Member Avatar for codeblock

Hello all, I have a page that allows the user to update their account detail. The prblem is that when the page loads the users inforamtion doesn't appear in the text fields. I've checked the code and i cant see any errors nor does php flag any errors. Can someone else see what i've missed.

Thanks.

<?php
session_start();
require("config.php");

if(isset($_SESSION['USERNAME']) == FALSE) {
	header("Location: " . $config_basedir);
}

$db = mysql_connect($dbhost, $dbuser, $dbpassword);
mysql_select_db($dbdatabase, $db);

if(isset($_GET['id']) == TRUE) {
	if(is_numeric($id) == FALSE) {
		$error = 1;
	}                                      
	if($error == 1) {
		header("Location: " . $config_basedir);
	}
	else {
		$validentry = $_GET['id'];
	}
}
else {
	$validentry = 0;
}

if($_POST['submit']) {   

	   $usersql = "UPDATE users SET  
     username = '" . $_POST['username'] 
     . "',password = '" . $_POST['password'] 
     . "',title = '" . $_POST['title'] 
     . "',firstname = '" . $_POST['firstname'] 
     . "',surname  = '" . $_POST['surname'] 
     . "',addresstype = '" . $_POST['addresstype']  
     . "',address = '" . $_POST['address']  
     . "',areacode = '" . $_POST['areacode'] 
     . "',postalcode  = '" . $_POST['postalcode'] 
     . "',borough  = '" . $_POST['borough'] 
     . "',city = '" . $_POST['city'] 
     . "',country = '" . $_POST['country'] 
     . "',tel = '" . $_POST['tel'] 
     . "',mobile  = '" . $_POST['mobile'] 
     . "',fax = '" . $_POST['fax'] 
     . "',email = '" . $_POST['email']  
     . "',website = '" . $_POST['website'] 
     . "' WHERE id = "  
     . $validentry . ";";
     mysql_query($usersql)or die(mysql_error());  
		
     header("Location: " . $config_basedir . "/editregister1.php?id=" . $validentry);  
}
else { 
	
  require("header.php");  
  	
 $datausersql = "SELECT * FROM users WHERE id = " . $validentry . ";";
$datauserresult = mysql_query($datausersql);
 $datauserrow = mysql_fetch_assoc($datauserresult);  
  	
?>
<h1>Your Account Details.</h1>	
<form action="<?php echo $SCRIPT_NAME . "?id=" . $validentry; ?>"method="POST">
	
<table>
<tr>
 <td  colspan="2" bgcolor="#f0f8ff"> <label class="text"><strong>To upate your Account , fill in the form below.</strong></label></td>
</tr> 
<tr>
<td>Username</td>
<td><input type="text" name="username"id="username"size="10" maxlength="20"value="<?php echo $datauserrow['username']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="password1"id="password1"size="10" maxlength="20"value="<?php echo $datauserrow['password']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Password (again)</td>
<td><input type="password" name="password2"id="password2"size="10" maxlength="20"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td> </td>   
<td>  			      
<select <?php echo $datauserrow['title']; ?> name="title"> 	 <option value="Mr"<?php if ($datauserrow['title'] == "Mr"){ echo ' selected="selected"';}?> />Mr</option>
<option value="Mrs"<?php if ($datauserrow['title'] == "Mrs"){ echo ' selected="selected"';}?> />Mrs</option>
<option value="Miss"<?php if ($datauserrow['title'] == "Miss"){ echo ' selected="selected"';}?> />Miss</option>
<option value="Dr"<?php if ($datauserrow['title'] == "Dr"){ echo ' selected="selected"';}?> />Dr</option> 
</select>          	        
</td>
</tr>
<tr>
<td>Firstname</td>
<td><input type="text" name="firstname"id="firstname"size="10" maxlength="20"value="<?php echo $datauserrow['firstname']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Surname</td>
<td><input type="text" name="surname"id="surname"size="10" maxlength="20"value="<?php echo $datauserrow['surname']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td  colspan="2" bgcolor="#f0f8ff"> <label class="text"><strong>Business/Home.</strong></label></td>
</tr>
<tr>  
<td> </td>    
<td>                   			
<select <?php echo $datauserrow['addresstype']; ?> name="addresstype">  			
<option value="Home"<?php if ($datauserrow['addresstype'] == "Home"){ echo ' selected="selected"';}?> />Home</option>
<option value="Business"<?php if ($datauserrow['addresstype'] == "Business"){ echo ' selected="selected"';}?> />Business</option>
</select>         			
</td>
</tr>
<tr>
<td>Address</td>
<td><input type="text" name="address"id="address"size="50" maxlength="100"value="<?php echo $datauserrow['address']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Area code</td>
<td><input type="text" name="areacode"id="areacode"size="7" maxlength="7"value="<?php echo $datauserrow['areacode']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Postal code</td>
<td><input type="text" name="postalcode"id="postalcode"size="7" maxlength="7"value="<?php echo $datauserrow['postalcode']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Borough</td>
<td><input type="text" name="borough"id="borough"size="20" maxlength="30"value="<?php echo $datauserrow['borough']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>City</td>
<td><input type="text" name="city"id="city"size="20" maxlength="30"value="<?php echo $datauserrow['city']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Country</td>
<td>  	                           				
 <select <?php echo $datauserrow['country']; ?> name="country"> <option value="England"<?php if ($datauserrow['country'] == "England"){ echo ' selected="selected"';}?> />England</option>
<option value="Scotland"<?php if ($datauserrow['country'] == "Scotland"){ echo ' selected="selected"';}?> />Scotland</option>
<option value="Ireland"<?php if ($datauserrow['country'] == "Ireland"){ echo ' selected="selected"';}?> />Ireland</option>
<option value="Walse"<?php if ($datauserrow['country'] == "Walse"){ echo ' selected="selected"';}?> />Walse</option>      			
</select>  
</td>
</tr> 
<tr>
 <td  colspan="2" bgcolor="#f0f8ff"> <label class="text"><strong>Contact details.</strong></label></td>
</tr>
<tr>
<td>Tel</td>
<td><input type="text" name="tel"id="tel"size="20" maxlength="30"value="<?php echo $datauserrow['tel']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Mobile</td>
<td><input type="text" name="mobile"id="mobile"size="11" maxlength="11"value="<?php echo $datauserrow['mobile']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Fax</td>
<td><input type="text" name="fax"id="fax"size="11" maxlength="11"value="<?php echo $datauserrow['fax']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Email</td>
<td><input type="text" name="email"id="email"size="50" maxlength="100"value="<?php echo $datauserrow['email']; ?>"onfocus="clearMe(this)"/></td>
</tr>
<tr>
<td>Website URL - optional</td>                                                                     
<td><input type="text" name="website"id="website"size="40" maxlength="100"value="<?php echo $datauserrow['website']; ?>"onfocus="clearMe(this)"/>(Recommended)</td>
</tr>
<tr>
 <td> </td>
<td><input type="submit" name="submit"id="submit" value="Update Your Account!"/></td>
</tr>
</table>
</form> ?>
  • 3 Contributors
  • 2 Replies
  • 157 Views
  • 22 Hours Discussion Span
  • Latest Post Latest Post by Will Gresham
Member Avatar for urtrivedi

Insert following code at line no 60. and see whether it is fetching correct data or not

print"<pre>";
var_dump($datauserrow);
print"</pre>";
Member Avatar for Will Gresham

What urtivedi said, although I prefer print_r() as this is much easier to look at and read (IMO)

Also, you check the ID is numeric which is a start, but you also need to sanitize all of the POST data before entering it into the database, if someone entered an SQL injection attempt into one of the fields, they could cause serious problems :)

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.