if (!isset($_SESSION['first_name'])) {
header ("Location: [url]http://[/url]" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) .
"index.php");
ob_end_clean();
exit();
} else {
$message=NULL;
if (isset($_POST['submit'])) {
require_once ('../mysql_connect.php');
if (isset($_POST['web_address'])) {
$w = escape_data($_POST['web_address']);
} else {
$w = FALSE;
}
if (isset($_POST['occupation'])) {
$o = escape_data($_POST['occupation']);
} else {
$o = FALSE;
}
if (isset($_POST['about_you'])) {
$ab = escape_data($_POST['about_you']);
} else {
$ab = FALSE;
}
if ($w || $o || $ab) {
$query = "SELECT web_address FROM profile WHERE mem_id={$_SESSION['mem_id']}";
$result = @mysql_query ($query);
if (mysql_num_rows($result) == 0) {
$query = "INSERT INTO profile (mem_id, web_address, occupation, about_you) VALUES ({$_SESSION['mem_id']}, '$w', '$o', '$ab')";
if (mysql_affected_rows() > 0) {
$message .='<br><br><span class="errors">Your profile has been created.</span><br><br>';
} else {
echo 'you suck';
}
} elseif (mysql_num_rows($result) > 0) {
$query = "UPDATE profile SET web_address='$w', occupation='$o', about_you='$ab'
WHERE mem_id={$_SESSION['mem_id']}";
$result = @mysql_query ($query);
$message='<br><br><span class="errors">Your profile has been updated.</span><br><br>';
} else {
$message .='<br><br><span class="errors">Your profile could not be changed due to a system error. Our apologies.</span><br><br>';
}
mysql_close();
} else {
$message .='<br><br><span class="errors">Please try again.</span><br><br>';
}
}
the second query works, when there is a result of > 1
