Grrr...ok I have a coding I'm trying to get to work together.
- pw check and update -- works
- upload and update image -- works
- update information -- works
I had these on seperate pages to test them but I wanted them to work TOGETHER in one file, but I keep getting a blank page in return and am not sure why...
(Sorry to be a pain in the butt today >_< I've been struggling with this file for over a month now, I've broken it down into 3 parts for easier reading)
part 1: check and change password:
//update the password
<?
$todo=$_POST['todo'];
$username=(ucfirst($_POST['username']));
$new_pw=$_POST['new_pw'];
$new_pw2=$_POST['new_pw2'];
$oldpw=$_POST['oldpw'];
$imagefile=$_FILES['image'];
if(isset($todo) and $todo=="update"){
$filename=mysql_real_escape_string($filename);
$new_pw=mysql_real_escape_string($new_pw);
$oldpw=mysql_real_escape_string($oldpw);
$result = mysql_query("SELECT pw FROM $table WHERE username = '$username' LIMIT 1");
if (mysql_num_rows($result) == 1) {
$pw = mysql_fetch_array($result);
if ($oldpw == $pw['pw']) {
if (!empty($_POST['new_pw'])) {
if ($_POST['new_pw'] == $_POST['new_pw2']) {
if (mysql_query("UPDATE $table SET pw = md5('$_POST[new_pw]') WHERE username = '$username' LIMIT 1") === true) {
echo "<p align=\"center\">Password changed.</p>";
}
else {
problem('Password could not be changed. mysql_error()');
}
}
else {
problem('Sorry, passwords did not match. Try again');
}
}
}
else {
problem('Sorry, the password you entered does not match the one in the database.');
}
}
else {
problem('Sorry, it does not look like there is a user with that username in the database.');
}
}
?>
part 2: upload a new image and update the db with the new filename:
<?
//update the image
@mysql_select_db($db);
$arr = mysql_fetch_assoc(mysql_query("SELECT * FROM $table WHERE username = '{$_POST['username']}' AND '{$_POST['oldpw']}'"));
if ($_POST['pw'] != $arr['pw']) {
problem('You do not have permission to update this profile.');
}
else if( isset($_FILES['image']) && $_FILES['image']['size']>0 ){
$directory="$abs_path";
$filename=substr(md5(microtime()),0,5)."_".$_FILES['image']['name'];
move_uploaded_file($_FILES['image']['tmp_name'],$directory.$filename);
chmod($directory.$filename,0644);
$query = "UPDATE $table SET imagefile='$filename' WHERE username='$username' LIMIT 1";
echo "<p align=\"center\"><b>Pending approval. . .</b></p>
<p align=\"center\"><font color=green>Thank you, $username!</font></br></center>";
}else{
problem('Only image files are allowed to be uploaded, please try again!');
}
$result1 = mysql_query ($query) or die('Mysql threw an error: ' . mysql_error());
}
?>
part 3: update email, sitename etc. leaving blank fields unchanged
//update everything else
<?
@mysql_select_db($db);
$arr = mysql_fetch_assoc(mysql_query("SELECT * FROM $table WHERE username = '{$_POST['username']}' AND '{$_POST['oldpw']}'"));
if ($_POST['pw'] != $arr['pw']) {
problem('You do not have permission to update this profile.');
}
else {
foreach ($_POST as $key => $value)
{
if ($value != $arr[$key])
{
if ($value != "")
{
mysql_query("UPDATE $table SET $key = '{$value}' WHERE username = '{$_POST['username']}' LIMIT 1");
}
}
}
}
$query = mysql_query($arr) or problem('Cannot query the database.' . mysql_error());
function problem($problem) {
require_once('header.php');
echo '
<p align="center"><font color="#FF0000"><b>ERROR</b></font></p>
<p> </p>
<p align="center">'.$problem.'</p>
<p> </p>
<p> </p>
<p align="center"><a href="javascript:history.go(-1)">Retry</a></p>
';
require_once('footer.php');
exit();
}
include 'include/footer.php';
?>
Since it's updating on the fly, I need check password against username (part 3 of my script) to do information updating.
Also, I want to give the option to change a submitted image...
I can't see where I went wrong, I'm hoping fresh eyes can point me in the right direction why my 3 codes hate working together...and why it's not updating my db.
edit: maybe this should have gone in the php coding help forum?
