I have a form in php that allows users to edit their user profile after the user logs in. It is prefilled with the users current info and when it is submitted, it updates the database. However, when it returns to the edit user profile page, the prefilled text is not updated. It only seems to update when the user re-logins. I followed this old article Update SESSION Variabled when form is submitted. I've added 'session_start();' but it still doees not reflect the changes.
**
Login-exec.php**
<?php
//Start session
session_start();
//Include database connection details
require_once('config.php');
//Array to store validation errors
$errmsg_arr = array();
//Validation error flag
$errflag = false;
//Connect to mysql server
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
die('Failed to connect to server: ' . mysql_error());
}
//Select database
$db = mysql_select_db(DB_DATABASE);
if(!$db) {
die("Unable to select database");
}
//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
//Sanitize the POST values
$login = clean($_POST['login']);
$password = clean($_POST['password']);
//Create query
$qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'";
$result=mysql_query($qry);
//Check whether the query was successful or not
if($result) {
if(mysql_num_rows($result) == 1) {
//Login Successful
session_regenerate_id();
$member = mysql_fetch_assoc($result);
$_SESSION['SESS_MEMBER_ID'] = $member['member_id'];
$_SESSION['SESS_FIRST_NAME'] = $member['firstname'];
$_SESSION['SESS_LAST_NAME'] = $member['lastname'];
$_SESSION['SESS_AGE'] = $member['age'];
$_SESSION['SESS_GENDER'] = $member['gender'];
$_SESSION['SESS_DISEASES'] = $member['diseases'];
session_write_close();
header("location: member-profile.php");
exit();
}else {
//Login failed
header("location: login-failed.php");
exit();
}
}else {
die("Query failed");
}
?>
Member-Profile.php
<?php
//Start session
session_start();
require_once('auth.php');
require_once('config.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<script src="http://code.jquery.com/jquery-1.7.1.min.js"></script>
<script src="http://code.jquery.com/mobile/1.1.0/jquery.mobile-1.1.0.min.js"></script>
<link rel="stylesheet" href="themes/GreenDay.min.css" />
<link rel="stylesheet" href="http://code.jquery.com/mobile/1.1.0/jquery.mobile.structure-1.1.0.min.css" />
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>My Profile</title>
</head>
<body>
<style>
.nav-glyphish-example .ui-btn .ui-btn-inner { padding-top: 40px !important; }
.nav-glyphish-example .ui-btn .ui-icon { width: 30px!important; height: 30px!important; margin-left: -15px !important; box-shadow: none!important; -moz-box-shadow: none!important; -webkit-box-shadow: none!important; -webkit-border-radius: none !important; border-radius: none !important; }
#profile .ui-icon { background: url(glyphish-icons/111-user.png) 50% 50% no-repeat; background-size: 24px 22px; }
#diary .ui-icon { background: url(glyphish-icons/96-book.png) 50% 50% no-repeat; background-size: 24px 22px; }
#scan .ui-icon { background: url(glyphish-icons/06-magnify.png) 50% 50% no-repeat; background-size: 24px 22px; }
</style>
<h1>My Profile </h1>
<a href="member-index.php">Home</a> | <a href="logout.php">Logout</a>
<p>This is another secure page. </p>
<div data-role="page" data-title="Add User Profile">
<div data-role="header">
<h1>Edit/View User Profile</h1>
<a href="logout.php" data-icon="back" class="ui-btn-right">Logout</a>
<div data-role="navbar" class="nav-glyphish-example" >
<ul>
<li><a href="#" id="profile" class="ui-btn-active" data-icon="profile" data-iconpos="right" >Profile</a></li>
<li><a href="#" id="diary" data-icon="diary" data-iconpos="right">Diary</a></li>
<li><a href="FoodOutlets_Menu1.php" data-icon="search" data-iconpos="right">Search for food outlets</a></li>
</ul>
</div><!-- /navbar -->
</div><!-- /header -->
<div data-role="content">
<h1>Welcome <?php echo $_SESSION['SESS_FIRST_NAME'];?> to Eat-It-Or-Not</h1>
<form action="save_edit.php" id="memberprofile" method="post" />
<div data-role="fieldcontain">
<label for="name">First Name:</label>
<center><input type="text" name="fname" id="fname" value="<?php echo $_SESSION['SESS_FIRST_NAME']; ?>" data-theme="a"/></center>
</div>
<div data-role="fieldcontain">
<label for="name">Last Name:</label>
<center><input type="text" name="lname" id="lname" value="<?php echo $_SESSION['SESS_LAST_NAME']; ?>" data-theme="a"/></center>
</div>
<div data-role="fieldcontain">
<label for="age">Age:</label>
<input type="number" name="age" id="age" value="<?php echo $_SESSION['SESS_AGE']; ?>" data-inline="true" data-theme="a" />
</div>
<div data-role="fieldcontain">
<label for="age">Gender:</label>
<input type="text" name="gender" id="gender" value="<?php echo $_SESSION['SESS_GENDER']; ?>" data-inline="true" data-theme="a" />
</div>
<div data-role="fieldcontain">
<label for="age">Affected Diseases</label>
<input type="text" name="diseases_new" id="gender" value="<?php echo $_SESSION['SESS_DISEASES']; ?>" data-inline="true" data-theme="a" />
</div>
<center><input type="submit" value="update" data-theme="a" data-inline="true" data-transition="flip" id="submit"/></center>
<h4>Note: Type in only Cancer, Heart Disease or Diabetes for 'Affected Diseases'.</h4>
</form>
</div>
</div>
</body>
</html>
save_edit.php
<?php
//Start session
session_start();
require_once('auth.php');
require_once('config.php');
// connect to SQL
$con = mysql_connect("localhost", "root", "2345fypj");
if (!$con) {
echo( "<P>Unable to connect to the database server at this time.</P>" );
exit();
}
//connect to database
$dbcon = mysql_select_db("my_db", $con);
if (!$dbcon) {
echo( "<P>Unable to locate DB table at this time.</P>" );
exit();
}
$fname=$_POST['fname'];
$lname=$_POST['lname'];
$age=$_POST['age'];
$gender=$_POST['gender'];
$diseases=$_POST['diseases_new'];
foreach ($_POST as $key => $value) $_POST[$key] = mysql_real_escape_string($value);
$sql = "UPDATE members SET
firstname='$_POST[fname]',
lastname='$_POST[lname]',
age='$_POST[age]',
gender='$_POST[gender]',
diseases='$_POST[diseases_new]'
WHERE member_id='".$_SESSION['SESS_MEMBER_ID']."'";
if (!mysql_query($sql,$con)) {
die('Error: ' . mysql_error());
}
mysql_close($con);
echo "You have updated your record"
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<link rel="stylesheet" href="themes/GreenDay.min.css" />
<link rel="stylesheet" href="http://code.jquery.com/mobile/1.1.0/jquery.mobile.structure-1.1.0.min.css" />
<script src="http://code.jquery.com/jquery-1.7.1.min.js"></script>
<script src="http://code.jquery.com/mobile/1.1.0/jquery.mobile-1.1.0.min.js"></script>
<head>
<title></title>
</head>
<body>
<div data-role="page" data-url="insert.php" data-theme="a" >
<div data-role="header" data-theme="a">
<h1>Congrats</h1>
</div>
<div data-role="content" data-theme="a">
<center><p>You have successfully edited your User Profile.</p></center>
<center><a href="member-profile.php" data-role="button" data-theme="a" data-inline="true">Go back.</a></center>
</center>
</div>
</body>
</html>