}
			}

	
	$message = "";
	
	if(isset($_POST['updateprofile'])){
		
		if(empty($_POST['user_firstname'])) {
			
			$message .= "First name required<br>";
		}
		
		if(empty($_POST['user_lastname'])) {
			
			$message .= "Last name is required<br>";
		}
		
		if(empty($_POST['user_username'])) {
			
			$message .= "Username is required<br>";
		}
		
		if(empty($_POST['user_email'])) {
			
			$message .= "Email address required";
		}
		
		if(!filter_var($_POST['user_email'], FILTER_VALIDATE_EMAIL)) {

			$message .= "Email address invalid";
		}
		
		if(!empty($_POST['someinput'])) {
				
				$message .= "Be gone spam bot!";
			}
		
		if ($message) {
			
			$message = "<div class='alert alert-danger'><strong>There were errors in your form:<br></strong>" .$message. "</div>";
			
		} else {
			
			$user_firstname = $link->real_escape_string($_POST['user_firstname']);
			$user_lastname = $link->real_escape_string($_POST['user_lastname']);
			$user_username = $link->real_escape_string($_POST['user_username']);
			$user_email = $link->real_escape_string($_POST['user_email']);
			
			
			$update_profile = "UPDATE `users` SET user_firstname = '$user_firstname', user_lastname = '$user_lastname', user_username = '$user_username', user_email = '$user_email' WHERE user_id = '$db_userid'";
				
			if($result = $link->query($update_profile) === TRUE){
				
				$message = "<div class='alert alert-success>User profile updated</div>";
			}
			
		}
	
	}
	
	return array(
		"message" => $message,
		"firstname" => $db_firstname,
		"lastname" => $db_lastname,
		"username" => $db_username,
		"email" => $db_email,
		"userid" => $db_userid
	);
		
	
	
}

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Black SulfurAuthor Commented:
That worked a treat, thank you! :)
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.