Jump to content
Larry Ullman's Book Forums

Recommended Posts

I seem to be stuck on successfully implementing edit_user.php from chapter 10

 

I copied it from the example file package and the only thing i have changed was delete first name and change last name to user_name instead of last_name so it fits with my SQL database table.

 

I get this error when i try to edit a users data:

 

https://ibb.co/f5iYFS

 

As you can see it is pointing to line 94, but i cant see any abnormalities. 

 

Is there something wrong with the code from the book or i messed it up by changing variables?

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

<?php # Script 10.3 - edit_user.php
// This page is for editing a user record.
// This page is accessed through view_users.php.
 
$page_title = 'Edit a User';
include ('includes/header.html');
echo '<h1>Edit a User</h1>';
 
// Check for a valid user ID, through GET or POST:
if ( (isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // From view_users.php
$id = $_GET['id'];
} elseif ( (isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission.
$id = $_POST['id'];
} else { // No valid ID, kill the script.
echo '<p class="error">This page has been accessed in error.</p>';
include ('includes/footer.html'); 
exit();
}
 
require ('mysqli_connect.php'); 
 
// Check if the form has been submitted:
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
 
$errors = array();
 
 
 
// Check for a user name:
if (empty($_POST['user_name'])) {
$errors[] = 'You forgot to enter your user name.';
} else {
$ln = mysqli_real_escape_string($dbc, trim($_POST['user_name']));
}
 
// Check for an email address:
if (empty($_POST['email'])) {
$errors[] = 'You forgot to enter your email address.';
} else {
$e = mysqli_real_escape_string($dbc, trim($_POST['email']));
}
 
if (empty($errors)) { // If everything's OK.
 
//  Test for unique email address:
$q = "SELECT user_id FROM users WHERE email='$e' AND user_id != $id";
$r = @mysqli_query($dbc, $q);
if (mysqli_num_rows($r) == 0) {
 
// Make the query:
$q = "UPDATE users SET user_name='$ln', email='$e' WHERE user_id=$id LIMIT 1";
$r = @mysqli_query ($dbc, $q);
if (mysqli_affected_rows($dbc) == 1) { // If it ran OK.
 
// Print a message:
echo '<p>The user has been edited.</p>';
 
} else { // If it did not run OK.
echo '<p class="error">The user could not be edited due to a system error. We apologize for any inconvenience.</p>'; // Public message.
echo '<p>' . mysqli_error($dbc) . '<br />Query: ' . $q . '</p>'; // Debugging message.
}
 
} else { // Already registered.
echo '<p class="error">The email address has already been registered.</p>';
}
 
} else { // Report the errors.
 
echo '<p class="error">The following error(s) occurred:<br />';
foreach ($errors as $msg) { // Print each error.
echo " - $msg<br />\n";
}
echo '</p><p>Please try again.</p>';
 
} // End of if (empty($errors)) IF.
 
} // End of submit conditional.
 
// Always show the form...
 
// Retrieve the user's information:
$q = "SELECT user_name, email FROM users WHERE user_id=$id";
$r = @mysqli_query ($dbc, $q);
 
if (mysqli_num_rows($r) == 1) { // Valid user ID, show the form.
 
// Get the user's information:
$row = mysqli_fetch_array ($r, MYSQLI_NUM);
 
// Create the form:
echo '<form action="edit_user.php" method="post">
 
<p>User Name: <input type="text" name="user_name" size="15" maxlength="30" value="' . $row[1] . '" /></p>
<p>Email Address: <input type="text" name="email" size="20" maxlength="60" value="' . $row[2] . '"  /> </p>
<p><input type="submit" name="submit" value="Submit" /></p>
<input type="hidden" name="id" value="' . $id . '" />
</form>';
 
} else { // Not a valid user ID.
echo '<p class="error">This page has been accessed in error.</p>';
}
 
mysqli_close($dbc);
 
include ('includes/footer.html');
?>
Link to comment
Share on other sites

  • 4 weeks later...
 Share

×
×
  • Create New...