EMPTY QUERY

Question

Rachael_1 0 Newbie Poster

11 Years Ago

I am trying to allow my users to update their own profile info. Yet, the query is empty(Nothing recorded into the database though it states "Your profile has been updated!")
What did I do wrongly?

userlist.php is where my list of users are displayed

<?php

include ('connect.php')

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Insert title here</title>
</head>
<body>
    <div>
        <?php 
        foreach(fetch_users() as $user) {
        ?>
            <p><a href="profile.php?id=<?php echo $user['id'];?>"><?php echo $user['username']; ?></a></p>
        <?php 
        }
        ?>
    </div>
</body>
</html>

userinc.php is used to store all functions

<?php

function fetch_users() {
    $result = mysql_query("SELECT `user_id` AS `id`, `user_name` AS `username`, `email` AS `email`, `description` AS `description` FROM `userprofile`");

    $users = array();

    while (($row = mysql_fetch_assoc($result)) !== false) {
        $users[] = $row;
    }

    return $users;
}

// fetch profile info for the given user
function fetch_user_info($id) {
    $id = (int)$id;
    $sql = "SELECT `user_id` AS `id`, `user_name` AS `username`, `email` AS `email`, `description` AS `description` FROM `userprofile` WHERE `user_id` = '$id'";
    $result = mysql_query($sql);

    return mysql_fetch_assoc($result);
}

// update the current users profile info
function set_profile_info($username, $email, $description){
    $username = mysql_real_escape_string(htmlentities($username));
    $email = mysql_real_escape_string(nl2br(htmlentities($email)));
    $description = mysql_real_escape_string(htmlentities($description));

    $sql = "UPDATE `userprofile` SET `user_name` = $username
                                     `email` = $email
                                     `description` = $description
                                WHERE user_id =". $_GET['id'];

    mysql_query($sql);

}

if(!mysql_query($sql)) {
    die ('Error: '. mysql_error());
}
?>

profile.php

<?php

include ('connect.php');
$user_info = fetch_user_info($_GET['id']);

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Profile Information</title>
</head>
<body>
    <div>
        <?php 

        if($user_info == false){
            echo 'That user does not exist.';
        }
        else {
        ?>
            <h1>Profile</h1>
            <p>Username: <?php  echo $user_info['username']; ?> </p>
            <p>Email: <?php echo $user_info['email']; ?></p>
            <p>Description: <?php echo $user_info['description']; ?></p>
        <?php 
        }
        ?>
    </div>
    <div>
            <p><a href="editprofile.php?id=<?php echo $user_info['id'];?>">Edit</a></p>
    </div>
</body>
</html>

editprofile.php

<?php

include ('connect.php');

if (isset($_POST['username'], $_POST['email'], $_POST['description'])) {
    $errors = array();

    if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false) {
        $errors[] = 'Invalid email address!';
    }

    if (empty($errors)) {
        set_profile_info($_POST['username'],$_POST['email'], $_POST['description']);
    }

    $user_info = array(
    'username' => htmlentities($_POST['username']),
    'email' => htmlentities($_POST['email']),
    'description' => htmlentities($_POST['description'])
    ) ;

}

else {
$user_info = fetch_user_info($_GET['id']); //change to $_SESSION once the user is logged in, successfully
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<style type = "text/css">
    form { margin: 10px 8px 8px 8px; }
    form div { float: left; clear: both; margin: 0px 0px 4px 0px; }
    label { float: left; width: 100px; }
    input[type = "text"], textarea { float: left; width: 400px; }
    input[type = "submit"] { margin: 18px 8px 0px 100px }
</style>
<title>Edit Your Profile</title>
</head>
<body>
    <div>
        <?php 

        if (isset($errors) == false){
            echo 'Click update to edit your profile.';
        }
        else if (empty($errors)){
            echo 'Your profile has been updated!';
        }
        else {
            echo '<ul><li>', implode('</li><li>', $errors), '</li></ul>';
        }

        ?>
    </div>
    <form action = "" method = "post">
        <div>
            <label for = "username">Username:</label>
            <input type = "text" name = "username" id = "username" value = "<?php echo $user_info['username']; ?>" />
        </div>
        <div>
            <label for = "email">Email:</label>
            <input type = "text" name = "email" id = "email" value = "<?php echo $user_info['email']; ?>" />
        </div>
        <div>
            <label for = "description">Description:</label>
            <textarea name = "description" id = "description" rows = "14" cols = "50"><?php echo strip_tags($user_info['description']); ?></textarea>
        </div>
        <div>
            <input type = "submit" value = "Update" />
        </div>
    </form>
</body>
</html>

HELP PLEASE

php

3 Contributors
3 Replies
294 Views
20 Hours Discussion Span
Latest Post 11 Years Ago Latest Post by glycerine

Szabi Zsoldos 26 Learner and helper guy

11 Years Ago

Please use this and run your query in the phpmyadmin or your admin tool.

 $sql = "UPDATE `userprofile` SET `user_name` = $username
                                     `email` = $email
                                     `description` = $description
                                WHERE user_id =". $_GET['id'];

 echo $sql;

Edited 11 Years Ago by Szabi Zsoldos

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Rachael_1 0 Newbie Poster · Answer 1 · 2013-08-15T08:44:08+00:00

it says

#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '$sql = "UPDATE `userprofile` SET `user_name` = $username
                       ' at line 1

glycerine 0 Newbie Poster · Answer 2 · 2013-08-16T01:55:13+00:00

Can you please try this as your query

$sql = "UPDATE userprofile SET user_name = '".$username."',
                                     email = '".$email."',
                                     description = '".$description."'
                                WHERE user_id = '". $_GET['id']."'";