|
PHP - Making Both A Public And Private User Profile Page
Hi, I am making a dating site where I have made the user profile edit page visible to the user when they log in, and I think I can get away with not showing the user their "public" profile view. But I definitely need to show other users on the site the "public" non editing profile page view. But I don't know how to do this.
I have yet to create the search, search results, thumbnails with optional descriptions of the possible dating results. But I first want to just get 2 versions of the user profile page view. One that the user sees that I have already done. (The editable one). And the other I need to make which is the page the other users will see, (The public profile) Please if anyone has any idea how to do this I would greatly appreciate it, especially if you have any pseudocode ideas. thank you. Similar TutorialsHi guys, I am trying to put together a little system that allows users to log onto my website and access there own personal page. I am creating each page myself and uploading content specific to them which cannot be viewed by anyone else. I have got the system to work up as far as: 1/ The user logs in 2/ Once logged in they are re-directed to their own page using 'theirusername.php' Thats all good and working how I need it too. The problem I have is this. If I log onto the website using USER A details - I get taken to USER A's page like I should but - If I then go to my browser and type in USERBdetails.php I can then access USER B's page. This cannot happen!! I need for USER A not to be able to access USER B profile - there is obviously no point in the login otherwise! If you are not logged in you obviously cannot access any secure page. That much is working! Please find below the code I am using: LOGIN <?php session_start(); function dbconnect() { $link = mysql_connect("localhost", "username", "password") or die ("Error: ".mysql_error()); } ?> <?php if(isset($_SESSION['loggedin'])) { header("Location:" . strtolower($username) . ".php"); if(isset($_POST['submit'])) { $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $mysql = mysql_query("SELECT * FROM clients WHERE username = '{$username}' AND password = '{$password}'"); if(mysql_num_rows($mysql) < 1) { die("Password or Username incorrect! Please <a href='login.php'>click here</a> to try again"); } $_SESSION['loggedin'] = "YES"; $_SESSION['username'] = $username; $_SESSION['name'] header("Location:" . strtolower($username) . ".php"); } ?> HEADER ON EACH PHP PAGE <?php session_start(); if(!isset($_SESSION['loggedin'])) { die(Access to this page is restricted without a valid username and password); ?> --------------------------------------------------- Am I right in thinking it is something to do with the "loggedin" part? The system I have here is adapted from a normal login system I have been using for years. The original just checks the details and then does a 'session start'. This one obviously has to re-direct to a user specific page. To do this I used the <<header("Location:" . strtolower($username) . ".php");>> line to redirect to a page such as "usera.php" or "userb.php" Any help would be greatly appreciated! Ta Hi folks, I had a working, editable profile but it wasn't visible to other users. So I'm trying to make that conversion now. Here's the current 'myprofile' code: <?php session_start(); include('config.php'); include('date.php'); $id = $_GET['id']; $sql = mysql_query("SELECT * FROM members WHERE id = '$id' LIMIT 1"); $check = mysql_num_rows($sql); $check = mysql_query($sql_user_verify) or die('Cannot Execute:'. mysql_error()); if ($check > 1) { echo "No one matches that id number!"; exit(); } if($check == 1) { while($row = mysql_fetch_array($sql)) { $user = $id; echo "<h2>Profile</h2> <table>"; $row = mysql_fetch_array($sql); echo "<tr><th>ID#:</th><td>".$user."</td></tr> <tr><th>Name: </th><td>".$row['callname']."</td></tr> <tr><th>Email: </th><td>".$row['email']."</td></tr> <tr><th>Password: </th><td><input type='password' value='".$row['password']."' disabled='true' /></td></tr> <tr><th>Registered: </th><td>".$row['registered']."</td></tr> <tr><th>Last Login: </th><td>".$row['lastlogin']."</td></tr>"; echo "</table><br />"; } if($id = $_SESSION['id']) { echo "<h2>Profile</h2> <form method='post' action='editprofile.php'> <table>"; $row = mysql_fetch_array($sql); echo "<tr><th>ID#:</th><td>".$user."</td></tr> <tr><th>Name: </th><td>".$row['callname']."</td></tr> <tr><th>Email: </th><td>".$row['email']."</td></tr> <tr><th>Password: </th><td><input type='password' value='".$row['password']."' disabled='true' /></td></tr> <tr><th>Registered: </th><td>".$row['registered']."</td></tr> <tr><th>Last Login: </th><td>".$row['lastlogin']."</td></tr>"; echo "</table><br /> <input type='submit' value='edit profile' /> </form>"; } } else { die (); } ?> <?php include('footer.php'); ?> Here's the link to the user's own profile: <a href=myprofile.php?id='.$id.'>Profile</a> And here's the edit profile link, which works fine: <?php include('config.php'); include('date.php'); if(isset($_POST['btnedit'])){ $callname = $_POST['callname']; $email = $_POST['email']; $password = $_POST['password']; $sql = mysql_query( "UPDATE users SET callname='".$callname."', email='".$email."', password='".$password."' WHERE id='".$_SESSION['id']."'" ); if($sql){ echo "<script>alert('profile updated');window.location='myprofile.php'</script>"; }else{ echo "<script>alert('updating profile failed!');</script>"; } } $sql = mysql_query( "SELECT * FROM users WHERE id='".$_SESSION['id']."'" ); $row = mysql_fetch_array($sql); $userfinal = $_SESSION['id']; $user = $userfinal; echo "<h2>Edit profile</h2> <form method='post'> <table><tr><th>ID#:</th><td>".$user."</td></tr> <tr><th>Name:</th><td><input type='text' name='callname' value='".$row['callname']."'/></td></tr> <tr><th>Email:</th><td><input type='text' name='email' value='".$row['email']."'/></td></tr> <tr><th>Password:</th><td><input type='password' name='password' value='".$row['password']."'/></td></tr> <tr><th>Registered:</th><td>".$row['registered']."</td></tr> <tr><th>Last Login:</th><td>".$row['lastlogin']."</td></tr> </table><br /> <input type='submit' name='btnedit' value='update' /> </form>"; ?> <?php include('footer.php'); ?> It fails, it says the query was empty, even though there are user accounts created and information is being stored (as it worked fine before I tried editing the code to make it public. What am I doing wrong? Hi i created a website where you cam view ip webcams via php. I want to make it so people can make the camera private and public. I made two fields in mysql called "Username" and "Puborprivate" I tried to make the "Puborprivate" have two numbers "0" would be private and "1" would be public. How could I do this? My site is cwuforum.com/live/ Hi, I have to ask about profile page for each user like facebook and netlog. As u can see in netlog it is like this http://en.netlog.com/ElegantLeo and i have a site http://cyprussaver.com/merchant.php?id=64 and here each merchant profile can be viewed like this but i need to show them like this http://cyprussaver.com/rocksman please guide me what i have to do in order to achieve this result. Thanks, Hanan ALi Hello all, i require some assistance in a bit of PHP/MySql code. I have a website setup with register/login scripts already wrote, i also have a basic members page for now, that has there user ID assigned to it for example members.php?id=$id, which is there ID from the database. I have a members list which shows all members with links to there profiles, now i when i mouse over the link, it will says members.php?id=1 and so on, which is correct but when clicking on any of the members to go to there profile it is my own details that is shown on there profile instead of theres. members.php <?php session_start(); mysql_connect("localhost","root") or die(mysql_error()); mysql_select_db("hireacoder") or die(mysql_error()); $user = $SESSION['username']; $sql = mysql_query("SELECT * FROM users WHERE username='$user'"); $row = mysql_fetch_assoc($sql); echo $row['username']; echo'<br>'; echo $row['fname']; echo'<br>'; echo $row['lname']; echo'<a href="users.php">Users</a>'; ?> users.php <?php session_start(); mysql_connect("localhost","root") or die(mysql_error()); mysql_select_db("hireacoder") or die(mysql_error()); echo "<table border='0'> <tr> <th>UserName</th> </tr>"; $sql = mysql_query("SELECT * FROM users ORDER BY ID"); while($row = mysql_fetch_assoc($sql)) { $id = $row['id']; $username = $row['username']; echo" <tr> <td> <a href='members.php?id=$id'>".$username."</a> </td> </tr>"; } echo "</table>"; ?> Now i know what the problem is, the query is getting the details from the DB with the username = the session user which is me and that is why my details show up on all profiles, but i dont know any other way to do it, any help with be very apprciated thanks you. Hi, I recently implemented a code to display user profile information. Well, it displays the username and password fine, but the edit function doesn't seem to be working. I edit the information, click submit, get a success message but the username and password didn't change. myprofile.php Code: [Select] <?php session_start(); include('config.php'); $sql = mysql_query( "SELECT * FROM users WHERE id='".$_SESSION['id']."'" ); echo "<h2>Profile</h2> <form method='post' action='editprofile.php'> <table>"; $row = mysql_fetch_array($sql); echo "<tr><th>Name: </th><td>".$row['username']."</td></tr> <tr><th>Password: </th><td><input type='password' value='".$row['password']."' disabled='true' /></td></tr>"; echo "</table><br /> <input type='submit' value='edit profile' /> </form>"; ?> editprofile.php Code: [Select] <?php include('config.php'); if(isset($_POST['btnedit'])){ $username = $_POST['username']; $password = $_POST['password']; $sql = mysql_query( "UPDATE users SET username='".$username."', password='".$password."' WHERE id='".$_SESSION['id']."'" ); if($sql){ echo "<script>alert('profile updated');window.location='myprofile.php'</script>"; }else{ echo "<script>alert('updating profile failed!');</script>"; } } $sql = mysql_query( "SELECT * FROM users WHERE id='".$_SESSION['id']."'" ); $row = mysql_fetch_array($sql); echo "<h2>Edit profile</h2> <form method='post'> <table> <tr><th>registered:</th><td><input type='text' name='username' value='".$row['username']."'/></td></tr> <tr><th>password:</th><td><input type='password' name='password' value='".$row['password']."'/></td></tr> </table><br /> <input type='submit' name='btnedit' value='update' /> </form>"; ?> Good Day PHP world,
I am encountering a problem in php code meant to allow the user to update their profile picture.
I am using jquery.min and jquery.js. The code below runs with no errors reported. The file has been successfully uploaded to upload path using this form.
upload.php
<form id="imageform" method="post" enctype="multipart/form-data" action='ajaximage.php'> <input type="file" name="photoimg" id="photoimg" class="stylesmall"/> </form>ajaximage.php
$path = "uploads/";
$valid_formats = array("jpg", "png", "gif", "bmp","jpeg");
if(isset($_POST) and $_SERVER['REQUEST_METHOD'] == "POST")
{
$name = $_FILES['photoimg']['name'];
$size = $_FILES['photoimg']['size'];
if(strlen($name))
{
list($txt, $ext) = explode(".", $name);
if(in_array($ext,$valid_formats))
{
if($size<(1024*1024)) // Image size max 1 MB
{
$actual_image_name = $name.".".$ext;
$tmp = $_FILES['photoimg']['tmp_name'];
if(move_uploaded_file($tmp, $path.$actual_image_name))
{
$query = "UPDATE users SET profile_image='$actual_image_name' WHERE student_id='{$_SESSION['user_id']}'";
$result = mysqli_query($link_id, $query);
echo "<img src='uploads/".$actual_image_name."' class='preview'>";
}
The problem is the image being uploaded does not display on the
Student_home.php
<div id="about-img">
<img class="profile-photo" align="middle" src='uploads/".$actual_image_name."' />
</div>
But the image uploaded will display when i write directly its filename example
<div id="about-img">
<img class="profile-photo" align="middle" src="uploads/107.jpg" />
</div>
My problem is i wanted to display the uploaded picture of the specific student on Student_Home.php
Hi All, I am currently struggling with the my user info function which is supposed to display an image on my profile page along with the following parts of information taken from my database. The error is a mysql error stating that the $info = mysql_fetch_assoc($result); is not a valid arguement. Code: [Select] function fetch_user_info($uid) { $uid=(int)$uid; $sql = "SELECT `user_id AS `id` `user_username` AS `username`, `user_firstname` AS `firstname`, `user_lastname` AS `lastname`, `user_email` AS `email`, `user_location` AS `location`, `user_about` AS `about`, `user_gender` AS `gender` FROM `users` WHERE `user_id` = {$uid}"; $result = mysql_query($sql); $info = mysql_fetch_assoc($result); $info['avatar'] = "core/user_avatars/{$info['id']}.jpg"; return $info; } I have looked through the code a few times, but I can tell what is wrong. I have included below the profile page code in case it may be an issue there. Code: [Select] <?php include('core/init.inc.php'); $userinfo = fetch_user_info($_GET['uid']); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title><?php echo $userinfo ['username']; ?>'s Profile</title> </head> <body> <div> <?php if($userinfo == false) { echo 'Sorry, the user does not exist.'; } else { ?> <h1><?php echo $userinfo ['firstname']; ?> <?php echo $userinfo ['lastname']; ?></h1> <img src="<?php echo $userinfo['avatar'];?>" alt="avatar"/> <p>Username: <?php echo $userinfo ['username']; ?></p> <p>First Name: <?php echo $userinfo ['firstname']; ?></p> <p>Last Name: <?php echo $userinfo ['lastname']; ?></p> <p>Gender: <?php echo ($userinfo ['gender'] == 1) ? 'Male' : 'Female'; ?></p> <p>Email: <?php echo $userinfo ['email']; ?></p> <p>Location: <?php echo $userinfo ['location']; ?></p> <p>About: <?php echo $userinfo ['about']; ?></p> </div> <?php } ?> </body> </html> Thanks Jamie Right ive got a user profile that i want a add friend button but i coded a little something what i fort wud work but no luck <?php session_start(); include "includes/db_connect.php"; include "includes/functions.php"; include"includes/smile.php"; logincheck(); $username=$_SESSION['username']; $viewuser=$_GET['viewuser']; $fetch=mysql_fetch_object(mysql_query("SELECT * FROM users WHERE username='$viewuser'")); if (!$fetch){ echo "No such user"; $totalf = mysql_num_rows(mysql_query("SELECT * FROM friends WHERE username = '$viewuser' AND active='1'")); $invite_text="<div>$username Has Sent You A Friend Request<br> <input name=Yes_Accept type=submit id=yes value=Accept Invite class=abutton> <input name=No_accept type=submit value=Decline Invite class=abutton></div><input type=hidden name=invite_id value=$bar2>"; if (($_GET['fri'])){ $exicst=mysql_query("SELECT * FROM users WHERE username='$viewuser'"); $nums=mysql_num_rows($exicst); $adding=mysql_fetch_object($exicst); $already=mysql_num_rows(mysql_query("SELECT * FROM friends WHERE type='Friend' AND person='$viewuser' AND username='$username'")); if ($already != "0"){ echo "<center><font color=orange><b><br>This user is already your friend.<br><br></font>"; }elseif ($already == "0"){ mysql_query("INSERT INTO `friends` ( `id` , `username` , `person` , `type` , `active`) VALUES ( '', '$username', '$viewuser', 'Friend' , '0' )"); mysql_query("INSERT INTO `friends` ( `id` , `username` , `person` , `type` , `active`) VALUES ( '', '$viewuser', '$username', 'Friend' , '0' )"); mysql_query("INSERT INTO `inbox` ( `id` , `to` , `from` , `message` , `subject` , `date` , `read`) VALUES ( '', '$viewuser', '$username', '$invite_text' , 'Friend Request' , '$date' , '0' )"); $bar2=mysql_insert_id(); echo "<center><font color=orange><br>Your Friend Invitation Was Sent To $viewuser<br><br></font>"; exit(); } }} ?> <a href=?fri=Yes>Add Friend +</a> It just adds a blank person and comes back with No Such User and Your Friend Invitation Was Sent To I think ive put some things in the wrong place to be honest but as im not a pro i easily miss things I am trying to upload files to a user profile system. here is the profile page Code: [Select] <?php include('core/init.inc.php'); if (isset($_POST['email'], $_POST['location'], $_POST['about'])) { $errors = array(); if(filter_var($_POST['email'], FILTER_VALIDATE_EMAIL) === false) { $errors[] = "The email address you entered is not valid"; } if(preg_match('#^[a-z0-9 ]+$#i',$_POST['location'])===0) { $errors[] = 'Your location must only contain A-Z 0-9 and spaces.'; } if (empty($_FILES['avatar']['tmp_name']) === false) { $file_ext = end(explode('.', $_FILES['avatar']['name'])); if(in_array(strtolower($file_ext), array('jpg', 'jpeg', 'gif', 'png')) === false) { $errors[] = 'Your avatar must be an image.'; } } if(empty($errors)) { print_r($_FILES); set_profile_info($_POST['email'],$_POST['location'],$_POST['about'], (empty($_FILES['avatar']['tmp_name'])) ? false : $_FILES['avatar']['tmp_name']); } $userinfo = array( 'email' => htmlentities($_POST['email']), 'location' => htmlentities($_POST['location']), 'about' => htmlentities($_POST['about']) ); } else { $userinfo = fetch_user_info($_SESSION['uid']); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Edit your Profile</title> </head> <body> <div> <?php if(isset($errors) == false) { echo 'Click update to edit your profile.'; } else if(empty($errors)) { echo 'Your profile has been updated.'; } else { echo '<ul><li>', implode('</li><li>', $errors), '</li></ul>'; } ?> </div> <form action="" method="post" enctype="multipart/form-data"> <div> <label for="email">Email: </label> <input type="text" name="email" id="email" value="<?php echo $userinfo['email']; ?>" /> </div> <div> <label for="location">Location: </label> <input type="text" name="location" id="location" value="<?php echo $userinfo['location']; ?>" /> </div> <div> <label for="about">About Me: </label> <textarea name="about" id="about" rows="14" cols="50"><?php echo strip_tags($userinfo['about']); ?></textarea> </div> <div> <label for="avatar">Avatar: </label> <input type="file" name="avatar" id="avatar"/> </div> <div> <input type="submit" value="Update" /> </div> </form> </body> </html> here is the function taken from an external file Code: [Select] function set_profile_info($email, $location,$about,$avatar) { $email = mysql_escape_string(htmlentities($email)); $about = mysql_escape_string(nl2br(htmlentities($about))); $location = mysql_escape_string($location); if (file_exists($avatar)) { $src_size = getimagesize($avatar); if ($src_size['mime'] === 'image/jpeg') { $src_img = imagecreatefromjpeg($avatar); } else if ($src_size['mime'] === 'image/png') { $src_img = imagecreatefrompng($avatar); } else if ($src_size['mime'] === 'image/gif') { $src_img = imagecreatefromgif($avatar); } else { $src_img = false; } if ($src_img !== false) { $thumb_width= 200; if($src_size[0] <= $thumb_width) { $thumb = $src_img; } else { $new_size[0] = $thumb_width; $new_size[1] = ($src_size[1] / $src_size[0]) * $thumb_width; $thumb = imagecreatetruecolor($new_size[0], $new_size[1]); imagecopyresampled($thumb, $src_img, 0, 0, 0, 0, $new_size[0], $new_size[1], $src_size[0], $src_size[1]); } imagejpeg($thumb, "{$GLOBALS['path']}/user_avatars/{$_SESSION['uid']}.jpg"); } } $sql = "UPDATE `users` SET `user_email` = '{$email}', `user_about` = '{$about}', `user_location` = '{$location}' WHERE `user_id` = {$_SESSION['uid']}"; mysql_query($sql); } Below I have returned the array of files to check if its been uploaded correctly. Array ( [avatar] => Array ( [name] => Sonic.jpg [type] => image/jpeg [tmp_name] => /var/tmp/php.waq8n [error] => 0 [size] => 48477 ) ) But I get this error message. Warning: imagecreatefromjpeg() [function.imagecreatefromjpeg]: '/var/tmp/php.waq8n' is not a valid JPEG file in /web/stud/u0963643/userprofilesection/finaluserprofile/core/inc/user.inc.php on line 71 If someone could point out where in this code I have made an error I would be very grateful Thanks Jamie Hello users: I am exploring the delightful world of PHP for web applications. I am in the stage where I need to use SESSIONS and COOKIES and MYSQL for a user/membership/profile structure. I understand most of the grammar behind PHP and am excited to apply this in application. I am searching for recommendations and comments about using: 1. COOKIES 2. SESSIONS 3. MYSQL/SQL Almost every website has an authentication mechanism, profile, and use information. My website required this similar structure, but I have been having some problems completing all of the technical steps for production. If anyone has code samples or places where I can review code on this topic, that would be wonderful. I am specifically searching for more advanced topics in these area for general robustness. Please kindly send me a message or respond to this post. Regards, Diamond Edited by Diamond, 30 December 2014 - 04:27 PM. Hey all, I'm sure this is a really basic question but I'd like a definite answer. I've been watching a tutorial and seeing some site references regarding connecting to a sql database using php. Since it contains a password to the database, my question is, how secure is this page on a webserver, or does it not even matter since the code is so specific to the website and the database it is connecting to.
Thank you in advance. I am modifying someones existing coldfusion web app. I am adding php processing pages to do various tasks. Up to this point I have just been calling the php pages, and interacting with the web app by passing variables via the url. Current usage: Code: [Select] public.cfm calls processing.php?id=69 Then processing will do what it has too, then ultimately: Code: [Select] header("Location: $publichome?id=$id&importantstuff=$stuff"); exit(); And the webapp will pick up where it has too. But now one of my scripts has to send a JSON object back instead of simple variables. I don't know how to get this done. I tried doing a post with cURL but that wasn't working because I need the public facing coldfusion page to take over and curl returns to the php script (I know I can echo the body of the curl result but this keeps me on the php script domain which I dont want). Is there a way to do the above header location and send an object because thats what I need - the php script to stop and the coldfusion page to be served up with the object to work with. Do I have to create some sort of JSON service in php, that the coldfusion page will call an retrieve the result? If so how? Hello- I want to create is fairly simple client login. Basically we have an area in our server, a directory really, filled with pw protected directories which house client project sites, basically viewing rooms for graphics and video we post. we have a few sites up and working, but instead of giving our clients a link and a password (which is kinda sloppy) it would be ideal to have them go to a single index page and login from there. I see the client entering a name and password and the script would match it to the directory and they would be taken to their designated client area. Another way would be to select their directory from a drop down and then enter the user and password, though then clients will be able to see other clients names, which would be less than ideal for disclosure reasons. I hope this makes sense. I am not new to html css, but have only a bit of experience with php, so any help would be greatly appreciated. thanks Matt Hi all, I am currently facing a problem, if you look at 'viewprofile.jpg' attachment, you can see that there is an uploaded profile picture. However when I click to edit the profile, the picture is missing (editprofile.jpg), I am just wondering what went wrong? Can someone guide me in troubleshooting this problem? Code: [Select] <?php if (isset($_POST['submit'])) { // Validate and move the uploaded picture file, if necessary if (!empty($new_picture)) { if ((($new_picture_type == 'image/gif') || ($new_picture_type == 'image/jpeg') || ($new_picture_type == 'image/pjpeg') || ($new_picture_type == 'image/png')) && ($new_picture_size > 0) && ($new_picture_size <= CT_MAXFILESIZE)) { //0 indicates a success, other values indicate failure if ($_FILES['file']['error'] == 0) { // Move the file to the target upload folder $target = CT_UPLOADPATH . basename($new_picture); if (move_uploaded_file($_FILES['new_picture']['tmp_name'], $target)) { // The new picture file move was successful, now make sure any old picture is deleted if (!empty($old_picture) && ($old_picture != $new_picture)) { @unlink(CT_UPLOADPATH . $old_picture); } } else { // The new picture file move failed, so delete the temporary file and set the error flag @unlink($_FILES['new_picture']['tmp_name']); $error = true; echo '<p class="error">Sorry, there was a problem uploading your picture.</p>'; } } } else { // The new picture file is not valid, so delete the temporary file and set the error flag @unlink($_FILES['new_picture']['tmp_name']); $error = true; echo '<p class="error">Your picture must be a GIF, JPEG, or PNG image file no greater than ' . (CT_MAXFILESIZE / 1024). '</p>'; } } // Grab the profile data from the POST $name = mysqli_real_escape_string($dbc, trim($_POST['name'])); $nric = mysqli_real_escape_string($dbc, trim($_POST['nric'])); $gender = mysqli_real_escape_string($dbc, trim($_POST['gender'])); $old_picture = mysqli_real_escape_string($dbc, trim($_POST['old_picture'])); $new_picture = mysqli_real_escape_string($dbc, trim($_FILES['new_picture']['name'])); $new_picture_type = $_FILES['new_picture']['type']; $new_picture_size = $_FILES['new_picture']['size']; list($new_picture_width, $new_picture_height) = getimagesize($_FILES['new_picture']['tmp_name']); $error = false; // Update the profile data in the database if (!$error) { if (!empty($name) && !empty($nric) && !empty($gender)) { $query = "UPDATE tutor_profile SET name = '$name', nric = '$nric', gender = '$gender' WHERE tutor_id = '" . $_GET['tutor_id'] . "'"; mysqli_query($dbc, $query) or die(mysqli_error($dbc)); // Confirm success with the user echo '<p>Your profile has been successfully updated. Would you like to <a href="viewprofile.php?tutor_id=' . $_GET['tutor_id'] . '">view your profile</a>?</p>'; mysqli_close($dbc); exit(); } else { echo '<p class="error">You must enter all of the profile data (the picture is optional).</p>'; } } } // End of check for form submission else { // Grab the profile data from the database $query = "SELECT name, nric, gender FROM tutor_profile WHERE tutor_id = '" . $_GET['tutor_id'] . "'"; $data = mysqli_query($dbc, $query) or die(mysqli_error($dbc)); // The user row was found so display the user data if (mysqli_num_rows($data) == 1) { $row = mysqli_fetch_array($data); if ($row != NULL) { $name = $row['name']; $nric = $row['nric']; $gender = $row['gender']; } else { echo '<p class="error">There was a problem accessing your profile.</p>'; } } } mysqli_close($dbc); ?> <form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"> <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo CT_MAXFILESIZE; ?>" /> <ul id="tabSet_ep"> <li><a href="#panel1">Personal Profile</a></li> <li><a href="#panel2">Qualifications</a></li> <li><a href="#panel3">Tutor\'s Comments/Commitment</a></li> <li><a href="#panel4">Tutoring Levels/Subjects</a></li> </ul> <!--Personal Profile--> <div id="panel1"> <label for="new_picture">Pictu </label> <input type="file" id="new_picture" name="new_picture" /> <?php if (!empty($old_picture)) { echo '<img class="profile" src="' . CT_UPLOADPATH . $old_picture . '" alt="Profile Picture" />'; } ?><br /> <label for="firstname">First name:</label> <input type="text" id="firstname" name="firstname" value="<?php if (!empty($name)) echo $name; ?>" /><br /> <label for="lastname">Last name:</label> <input type="text" id="lastname" name="lastname" value="<?php if (!empty($nric)) echo $nric; ?>" /><br /> <label for="gender">Gender:</label> <select id="gender" name="gender"> <option value="M" <?php if (!empty($gender) && $gender == 'M') echo 'selected = "selected"'; ?>>Male</option> <option value="F" <?php if (!empty($gender) && $gender == 'F') echo 'selected = "selected"'; ?>>Female</option> </select><br /> </div> <input type="submit" value="Save Profile" name="submit" /> </form> Hello, I'm a new member and i want to say a compliment to the php coders. Well, in the profile page i want to insert to box. The first can be modified by the user and by the staff And the second can be inserted comments only by the staff.. We don't have a profile page to modify the date but, is possible insert only that? How can i do that? Naturally the staff comments can be modifed by the staff area. Thanks I was looking at various tutorials on the net to help me create an edit profile page for my site but the ones I tried wouldn't work... What changes would I have to make to this: (register.php) <?php include ('header.php'); ?></center> <div class=content> <?php if(!empty($_POST['username']) && !empty($_POST['password'])) { $username = mysql_real_escape_string($_POST['username']); $password = md5(mysql_real_escape_string($_POST['password'])); $email = mysql_real_escape_string($_POST['email']); $location = mysql_real_escape_string($_POST['location']); $website = mysql_real_escape_string($_POST['website']); $about = mysql_real_escape_string($_POST['about']); $checkusername = mysql_query("SELECT * FROM users WHERE Username = '".$username."'"); if(mysql_num_rows($checkusername) == 1) { echo "<b>Error</b>"; echo "Sorry, that username is taken. Please go back and try again.</p>"; } else { $registerquery = mysql_query("INSERT INTO users (Username, Password, EmailAddress, Location, Website, About) VALUES('".$username."', '".$password."', '".$email."', '".$location."', '".$website."', '".$about."')"); if($registerquery) { echo "<b>Success!</b>"; echo "Your account was successfully created. Please click<a href=\"index.php\"> here </a>to login."; } else { echo "<b>Error</b>"; echo "<p>Sorry, your registration failed. Please go back and try again.</p>"; } } } else { ?> <b>Register</b> <br><br> Please enter your details below to register. <br><br> <form method="post" action="register.php" name="registerform" id="registerform"> <table width=700px border=0 cellspacing=10><tr><td valign=top><table border=0> <b>Required Information:</b><br><br> <tr><td> <b>Username:</b> </td><td> <input type="text" name="username" id="username" /> </td></tr><tr><td> <b>Password:</b> </td><td> <input type="password" name="password" id="password" /> </td></tr><tr><td> <b>Email Address:</b> </td><td> <input type="text" name="email" id="email" /> </td></tr></table></td><td valign=top> <table border=0> <b>Optional Information:</b><br><br> <tr><td> <b>Location:</b> </td><td> <input type="text" name="location" id="location"> </td></tr><tr><td> <b>Your Website:</b> </td><td> <input type="text" name="website" id="website"> </tr></td><tr><td valign=top> <b>Short About:</b> </td><td> <textarea name="about" id="about" rows="10" cols="20"></textarea> </td></tr></td> </table> </td></tr> </table> <input type="submit" name="register" id="register" value="Register" class=btn /> </form> <?php } ?> </div> <?php include ('footer.php'); ?> an edit profile page? I use this as the template because its damn near the same script, just with a few alterations... I know the obvious things the bit I struggle with is selecting the database then inserting new information?...I keep getting my variables/queries messed up when I rewrite it to create a edit profile page. Cheers, Hello. Say i want to view another user profile. I click on user name and i see the profile page. So how can i link user name to his profile? I have tried linking it to $id (this is where user id is stored in the database), but no luck. Thank you. hi all, i have a profile page which is a form that asks users to enter there personal details such as name, location, mobile number etc and saves this info with a mysql database, however when you return to the edit profile page the fields are blank and i want them to pull the details the user has entered (if any) and display it, so if a user entered there name as Lee, then returned to the edit profile page there name field would show lee instead of being empty. heres my profiles page code, any help would be great Code: [Select] <?PHP session_start(); if (!(isset($_SESSION['username']) && $_SESSION['username'] != '')) { header ("Location: login.php"); } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <!-- Author: Reality Software Website: http://www.realitysoftware.ca Note: This is a free template released under the Creative Commons Attribution 3.0 license, which means you can use it in any way you want provided you keep the link to the author intact. --> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title></title> <link href="style.css" rel="stylesheet" type="text/css" /> <style type="text/css"> .auto-style2 { font-size: 25px; } </style> </head> <body> <div id="container"> <!-- header --> <div id="header"> <div id="logo"><a href="#"><span class="orange">SouthWest</span> LAN's</a></div> <div id="menu"> <ul> <li><a href="index.php">home</a></li> <li><a href="register.php">Register</a></li> <li><a href="account.php">My Account</a></li> <li><a href="forum.php">Forums</a></li> <li><a href="faq.php">FAQ</a></li> </ul> </div> </div> <!--end header --> <!-- main --> <div id="main"> <div id="content"> <div id="head_image"> <div id="slogan"><strong><span class="auto-style2">Organising LAN Parties in the SouthWest</span></strong><br /></div> <div id="under_slogan_text"></div> </div> <div id="text"> <h1>Edit Profile</h1> <br /> <form name="register" method="post" action="process_p.php"> <table border="0" width="225" align="center"> <tr> <td width="219" bgcolor="#999999"> <p align="center"><font color="white"><span style="font-size:12pt;">Please fill out as much as possible</span></font></p> </td> </tr> <tr> <td width="219"> <table border="0" width="282" align="center"> <tr> <td width="116"><span style="font-size:10pt;">Username: </span></td> <td width="156"><?php echo $_SESSION['username']; ?></td> </tr> <tr> <td width="116"><span style="font-size:10pt;">Email: </span></td> <td width="156"><input type="text" name="email" maxlength="30"></td> </tr> <tr> <td width="116"><span style="font-size:10pt;">Real Name: </span></td> <td width="156"><input type="text" name="real_name"></td> </tr> <tr> <td width="116"><span style="font-size:10pt;">Location: </span></td> <td width="156"><input type="text" name="location"></td> </tr> <tr> <td width="116"><span style="font-size:10pt;">Mobile Number: </span></td> <td width="156"><input type="text" name="mobile_number"></td> </tr> <tr> <td width="116"><span style="font-size:10pt;">Instant Messager: </span></td> <td width="156"><input type="text" name="instant_messaging"></td> </tr> <tr> <td width="116"> </td> <td width="156"> <p align="right"><input type="submit" name="update" value="Update Profile"></p> </td> </tr> </table> |
|||||||