Web Analytics Made Easy -
StatCounter Having Trouble With PHP Form + Require Variable - CodingForum

Announcement

Collapse
No announcement yet.

Having Trouble With PHP Form + Require Variable

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Having Trouble With PHP Form + Require Variable

    ok, this may be a bit messy but here is my code on page 1 (Page with a form):

    Code:
    <form action="updatepass.php" method="post" enctype="multipart/form-data">
    <input type="hidden" value="yes" name="setpass"> 
    <input type="text" name="user">
    <input type="text" name="pass">
    <input type="text" name="passconfirm">
    <input type="hidden" value="id" name="<?php echo $member_id; ?>"> 
    <input type="submit" name="submit" value="submit" />
    </form>
    And updatepass.php:

    PHP Code:
    <?php
    $member_id 
    $_POST['id'];
    if (
    $member_id>0){
    ob_start();
    session_start();
    require(
    "db/db ($member_id).php");
            {
            if (isset(
    $_POST["setpass"]) && $_POST["setpass"]=="yes") {
            
    $PASS $_POST['pass'];
            
    $PASSCONFIRM $_POST['passconfirm'];
            if (
    $PASS=="$PASSCONFIRM"){
            
    $query "UPDATE members SET `password`='".$_POST['pass']."' WHERE id='1'";
            
    $result mysql_query($query); 
            
    $query2 "UPDATE members SET `username`='".$_POST['user']."' WHERE id='1'";
            
    $result2 mysql_query($query2); 
            echo 
    "Update Successful";
            }else{
            echo 
    "Pass doesn't match";
            }
        }
    }
    }
    else
    {
    echo 
    "Sorry, couldnt get member id ($member_id)";
    }
    ?>
    The problem is that $member_id will not retrieve its variable (member_id). Any ideas why? Is it because the member id is in a hidden form field?

    I have spent like an hour on this now lol, not getting too far

  • #2
    Set the member id into a session variable, that way it can hold its value on multiple pages.
    Rowsdower! has accused me of having mental problems, and the administrator allowed it. What a great forum huh?

    Comment


    • #3
      I didn't put it into a session variable because of the second session being created in this file. Is there something I am missing as to having 2 sessions running at the same time? Thanks for your reply

      Comment


      • #4
        You can have as many as you want, but you can only have one SESSION_START. A SESSION Variable just holds information, it's not a starting session or anything.

        PHP Code:
        $_SESSION['memberid'] = $member_id
        So then you can do this

        PHP Code:
        <?php
        $member_id 
        $_SESSION['memberid'];
        So if you are ID 5, then the variable $member_id will have a value of 5, and it will keep it until you either get rid of the session, or it will automaticly be deleted on a log out (session_destory)
        Rowsdower! has accused me of having mental problems, and the administrator allowed it. What a great forum huh?

        Comment


        • #5
          may i ask you why the value is id and the name is the memebrs id ?? ..
          would be easier if you just got the id on the second page from the password and the username ? if the user already exists
          (this will avoid session )
          PHP Code:
          <form action="updatepass.php" method="post" enctype="multipart/form-data">
          Username:<input type="text" name="user">
          Current password:<input type="text" name="pass">
          New 
          password:<input type="text" name="newpass">
          Confirm new password:<input type="text" name="passconfirm">

          <
          input type="submit" name="submit" value="submit" />
          </
          form
          and the updatepass.php:
          PHP Code:
          /*
          put your database connect here
          */
          // sets the posted variables
          $user =$_POST['user'];
          $pass =$_POST['pass'];
          $newpass =$_POST['newpass'];
          $passconfirm =$_POST['passconfirm'];
          //checking old user info
          if($result mysql_query("SELECT * FROM members WHERE username='$user'"))//checks the username and gets the info needed from the database
           
          {//if1 start
          $row mysql_fetch_array$result )
          if(
          $row['password'] = $pass){//if2 start
          if($newpass $passconfirm){//if3 start .....  testing new info and updating
          if(mysql_query("UPDATE members SET password='$newpass' WHERE id='$row['id']'")){//if4 start
          echo "The password have ben successful updated";


          }
          //if4 end
          else{//else4 start
          echo "database error please try again later";

          }
          //else4 end



          }//if 3 end
          else{//else3 start
          echo "the new password and the confirmation dosn't match";

          }
          //else3 end

          }//if2 end
          else{//else2 start
          echo "the password dosn't match the username";
          }
          //else2 end



          }//if1 end
          else{//else1 start
          echo "the username enteret dosn't match any username in our database";

          }
          //else1 end 
          hope my code aint confusin and please reply if any errors in it thanks

          Comment


          • #6
            Originally posted by diload View Post
            may i ask you why the value is id and the name is the memebrs id ?? ..
            Wow that was stupid. If something ever goes wrong I simply assume it's my PHP, not a name and value in a form field mixed around lol!!!

            Thanks a lot for your help

            PS. Usign a session compared to a hidden form field.. Any difference? Security issues with either one or any flaws?

            Comment


            • #7
              i actually don't know if there is any security differences but using a session will last until you kill the session or the visitor leaves the homepage or closing his browser .. but however did u use my code and if u did how did it work ? ....

              Comment


              • #8
                Hidden form values may be changed.
                Dave .... HostMonster for all of your hosting needs

                Comment


                • #9
                  I have tidied it up now so that it is all on the same page (Just one file) and the following:
                  (This work now):

                  PHP Code:
                  <form action="" method="post" enctype="multipart/form-data">
                  <input type="hidden" value="yes" name="setpass"> 
                  <input type="text" name="user">
                  <input type="text" name="pass">
                  <input type="text" name="passconfirm">
                  <input type="submit" name="submit" value="submit" />
                  </form>
                  <p>
                  <?php
                  require("db/db ($member_id).php");
                          {
                          if (isset(
                  $_POST["setpass"]) && $_POST["setpass"]=="yes"
                          {
                          
                  $PASS $_POST['pass'];
                          
                  $PASSCONFIRM $_POST['passconfirm'];
                          if (
                  $PASS=="$PASSCONFIRM"){
                          
                  $query "UPDATE members SET `password`='".$_POST['pass']."' WHERE id='1'";
                          
                  $result mysql_query($query); 
                          
                  $query2 "UPDATE members SET `username`='".$_POST['user']."' WHERE id='1'";
                          
                  $result2 mysql_query($query2); 
                          echo 
                  "Update Successful";
                          }else{
                          echo 
                  "The Passwords That You Entered Do Not Match, Please Try Again";
                          }
                          }
                          }
                  ?>
                  </p>

                  I am already in the same session as member_id so that was called at the very beginning of ther page :)

                  Comment


                  • #10
                    OKay great

                    Comment

                    Working...
                    X