[A Bug In Chapter 10 ...]

I seem to be stuck on successfully implementing edit_user.php from chapter 10

 

I copied it from the example file package and the only thing i have changed was delete first name and change last name to user_name instead of last_name so it fits with my SQL database table.

 

I get this error when i try to edit a users data:

 

https://ibb.co/f5iYFS

 

As you can see it is pointing to line 94, but i cant see any abnormalities. 

 

Is there something wrong with the code from the book or i messed it up by changing variables?

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

<?php # Script 10.3 - edit_user.php

// This page is for editing a user record.

// This page is accessed through view_users.php.

 

$page_title = 'Edit a User';

include ('includes/header.html');

echo '<h1>Edit a User</h1>';

 

// Check for a valid user ID, through GET or POST:

if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // From view_users.php

$id = $_GET['id'];

} elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission.

$id = $_POST['id'];

} else { // No valid ID, kill the script.

echo '<p class="error">This page has been accessed in error.</p>';

include ('includes/footer.html'); 

exit();

}

 

require ('mysqli_connect.php'); 

 

// Check if the form has been submitted:

if ($_SERVER['REQUEST_METHOD'] == 'POST') {

 

$errors = array();

 

 

 

// Check for a user name:

if (empty($_POST['user_name'])) {

$errors[] = 'You forgot to enter your user name.';

} else {

$ln = mysqli_real_escape_string($dbc, trim($_POST['user_name']));

}

 

// Check for an email address:

if (empty($_POST['email'])) {

$errors[] = 'You forgot to enter your email address.';

} else {

$e = mysqli_real_escape_string($dbc, trim($_POST['email']));

}

 

if (empty($errors)) { // If everything's OK.

 

//  Test for unique email address:

$q = "SELECT user_id FROM users WHERE email='$e' AND user_id != $id";

$r = @mysqli_query($dbc, $q);

if (mysqli_num_rows($r) == 0) {

 

// Make the query:

$q = "UPDATE users SET user_name='$ln', email='$e' WHERE user_id=$id LIMIT 1";

$r = @mysqli_query ($dbc, $q);

if (mysqli_affected_rows($dbc) == 1) { // If it ran OK.

 

// Print a message:

echo '<p>The user has been edited.</p>';

 

} else { // If it did not run OK.

echo '<p class="error">The user could not be edited due to a system error. We apologize for any inconvenience.</p>'; // Public message.

echo '<p>' . mysqli_error($dbc) . '<br />Query: ' . $q . '</p>'; // Debugging message.

}

 

} else { // Already registered.

echo '<p class="error">The email address has already been registered.</p>';

}

 

} else { // Report the errors.

 

echo '<p class="error">The following error(s) occurred:<br />';

foreach ($errors as $msg) { // Print each error.

echo " - $msg<br />\n";

}

echo '</p><p>Please try again.</p>';

 

} // End of if (empty($errors)) IF.

 

} // End of submit conditional.

 

// Always show the form...

 

// Retrieve the user's information:

$q = "SELECT user_name, email FROM users WHERE user_id=$id";

$r = @mysqli_query ($dbc, $q);

 

if (mysqli_num_rows($r) == 1) { // Valid user ID, show the form.

 

// Get the user's information:

$row = mysqli_fetch_array ($r, MYSQLI_NUM);

 

// Create the form:

echo '<form action="edit_user.php" method="post">

 

<p>User Name: <input type="text" name="user_name" size="15" maxlength="30" value="' . $row[1] . '" /></p>

<p>Email Address: <input type="text" name="email" size="20" maxlength="60" value="' . $row[2] . '"  /> </p>

<p><input type="submit" name="submit" value="Submit" /></p>

<input type="hidden" name="id" value="' . $id . '" />

</form>';

 

} else { // Not a valid user ID.

echo '<p class="error">This page has been accessed in error.</p>';

}

 

mysqli_close($dbc);

 

include ('includes/footer.html');

?>