PHP - Commenting Section And Members Area Help!!!

Hi,
I'm trying to code a very basic commenting system, my only worries is how I'm going on about disabling the user from putting any html php etc.. in the comment so it gets displayed on the page.. I have on idea of what to look for, any help is much appreciated

I considdered this: strip_tags() but what i want is to display the comment just without actually executing the code if you get me?

Short of deleting, how do I comment out code like this :

<!-- IF not S_DISPLAY_RECENT -->
    <!-- INCLUDE portal/block/recent.html -->
<!-- ENDIF -->

Nesting <!-- -->
/*...*/
//

do not work.

Thanks

And I'm talking as basic as you can go! I'm trying to implement a commenting system on my website for news articles I post, and I've only gotten as far as creating the script to connect to my database (I use mysql). I've tried every open source script online for this app and I've not been able to get any one to work within my website. They'll work on separate blank html pages, but I can't figure out how to put the code into my existing pages, which is a huge problem.

As a result, I've resorted to creating my own script, which shouldn't be too difficult to make. If anyone could possibly describe a step by step process on how this can be done I would be incredibly grateful! Just note that I don't want to use ajax, jscript or any other languages like that, just PHP.

Another question I have, is how would I organize my database to include all news articles, and comments with a news article "id"? Would I need to put both in separate tables and just assign each comment with the uniqe id associated with whatever news article?

And the last thing, I want pagination for my news. I have it to where if I insert a news article column into my table "mynews", it'll show up on the home page, but how and where would I insert a pagination code to make the articles "paginate"?

Hello, I'm trying to create a simple php blog thing, and I can't get the commenting to work..

blog.php?id=2

On that page, there is a form what is used to comment, it goes to send.php

That php has this query in it:


$yhteys = mysql_connect('10.5.49.32', '09A_user', 'pass');
mysql_select_db('09A_Jere', $yhteys);
mysql_query("INSERT INTO  `Blog_kommentit` (`kayttajat` ,  `kommentti` ,  `kirjid` )  VALUES ('$kayttajat',  '$kommentti',  '$id')") or die(mysql_error())$sql = "SELECT * FROM Blog_kommentit WHERE kirjid='$id' ORDER BY id";;
mysql_close($yhteys);
header('Location: ' . $_SERVER['HTTP_REFERER']);

How can I make the $id to be previous pages id (2)? This shouldn't be anything hard and I'm kinda amazed why I am stuck in this, any help will be appreciated.
If I just put $id I get this error:
Code: [Select]
Cannot add or update a child row: a foreign key constraint fails (`09A_Jere/Blog_kommentit`, CONSTRAINT `kommentti_kirjoitus` FOREIGN KEY (`kirjid`) REFERENCES `Blog_kirjoitukset` (`id`))Here is how my database works:


(Kayttajat = username, kommentti = comment)

Hi im pretty new to php but I was following a tutorial for a commenting system and implemented it onto my blog page. Anyway the problem I have is that as you go down the page each blog post displays its own comments  + the comments for the posts above it. I have checked the database and the data seems to link the correct comments to the correct posts so I am confused to why this is happening. I have looked over my code and cant seem to find a problem (probably because I suck!).

Here is the code for the blog page...

Code: [Select]
<?php
include_once ("scripts/checkuserlog.php");
include_once ("scripts/connectToMysql.php");
include_once ("functions/agoTime.php");

$myObject = new convertToAgo;
$username = '';
$errorMsg = '';
$successMsg = '';
$date = date("m.d.y");

if (isset($_GET['id'])) {
 $id = preg_replace('#[^0-9]#i', '', $_GET['id']);
} else if (isset($_SESSION['idx'])) {
 $id = $logOptions_id;
} else {
   header("location: index.php");
   exit();
}

$id = preg_replace('#[^0-9]#i', '', $id);
$sql = mysql_query("SELECT * FROM members WHERE id='$id' LIMIT 1");

$existCount = mysql_num_rows($sql); 
 if ($existCount == 0) {
 header("location: index.php?msg=user_does_not_exist");
     exit();
}

while($row = mysql_fetch_array($sql)){
$username = $row["username"];
}

if(isset($_POST['workoutName'])){
$workoutName = $_POST['workoutName'];
$workoutDescription = $_POST['workoutDescription'];

if ((!$workoutName) || (!$workoutDescription)) { 

$errorMsg = 'Please fill in both fields';
} else {

$insertBlog = mysql_query("INSERT INTO blog (userid, workoutName, workoutDescription, datetime) VALUES ('$id', '$workoutName', '$workoutDescription', now())") or die(mysql_error());

if ($insertBlog){
        $successMsg = '<span class="errorMsg">Workout blogged successfully</span>';
    } else {
$errorMsg = '<span class="errorMsg">Problems arose during the information exchange, please try again later.</span>';
    }
}
}

$getBlog = mysql_query("SELECT * FROM blog WHERE userid='$id' ORDER BY id DESC");
$blogEntries = mysql_num_rows($getBlog);

if($blogEntries < 1){
$blogDisplay = '<span class="blogName">' .$username. ' has not blogged a workout yet</span>';
} else {
while($row = mysql_fetch_array($getBlog)){

$blogEntryId = $row["id"];

$sql_comment = mysql_query("SELECT * FROM blog_comments WHERE post_id='$blogEntryId' ORDER BY id ASC");

$countComment = mysql_num_rows($sql_comment);
if($countComment > 0){
while($row2 = mysql_fetch_array($sql_comment)){
$comment_user_id = $row2["comment_user_id"];

$sql_comment_username = mysql_query("SELECT username FROM members WHERE id='$comment_user_id' LIMIT 1");

while($row3 = mysql_fetch_array($sql_comment_username)){
$comment_username = $row3["username"];}

$post_id = $row2["post_id"];
$commentBody = $row2["comment_body"];
$commentDate = $row2["comment_date"];

$displayCommentList .= '<div>' .$comment_username. ' - ' .$commentBody. ' - ' .$commentDate. '</div>';
}

} else {
$displayCommentList = '';
}
$workoutName = $row["workoutName"];
$workoutDescription = $row["workoutDescription"];
$blogDate = $row["datetime"];
$convertedTime = ($myObject -> convert_datetime($blogDate));
$blogDate = ($myObject -> makeAgo($convertedTime));

$blogDisplay .= '<table width="950px"><tr bgcolor="#DBE4FD"><td><span class="blogName">' .$workoutName. '</span>&nbsp;&raquo;&nbsp;<span class="blogDate">' .$blogDate. '</span></td></tr>
<tr bgcolor="#F1F4FE"><td><span class="blackText">' .$workoutDescription. '</span></td></tr>
<tr bgcolor="#DBE4FD" valign="top"><td>' .$displayCommentList. '</td></tr>

<div id="new_comment' .$blogEntryId. '" style="display:none"></div>

<tr><td><textarea id="comment' .$blogEntryId. '"></textarea><input type="submit" value="Comment" onclick="javascript:SendComment(\''.$blogEntryId.'\');" /></td></tr>';

if(isset($_SESSION['id'])&&$_SESSION['id']==$id){
$blogDisplay .= '<tr bgcolor="#DBE4FD"><td><a href="editBlogPost.php?id=' .$blogEntryId. '"><span class="blackText">Edit Post</span></a>&nbsp;&#38;#8211;&nbsp;<span class="blackText">Delete Post</span></td></tr></table><br /><br />';
}
}
}

if(isset($_POST['deleteButton'])){
$deleteBlog = mysql_query("DELETE FROM blog WHERE id='$blogEntryId'");

if($deleteBlog){
$successMsg = 'Blog entry deleted successfully';
} else {
$errorMsg = 'Could not process your request, please try again later';
}
}

?>
<?php
if (isset($_SESSION['id'])&&$_SESSION['id']==$id) {
$blogForm = '<table bgcolor="#DBE4FD" width="950px">
    <form action="member_blog.php" method="post" enctype="multipart/form-data">
    <tr>
    <td width="200px"><span class="blackText">Workout Name:</span></td><td width="650px"><input name="workoutName" type="text" id="workoutName" />&nbsp;&nbsp;&nbsp;&nbsp;<span class="blackText">Date: ' .$date. '</span></td></tr>
    <tr>
    <td><span class="blackText">Workout Description:</span></td><td><textarea name="workoutDescription" cols="75" rows="10" id="workoutDescription" /></textarea></td></tr>
    <tr><td><input name="submitBlog" id="submit" type="submit" value="Blog!" /></td><td><span class="errorMsg">' .$errorMsg. '' .$successMsg. '</span></td>
    </tr>
    </form>
    </table>';
} else {
$blogForm = '';
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title><?php echo ("$username"); ?>'s Blog</title>
<link href="style/layout.css" rel="stylesheet" type="text/css" />
<link href="style/main.css" rel="stylesheet" type="text/css" />
<script src="js/jquery-1.4.2.js" type="text/javascript"></script>
<script language="javascript" type="text/javascript">
function SendComment(blogEntryId){
var comment_txt = $("#comment"+blogEntryId).val();

if(comment_txt == ""){
alert("Please enter a comment");
} else {
$.post("scripts/blogComment.php", {comment: comment_txt, blogId: blogEntryId} ,function(data){
$("#new_comment"+blogEntryId).html(data);
$("#new_comment"+blogEntryId).slideDown(300);
});
}
}
</script>
</head>

<body>
<div id="container">
<?php include_once ("bannerFiles/bannerTemplate.php"); ?>
    <?php include_once ("bannerFiles/bannerMenu.php"); ?><br />
    <div id="content">
    <span class="profileUsername"><?php echo ("$username"); ?>'s Workout Blog</span><br /><br />
    <?php echo ("$blogDisplay"); ?><br /><br />
<?php echo ("$blogForm"); ?>
    </div><br /><br />
    <?php include_once ("footerFiles/footerTemplate.php"); ?>
</div>
</body>
</html>

...and here is the code for the blogComment.php page

Code: [Select]
<?php
session_start();
include_once ("connectToMysql.php");

if(isset($_POST['comment'])){
$comment = $_POST['comment'];
$blogId = $_POST['blogId'];
$comment_user_id = $_SESSION['id'];
$username = $_SESSION['username'];

$sql = mysql_query("INSERT INTO blog_comments (comment_body, post_id, comment_user_id, comment_date) VALUES ('$comment', '$blogId', '$comment_user_id', now())");

echo '<div>' .$username. ' - ' .$comment. ' - Just Now</div>';

} else {

echo "Failure";

}
?>

Thanks in advance for any help

I have spent almost 2 days looking for solution to the strangest error I have ever meet.

Whenever I do commenting and my php script, the sricpt falls running.
Code: [Select]
<?php 

error_reporting(E_ALL | E_STRICT);
echo 'test1';
//echo 'testi2';
echo 'test3';
flush();

?>
trigger_error("Here we are!", E_USER_ERROR);
 

This will output: test1.

I have tried lot of things to find out the problem but I can't get any error message and whenever I remove the comments, the script works absolute fine. The script works also with comments in my local server, but whenever I download it on the other server, the problem appears. The file encoding is a UTF-8 format without BOM, and the file is one part of my Yii application. I haven't relasized similar behaving in other scripts.

I wonder if someone has some idea what could cause this kind of behaving?

I'm very thankful to man who can give me ideas...

I need some help with my commenting system. at the moment the code is like this:

<div id="pagepannel">
                <div id="ptop_small">Comments</div>
                <div id="pbottom_small">
          <p>
            <?php 
//
if ($allow_comments == "no") {
?>
          </p>
          <p>No Posting comments here!!!</p>
          <p>&nbsp;</p>
          <p>&nbsp;</p>
          <p>
            <?php } else ?>
          </p>
          <p>
            <?php 
  $sql = "SELECT comment_id, blog_id, posted_by, comment, stamp, email, type FROM jscrgaming_newscomments WHERE blog_id='$blog_id'  ORDER BY comment_id DESC";
$result = mysql_query($sql) or die('Error : ' . mysql_error()); 
      while(list($comment_id, $blog_id_co, $username, $comment, $stamp, $email, $type) = mysql_fetch_array($result, MYSQL_NUM))
{ 
if ($type == 'user'){
?>
          </p>
          <table width="95%" border="0" cellpadding="0" cellspacing="0" class="full_border">
            <tr>
              <td width="75" id="avatar"></td>
              <td><span class="capitalize"><a href="userinfo.php?user=<? echo $username ?>"><strong><? echo $username ?></strong></a></span><strong> posted</strong>: <? echo stripslashes($comment) ?></td>
            </tr>
            <tr>
              <td colspan="2" bgcolor="#CAE4FF" class="date"><? echo $stamp ?>&nbsp;</td>
            </tr>
          </table>
          <p>&nbsp;</p>
          <p>
            <? } 
else{
?>
          </p>
          <table width="95%" border="0" cellpadding="0" cellspacing="0" class="full_border">
            <tr>
              <td><strong> <? echo $username ?>posted</strong>: <? echo stripslashes($comment) ?></td>
            </tr>
            <tr>
              <td bgcolor="#CAE4FF" class="smalltext"><? echo $stamp ?>:: User Was Guest</td>
            </tr>
          </table>
          <p>&nbsp;</p>
          <p>
            <? } }?>
          </p>
          <p>
            <?php 
//
if ($allow_comments == "restricted") {

/**
 * User has already logged in, so display relavent links, including
 * a link to the admin center if the user is an administrator.
 */
if($session->logged_in){?>
          </p>
          <form id="form3" name="form3" method="post" action="user/admin/blog/comment_system/user.php">
            <p>&nbsp;</p>
            <table width="95%" border="0" align="center" cellspacing="2" class="full_border">
              <tr>
                <td colspan="2">You are commenting as <?php echo $session->username;?></td>
              </tr>
              <tr>
                <td width="75">Message</td>
                <td><textarea name="co_comment" cols="30" id="textfield10"></textarea></td>
              </tr>
              <tr>
                <td width="75"><span class="header">
                  <input name="co_username" type="hidden" id="co_username" value="<?php echo $session->username;?>" />
                  <input name="co_blog_id" type="hidden" id="co_blog_id" value="<?php echo $blog_id ?>" />
                </span></td>
                <td><label>
                  <input type="submit" class="blog_button" value=" Post " />
                </label></td>
              </tr>
              <tr>
                <td>&nbsp;</td>
                <td class="smalltext">only 200 charaters can be used</td>
              </tr>
            </table>
          </form>
          <p>&nbsp; </p>
          <p>
            <? } else {?>
          </p>
          <p>&nbsp;</p>
          <table width="95%" border="0" align="center" cellspacing="2" class="full_border">
            <tr>
              <td width="75"><span class="capitalize">Name</span></td>
              <td><label>
                <input name="textfield5" type="text" disabled="disabled" id="textfield5" size="35" />
              </label></td>
            </tr>
            <tr>
              <td width="75">Email</td>
              <td><input name="textfield5" type="text" disabled="disabled" id="textfield6" size="35" /></td>
            </tr>
            <tr>
              <td width="75">Message</td>
              <td><textarea name="textfield5" cols="30" disabled="disabled" id="textfield7">You need to be logged in to comment.</textarea></td>
            </tr>
            <tr>
              <td width="75">&nbsp;</td>
              <td><label>
                <input type="button" class="blog_button" value=" Post " />
              </label></td>
            </tr>
          </table>
          <p>&nbsp;</p>
          <p>
            <?php } } else { 
  if($session->logged_in){?>
          </p>
          <form id="form2" name="form2" method="post" action="user/admin/blog/comment_system/user.php">
            <p>&nbsp;</p>
            <table width="95%" border="0" align="center" cellspacing="2" class="full_border">
              <tr>
                <td colspan="2">You are commenting as <?php echo $session->username;?></td>
              </tr>
              <tr>
                <td width="75">Message</td>
                <td><textarea name="co_comment" cols="30" id="textfield8"></textarea></td>
              </tr>
              <tr>
                <td width="75"><input name="co_username" type="hidden" id="co_username" value="<?php echo $session->username;?>" />
                  <input name="co_blog_id" type="hidden" id="co_blog_id" value="<?php echo $blog_id ?>" /></td>
                <td><label>
                  <input type="submit" class="blog_button" value=" Post " />
                </label></td>
              </tr>
              <tr>
                <td>&nbsp;</td>
                <td><span class="smalltext">only 200 charaters can be used</span></td>
              </tr>
            </table>
          </form>
          <p>&nbsp; </p>
          <p>
            <? } else { ?>
          </p>
          <form id="form1" name="form1" method="post" action="user/admin/blog/comment_system/guest.php">
            <p>&nbsp; </p>
            <table width="95%" border="0" align="center" cellspacing="2" class="full_border">
              <tr>
                <td width="75"><span class="capitalize">Name</span></td>
                <td><label>
                  <input name="co_username" type="text" id="co_username" size="35" />
                </label></td>
              </tr>
              <tr>
                <td width="75">Email</td>
                <td><input name="guest_email" type="text" id="guest_email" size="35" /></td>
              </tr>
              <tr>
                <td width="75">Message</td>
                <td><textarea name="co_comment" cols="30" id="co_comment"></textarea></td>
              </tr>
              <tr>
                <td width="75">Spam</td>
                <td>&nbsp;</td>
              </tr>
              <tr>
                <td colspan="2" align="center"><? require_once('user/captcha/recaptchalib.php');
$publickey = "6Ld_W7sSAAAAAPNTLWrUJLEClFpSSPu1d1Ry5zNR"; // you got this from the signup page
echo recaptcha_get_html($publickey); ?></td>
              </tr>
              <tr>
                <td colspan="2" align="right"><span class="smalltext">only 200 charaters can be used</span>
                  <input name="co_blog_id" type="hidden" id="co_blog_id" value="<?php echo $blog_id ?>" />
                  <input type="submit" class="blog_button" value=" Post " /></td>
              </tr>
            </table>
          </form>
          <p>&nbsp; </p>
          <p>
            <? } } ?>
          </p>
<p>&nbsp;</p>
                  <div></div>
                </div>
              </div>


I, know its a bit messy but lets me see it and design it in Dreamweaver

Any way, for the comment system for users, I want it to show their avatar as well, which is stored in the users table. How would one do this.

I did think of it submitting the avatar along with the post but then it wouldnt update if the user would to change their avatars :\

Any helps???

I created a field in "b_users" table as "banned" with default value="no". i.e, all members by default are set to "banned"="no". I was testing this code in my some pages to ban member and prevent access to my pages:

$getid="SELECT * from b_users where id='$user_id'";
if($getid[banned]=="yes")
 {
  die("<center>You have been banned from posting</center>");
 } 
else
{
show page
Above code is banning all members. But i want to show ban message to members who's "banned" field value is set to "yes" only. How to do that?

Hi guys,

Im trying to get my members_profile.php to display the users profile....

I.e members_profile.php?boxerman will display my information.

I've been at it for hours but no luck...

This is what im trying to code:

<?php
include ("connect.php")

$username = $_GET['username'];
$user = mysql_query("SELECT * FROM user WHERE username = '$username'");
$user=mysql_fetch_assoc($user);

echo "<h1>User Info</h1>";

echo "<b>Username:".$user['username']."<br>";

echo "<br>";
  echo '<form name="backlistfrm" method="post" action="members.php">';
echo '<input type="submit" value="Back to The List">';
echo '</form>';
echo "<br>";

?>

It displays nothing when going to members_profile.php?boxerman

Any advice as to why?

Regards,

B-Man

Hi Guys,

I was wondering how I could wrap my members page so that only 5 members appear at a time and you have to click the next button to go onto the next page. Here is the current code. Code: [Select]
$userid = $_SESSION['userid'];

$query = "SELECT username, first_name, last_name, password, email, dob, mob, yob, year, gender FROM spotty WHERE user_id = '" . $userid . "'";

$query2 = "SELECT user_id FROM spotty WHERE user_id = '" . $userid . "'";

$result = mysql_query($query) or die('Error Getting Information Requested');

$result2 = mysql_query($query2) or die('Error Getting user_id');

$row = mysql_fetch_array($result);

$row2 = mysql_fetch_array($result2);

//$result = mysql_query($query);

$num = mysql_num_rows($result2);
$username = $row['username'] ;


if($_SESSION['userid'] == NULL)
{
echo "Sorry, wrong username or password. You will be redirected in 5 seconds.";
echo "<meta http-equiv='refresh' content='7;url=http://www.klueless.net/daisysite'>";
}
else
{
echo "Members.";
echo "<br />";

$membsquery="SELECT * FROM spotty WHERE showmem = '0'";
$membs=mysql_query($membsquery);

$num=mysql_numrows($membs);
$membresult = mysql_result($membs,$i,"user_id");
$useridname = $membresult['username'];


echo "<br /> <br />" ;

echo "<table border='0' cellspacing='2' cellpadding='2'> <tr>
<font face='Comic Sans MS, cursive'>Click on a username to see their profile.</font>
<br />
<br />
</tr>";

$i = 0;
while ($i < $num) {


$f1 = "<font face='Verdana, Geneva, sans-serif'><a href='profile.php?id=" . mysql_result($membs,$i,"user_id") . "'>" . mysql_result($membs,$i,"username") . "</a><br /><br />";


echo "<tr>
<td>" .  $f1 ."</font></td>
</tr>
</table>" ;
$i++;
}
}

mysql_close()


?>
Thanks in advance! 

i been working on my view Members page for a while now i can't seem to get it to work right

this is how i shows up for me


and i want it to show up like this


i think it has something to do with the loop, but have no idea how to fix this :S



<?php
require_once('settings.php');
checkLogin('1 2');


$Members = mysql_query("SELECT * FROM users") or die(mysql_error());

$numRowsMembers = mysql_num_rows($Members);
?>

<?php
for($count = 1; $count <= $numRowsMembers; $count++)
{
    $name = mysql_fetch_array($Members);


?>
<table border=2>
<tr><td><img src="<? echo $name['main_P']?>" width="50" height="50"/>
<a href="view_profile.php?username=<? echo $name['Username']?>"><? echo $name['Username']?></a>

<?

$onlinestatus = $name['ON_OFF'];

if ( $onlinestatus == OFFLINE ) {
echo "";
} else {
echo "<font color=green>Online Now!</font>";
}
?>

</td></tr></table>

<?
}
?>

$_GET["find"] displays all users including the current user. The current user should not be displayed.

I would like to display members that are NOT friends with the current user. Do I need to join the tables to make this work?

$_GET["add"] inserts "screen_name" into "member and friendwith"

Code: [Select]
<?php
if(isset($_GET["find"]))
 {
$username = $_POST["screen_name"];
$query = "SELECT * FROM users WHERE screen_name LIKE '%$username%'";
$result = mysql_query($query);
$exist = mysql_num_rows($result); 
if($exist=='0')
{
 echo "No match found";
}
else 
{
 echo "Matches for search: $username<br>";
 while($currow = mysql_fetch_array($result))
 {
 ?>
<a href="users/member?addfriend=<?php echo $currow['screen_name']; ?>"><img src="avatars/<?php echo $currow["image"]; ?>" ></a>
<?php
 }
}
 }
 
 if(isset($_GET["add"]))
 { 
$username = $_SESSION["screen_name"];
$friend = $_GET["add"];
$query = "SELECT * FROM friends WHERE member='$username' AND friendwith='$friend'";
$result = mysql_query($query);
$exist = mysql_num_rows($result); 
if($exist=='0')
{
 $query = "INSERT INTO friends(member,friendwith) VALUES('$username','$friend')";
 mysql_query($query);
 echo "$friend is now your friend!";
}
else 
{
 echo "$friend is already your friend!";
} 
 }
?>

Let me make this clear really quick, I am not talking about this forum.  Ok, so how do I set up a way that I can make a simple messaging system on my website and make it so that I can have check boxes of who I can send a message to on my website.  I have a recipient field and I need to know how I can make it so that only the specific members that are checked will get the message.........does this make sense?

This topic has been moved to Miscellaneous.

http://www.phpfreaks.com/forums/index.php?topic=317715.0

Hi all,

I am trying to write a script where the user can update their details.

The html form sends the details across to this php file below. All the php variables echo after the query however the values do not replace the current values in the mysql database.

Also for some reason the fname is the only one that changes no matter what the value is. It is entered in to mysql as '0'.

I think the problem will be in the php below.

As all the information below is echoed correctly, and because the value of 'fname' changes I know the connection is working fine.
I guess the error must be in the query I have written, however there is no error that comes up...

Hope you can point me in the right direction.

Thanks


<?php
include("../cxn.php");

$fname = $_POST['fname'];
$lname = $_POST['lname'];
$newemail = $_POST['newemail'];
$telephone = $_POST['telephone'];
$icao = $_POST['icao'];
$newpassword = $_POST['newpassword'];
$id = $_POST['id'];

$sql = "UPDATE Members SET fname='$fname' AND lname='$lname' AND email='$newemail' AND telephone='$telephone' AND password='$newpassword' AND icao='$icao' WHERE id='$id'";
$result = mysqli_query($cxn,$sql)
or die ("Couldn't execute query");

echo "Your new details a  <p>";
echo "$fname <br> $lname <br> $newemail <br> $telephone <br> $icao <br> $newpassword";

?>