Hello there,
I am working on a site that will allow a user to enter Bookmarks into a MySQL database and I've gotten a fair portion of it to work looking at tutorials and stuff, but I've run into a few problems.
Problem 1 (This one is the one that I'm most concerned about)
I want the user to be able to view the bookmarks that they have entered, I believe the following MySQL statements and HTML code should pull that information from the database according to the user that is logged in. I don't understand what I've done wrong. The page won't give any information at all, it shows the stuff the html code tells it to show, but won't show the db info.
[$MyVariable = $_SESSION['UID'];
echo '</h1>';mysql_select_db($database_Jaredlinux, $Jaredlinux);
$query_Recordset1 = "SELECT Bookmarks.Address, Bookmarks.Name, Bookmarks.Added, Rating.Uscore, User_Bookmarks.LastVisited, User_Bookmarks.Category, User_Bookmarks.Description FROM Bookmarks, Rating, User_Bookmarks WHERE User_Bookmarks.UID";
$Recordset1 = mysql_query($query_Recordset1, $Jaredlinux) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
.
.
.
.
.
<fieldset><table width="100%" border="0">
<tr>
<td colspan="2"><table width="100%" border="0">
<tr>
<td width="19%" rowspan="2" valign="middle"><h3><?php echo ucfirst($row_Recordset1['Category']); ?>:</h3></td>
<td width="39%" rowspan="2"><u><h4><?php echo ucfirst($row_Recordset1['Name']); ?></h4></u></td>
<td colspan="2">Last Visited: <?php echo $row_Recordset1['LastVisited']; ?></td>
</tr>
<tr>
<td width="26%">User Rating: <?php echo $row_Recordset1['Uscore']; ?></td>
<td width="16%"> </td>
</tr>
</table></td>
</tr>
<tr>
<td width="6%"> </td>
<td width="94%"><?php echo '<a href='; echo $row_Recordset1['Address']; echo'>'; echo $row_Recordset1['Address']; echo '</a>'; ?></td>
</tr>
<tr>
<td colspan="2"><?php echo $row_Recordset1['Description']; ?></td>
</tr>
<tr>
<td colspan="2">Added: <?php echo $row_Recordset1['Added']; ?></td>
</tr>
</table></fieldset>
<table width="100%" border="0">
<tr>
<td> </td>
</tr>
</table>
Problem 2
A user is given the opportunity to change their password in the following code. However, the database fails to recieve any of the users input (therefore not changing the password), the page also does not give an error or success message.
<?php # change_password.php
// This page allows logged-in isers to change their password.
// Include the configuration file for error management and such.
require_once ('includes/errorman.inc');
// Set the page title and include the HTML header.
$page_title = 'Change Your Password';
include_once ('includes/header.html');
// If no F_Name variable exists, redirect the user.
if (!isset($_SESSION['F_Name'])) {
header ("Location: [url]http://[/url]" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/index.php");
ob_end_clean();
exit();
} else {
if (isset($_POST['submit'])) { // Handle the form.
require_once ('Connections/mysql_connect.php'); // Connect to the database.
// Check for a new password and match against the confirmed password.
if (eregi ("^[[:alnum:]]{4,20}$", stripslashes(trim($_POST['password1'])))) {
if ($_POST['password1'] == $_POST['password2']) {
$Pswd = escape_data($_POST['password1']);
} else {
$Pswd = FALSE;
echo '<p><font color="red" size="+1">Your password did not match the confirmed password!</font></p>';
}
} else {
$Pswd = FALSE;
echo '<p><font color="red" size="+1">Please enter a valid password that is between 4 and 20 characters long!</font></p>';
}
if ($Pswd) { // If everything's OK.
// Make the query.
$query = "UPDATE User SET Pswd=PASSWORD('$Pswd') WHERE UID={$_SESSION['UID']}";
$result = @mysql_query ($query); // Run the query.
if (mysql_affected_rows() == 1) { // If it ran OK.
// Send an email
$body = "PLEASE DO NOT REPLY TO THIS MESSAGE\n\nYou have requested a password change for user ID '{$_POST['UID']}'!\nYour new password is '{$_POST['password1']}'.\n\nSincerely,\nThe Administrator\n\nPLEASE DO NOT REPLY TO THIS MESSAGE";
mail ($_POST['Email'], 'Password change confirmation', $body, 'From: [email]admin@site.com[/email]');
echo '<h3>Your password has been changed and a confirmation email has been sent to you.</h3>';
include ('includes/footer.html'); // Include the HTML footer.
exit();
} else { // If it did not run OK.
// Send a message to the error log, if desired.
$message = '<p><font color="#FF0000" size="+1">Your password could not be changed due to a system error. We apologize for any inconvenience.</font></p>';
}
mysql_close(); // Close the database connection.
} else { // Failed the validation test.
echo '<p><font color="#FF0000" size="+1">Please try again.</font></p>';
}
} // End of the main Submit conditional.
?>
Thanks for the help in advance.
