can you just tell me which sections I need to update? I've tried a few times and I think I'm still missing something.
I'm re-learning php as I go (used to be more proficient about 10 years ago) and most of it makes sense but trying to figure out someone else's code...hard. So what I see is that at the beginning there's this code
Code: Select all
$db_fullname = '';
$db_email = '';
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['form_name']) && $_POST['form_name'] == 'editprofileform')
{
$success_page = './ProfileInfo.php';
$oldusername = $_SESSION['username'];
$newusername = $_POST['username'];
$newemail = $_POST['email'];
$newpassword = $_POST['password'];
$confirmpassword = $_POST['confirmpassword'];
$newfullname = $_POST['fullname'];
which I think is working on when they click update as there's NEW at the front of the fields. So if I have added fields I need to create something like
$newaddress1 = $_POST['address1'];
for each custom field. Then there's some validating of username, password etc. which I don't need to mess with. In that section there's this code
Code: Select all
{
$crypt_pass = md5($newpassword);
$newusername = mysqli_real_escape_string($db, $newusername);
$newemail = mysqli_real_escape_string($db, $newemail);
$newfullname = mysqli_real_escape_string($db, $newfullname);
$sql = "UPDATE `".$mysql_table."` SET `username` = '$newusername', `fullname` = '$newfullname', `email` = '$newemail' WHERE `username` = '$oldusername'";
mysqli_query($db, $sql);
if (!empty($newpassword))
{
$sql = "UPDATE `".$mysql_table."` SET `password` = '$crypt_pass' WHERE `username` = '$oldusername'";
mysqli_query($db, $sql);
}
Which is updating the table - right? so i need to add my fields here as well like
$sql = "UPDATE `".$mysql_table."` SET `username` = '$newusername', `fullname` = '$newfullname', `email` = '$newemail',
'address1' = '$newaddress1' WHERE `username` = '$oldusername'";
and that's all I think I need to edit except for the bottom part which I already have (see below). Or do I need to add my fields like this as well -
$newaddress1 = mysqli_real_escape_string($db, $newaddress1);
If so, what's that code for? Just point me to a resource page, no need for in depth explanation. I can do more research if I know where it's going.
Code: Select all
sql = "SELECT * FROM ".$mysql_table." WHERE username = '".$_SESSION['username']."'";
$result = mysqli_query($db, $sql);
if ($data = mysqli_fetch_array($result))
{
$db_username = $data['username'];
$db_fullname = $data['fullname'];
$db_email = $data['email'];
$db_address1 = $data['address1'];
Is there anywhere else I need to update? And you are a great help and I would suggest making a tutorial on this.
If the answer is too in-depth, I completely understand. You don't need to be teaching Php to all of us 1 at a time.