Hi
Sorry def the last issue, just testing the edit profile php to make sure is all ok still and I noticed if I edit the number plate for example it updates for the user I am logged in as but if I edit the car tax date for example it is updating it but not for the user I am logged in as, for example I am logged in as id=24 and updating the car tax date for that id but the car tax date is updating for id=23 for some reason, not sure why it is doing that, the code I have is below on the edit-data.php file
<?php
ini_set('display_startup_errors',1);
ini_set('display_errors',1);
error_reporting(-1);
require_once("functions.php");
require_once("db-const.php");
include 'includes/header.php';
if (logged_in() == false) {
redirect_to("login.php");
exit;
} else {
if (isset($_GET['id']) && $_GET['id'] != "") {
$id = $_GET['id'];
} else {
$id = $_SESSION['user_id'];
}
$db = mysqli_connect("" , "", "") or die("Check connection parameters!");
// Optionally skip select_db and use: mysqli_connect(host,user,pass,dbname)
mysqli_select_db($db,"") or die(mysqli_error($db));
if (mysqli_connect_error()) {
die ('Failed to connect to MySQL');
}
}
// Prepared statements are better, but at least escape things before tossing them into a query
$id = mysqli_real_escape_string($db, $id);
$name = mysqli_real_escape_string($db, $_POST['name']);
$email = mysqli_real_escape_string($db, $_POST['email']);
$address1 = mysqli_real_escape_string($db, $_POST['address1']);
$address2 = mysqli_real_escape_string($db, $_POST['address2']);
$town = mysqli_real_escape_string($db, $_POST['town']);
$county = mysqli_real_escape_string($db, $_POST['county']);
$postcode = mysqli_real_escape_string($db, $_POST['postcode']);
$telnumber = mysqli_real_escape_string($db, $_POST['telnumber']);
$mobnumber = mysqli_real_escape_string($db, $_POST['mobnumber']);
$model = mysqli_real_escape_string($db, $_POST['model']);
$numplate = mysqli_real_escape_string($db, $_POST['numplate']);
$sql1 = "UPDATE users SET name='$name', email='$email', address1='$address1', address2='$address2', town='$town', county='$county', postcode='$postcode', telnumber='$telnumber', mobnumber='$mobnumber', model='$model', numplate='$numplate' WHERE id='$id';";
$query1 = mysqli_query($db, $sql1) or die (mysqli_error($db));
$tax = ($_POST['tax']);
$mot = ($_POST['mot']);
$insurance = ($_POST['insurance']);
$insurance = date('Y-m-d', strtotime($_POST['insurance']));
$mot = date('Y-m-d', strtotime($_POST['mot']));
$tax = date('Y-m-d', strtotime($_POST['tax']));
$sql2 = "UPDATE renewal SET renewal_date='$insurance' WHERE item_id=1 LIMIT 1;";
$query2 = mysqli_query($db, $sql2) or die (mysqli_error($db));
$sql3 = "UPDATE renewal SET renewal_date='$mot' WHERE item_id=2 LIMIT 1;";
$query3 = mysqli_query($db, $sql3) or die (mysqli_error($db));
$sql4 = "UPDATE renewal SET renewal_date='$tax' WHERE item_id=3 LIMIT 1;";
$query4 = mysqli_query($db, $sql4) or die (mysqli_error($db));
header("location:profile.php?id={$_SESSION['user_id']}");
?>
<?php include 'includes/footer.php'; ?>
