DJ-Sound
08-10-2004, 07:22 PM
Okay heres the script:
session_name ('YourVisitID');
session_start(); // Start the session.
// If no session is present, redirect the user.
if (!isset($_SESSION['dj_username'])) {
header ("Location: http://www.prodjfinder.com" );
exit(); // Quit the script.
}
// Set the page title and include the HTML header.
include ('templates/header.inc');
if (isset($_POST['submit'])) { // Handle the form.
// Register the user in the database.
require_once ('../mysql_connect.php');
// Create a function for escaping the data.
function escape_data ($data) {
global $dbc; // Need the connection.
if (ini_get('magic_quotes_gpc')) {
$data = stripslashes($data);
}
return mysql_real_escape_string($data, $dbc);
} // End of function.
$message = NULL; // Create an empty new variable.
// Check for a Company Name
if (empty($_POST['dj_company'])) {
$cn = mysql_query("SELECT dj_company FROM dj_standard_listings WHERE (dj_username = '{$_SESSION['dj_username']}')")or die(mysql_error());
} else {
$cn = escape_data($_POST['dj_company']);
}
// Check for a Phone Number
if (empty($_POST['dj_phone'])) {
$pn = mysql_query("SELECT dj_phone FROM dj_standard_listings WHERE (dj_username = '{$_SESSION['dj_username']}')")or die(mysql_error());
} else {
$pn = escape_data($_POST['dj_phone']);
}
// Check for a email address
if (empty($_POST['dj_email'])) {
$cn = mysql_query("SELECT dj_email FROM dj_standard_listings WHERE (dj_username = '{$_SESSION['dj_username']}')")or die(mysql_error());
} else {
$cn = escape_data($_POST['dj_email']);
}
// Check for a Company description
if (empty($_POST['dj_description'])) {
$d = mysql_query("SELECT dj_description FROM dj_standard_listings WHERE (dj_username = '{$_SESSION['dj_username']}')")or die(mysql_error());
} else {
$d = escape_data($_POST['dj_description']);
}
// Check for a Website
if (empty($_POST['dj_website'])) {
$w = mysql_query("SELECT dj_website FROM dj_standard_listings WHERE (dj_username = '{$_SESSION['dj_username']}')")or die(mysql_error());
} else {
$w = escape_data($_POST['dj_website']);
}
// Check for a Country
if (empty($_POST['dj_country'])) {
$c = mysql_query("SELECT dj_country FROM dj_standard_listings WHERE (dj_username = '{$_SESSION['dj_username']}')")or die(mysql_error());
} else {
$c = escape_data($_POST['dj_country']);
}
// Check for state
if (empty($_POST['dj_state'])) {
$s = mysql_query("SELECT dj_state FROM dj_standard_listings WHERE (dj_username = '{$_SESSION['dj_username']}')")or die(mysql_error());
} else {
$s = escape_data($_POST['dj_state']);
}
//Check for a city
if (empty($_POST['dj_city'])) {
$ct = mysql_query("SELECT dj_city FROM dj_standard_listings WHERE (dj_username = '{$_SESSION['dj_username']}')")or die(mysql_error());
} else {
$ct = escape_data($_POST['dj_city']);
}
if ($cn) { // If everything's OK.
$query = "SELECT dj_username FROM djs WHERE (dj_username='$u')";
$result = @mysql_query ($query); // Run the query.
if (mysql_num_rows($result) == 1) {
// Make the query.
$query = "UPDATE djs SET dj_company='$cn', dj_phone='$pn', dj_email= '$e' WHERE (dj_username='{$_SESSION['dj_username']}')";
$result = mysql_query($query)or die(mysql_error()); // Run the query.
$query = "UPDATE dj_standard_listings SET dj_company='$cn, dj_phone='$pn', dj_email='$e', dj_description='$d', dj_website = '$w', dj_country = '$c', dj_state = '$s', dj_city = '$ct' WHERE (dj_username = '{$_SESSION['dj_username']}'))";
$result = mysql_query($query)or die(mysql_error()); // Run the query.
if ($result) { // If it ran OK.
header("Location: http://www.prodjfinder.com/sample/06/06/html/djaccount.php");
echo "Your Listing Has Been Updated!";
} else { // If it did not run OK.
$message = '<p>You could not be registered due to a system error. We apologize for any inconvenience.</p><p>' . mysql_error() . '</p>';
}
} else {
$message = '<p>That username is already taken.</p>';
}
// Close the database connection.
} else {
$message .= '<p>Please try again.</p>';
}
} // End of the main Submit conditional.
// Print the error message if there is one.
if (isset($message)) {
echo '$message';
}
?>
Rest of the page:
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" name="f" method="post">
<fieldset>
<div align="center">
<legend>Enter your information in the form below:</legend>
</div>
<p align="center">Username: <?php echo "{$_SESSION['dj_username']}"; ?></p>
<p align="center"><b>Company Name:
<input type="text" name="dj_company" size="40" maxlength="120" value="<?php if (isset($_POST['dj_company'])) echo $_POST['dj_company']; ?>">
</b></p>
<p align="center"><b>Phone Number:
<input type="text" name="dj_phone" size="40" maxlength="120" value="<?php if (isset($_POST['dj_phone'])) echo $_POST['dj_phone']; ?>">
</b></p>
<p align="center"><b>Email Address:</b>
<input type="text" name="dj_email" size="40" maxlength="40" value="<?php if (isset($_POST['dj_email'])) echo $_POST['dj_email']; ?>" />
</p>
<p align="center"><strong>Company Description:
<textarea name="dj_description" cols="40"><?php if (isset($_POST['dj_description'])) echo $_POST['dj_description']; ?></textarea>
</strong></p>
<p align="center"><strong>Web site:
<input name="dj_website" type="text" value="<?php if (isset($_POST['dj_website'])) echo $_POST['dj_website']; ?>" size="40">
</strong></p>
<p align="center"><strong>Country:
<select name="dj_country" size="2">
<option value="usa" selected >United States</option>
<option value="can" >Canada</option>
</select>
</strong></p>
<p align="center"><strong>State/Province:
<select name="dj_state" size="5" style="width:180; font: 8pt verdana,arial;" onchange="set_state(this.value);">
<option value="">Please select
</select>
<script> fill_states(); </script>
</strong></p>
<p align="center"><strong>City:
<select name="dj_city" size="5" style="width:180; font: 8pt verdana,arial;">
<option value="">Please select state
</select>
</strong></p>
</fieldset>
<div align="center">
<p> </p>
<p>
<input type="submit" name="Submit" value="Update">
</p>
</div>
</form><!-- End of Form -->
<?php
include ('templates/footer.inc'); // Include the HTML footer.
?>
Problem is, I am not getting any errors, its Not updating the database.. I can't figure it out..... Are my querys right? I have spent days trying to debug this script..
any help is always greatly appreicated!!!
-Ryan
session_name ('YourVisitID');
session_start(); // Start the session.
// If no session is present, redirect the user.
if (!isset($_SESSION['dj_username'])) {
header ("Location: http://www.prodjfinder.com" );
exit(); // Quit the script.
}
// Set the page title and include the HTML header.
include ('templates/header.inc');
if (isset($_POST['submit'])) { // Handle the form.
// Register the user in the database.
require_once ('../mysql_connect.php');
// Create a function for escaping the data.
function escape_data ($data) {
global $dbc; // Need the connection.
if (ini_get('magic_quotes_gpc')) {
$data = stripslashes($data);
}
return mysql_real_escape_string($data, $dbc);
} // End of function.
$message = NULL; // Create an empty new variable.
// Check for a Company Name
if (empty($_POST['dj_company'])) {
$cn = mysql_query("SELECT dj_company FROM dj_standard_listings WHERE (dj_username = '{$_SESSION['dj_username']}')")or die(mysql_error());
} else {
$cn = escape_data($_POST['dj_company']);
}
// Check for a Phone Number
if (empty($_POST['dj_phone'])) {
$pn = mysql_query("SELECT dj_phone FROM dj_standard_listings WHERE (dj_username = '{$_SESSION['dj_username']}')")or die(mysql_error());
} else {
$pn = escape_data($_POST['dj_phone']);
}
// Check for a email address
if (empty($_POST['dj_email'])) {
$cn = mysql_query("SELECT dj_email FROM dj_standard_listings WHERE (dj_username = '{$_SESSION['dj_username']}')")or die(mysql_error());
} else {
$cn = escape_data($_POST['dj_email']);
}
// Check for a Company description
if (empty($_POST['dj_description'])) {
$d = mysql_query("SELECT dj_description FROM dj_standard_listings WHERE (dj_username = '{$_SESSION['dj_username']}')")or die(mysql_error());
} else {
$d = escape_data($_POST['dj_description']);
}
// Check for a Website
if (empty($_POST['dj_website'])) {
$w = mysql_query("SELECT dj_website FROM dj_standard_listings WHERE (dj_username = '{$_SESSION['dj_username']}')")or die(mysql_error());
} else {
$w = escape_data($_POST['dj_website']);
}
// Check for a Country
if (empty($_POST['dj_country'])) {
$c = mysql_query("SELECT dj_country FROM dj_standard_listings WHERE (dj_username = '{$_SESSION['dj_username']}')")or die(mysql_error());
} else {
$c = escape_data($_POST['dj_country']);
}
// Check for state
if (empty($_POST['dj_state'])) {
$s = mysql_query("SELECT dj_state FROM dj_standard_listings WHERE (dj_username = '{$_SESSION['dj_username']}')")or die(mysql_error());
} else {
$s = escape_data($_POST['dj_state']);
}
//Check for a city
if (empty($_POST['dj_city'])) {
$ct = mysql_query("SELECT dj_city FROM dj_standard_listings WHERE (dj_username = '{$_SESSION['dj_username']}')")or die(mysql_error());
} else {
$ct = escape_data($_POST['dj_city']);
}
if ($cn) { // If everything's OK.
$query = "SELECT dj_username FROM djs WHERE (dj_username='$u')";
$result = @mysql_query ($query); // Run the query.
if (mysql_num_rows($result) == 1) {
// Make the query.
$query = "UPDATE djs SET dj_company='$cn', dj_phone='$pn', dj_email= '$e' WHERE (dj_username='{$_SESSION['dj_username']}')";
$result = mysql_query($query)or die(mysql_error()); // Run the query.
$query = "UPDATE dj_standard_listings SET dj_company='$cn, dj_phone='$pn', dj_email='$e', dj_description='$d', dj_website = '$w', dj_country = '$c', dj_state = '$s', dj_city = '$ct' WHERE (dj_username = '{$_SESSION['dj_username']}'))";
$result = mysql_query($query)or die(mysql_error()); // Run the query.
if ($result) { // If it ran OK.
header("Location: http://www.prodjfinder.com/sample/06/06/html/djaccount.php");
echo "Your Listing Has Been Updated!";
} else { // If it did not run OK.
$message = '<p>You could not be registered due to a system error. We apologize for any inconvenience.</p><p>' . mysql_error() . '</p>';
}
} else {
$message = '<p>That username is already taken.</p>';
}
// Close the database connection.
} else {
$message .= '<p>Please try again.</p>';
}
} // End of the main Submit conditional.
// Print the error message if there is one.
if (isset($message)) {
echo '$message';
}
?>
Rest of the page:
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" name="f" method="post">
<fieldset>
<div align="center">
<legend>Enter your information in the form below:</legend>
</div>
<p align="center">Username: <?php echo "{$_SESSION['dj_username']}"; ?></p>
<p align="center"><b>Company Name:
<input type="text" name="dj_company" size="40" maxlength="120" value="<?php if (isset($_POST['dj_company'])) echo $_POST['dj_company']; ?>">
</b></p>
<p align="center"><b>Phone Number:
<input type="text" name="dj_phone" size="40" maxlength="120" value="<?php if (isset($_POST['dj_phone'])) echo $_POST['dj_phone']; ?>">
</b></p>
<p align="center"><b>Email Address:</b>
<input type="text" name="dj_email" size="40" maxlength="40" value="<?php if (isset($_POST['dj_email'])) echo $_POST['dj_email']; ?>" />
</p>
<p align="center"><strong>Company Description:
<textarea name="dj_description" cols="40"><?php if (isset($_POST['dj_description'])) echo $_POST['dj_description']; ?></textarea>
</strong></p>
<p align="center"><strong>Web site:
<input name="dj_website" type="text" value="<?php if (isset($_POST['dj_website'])) echo $_POST['dj_website']; ?>" size="40">
</strong></p>
<p align="center"><strong>Country:
<select name="dj_country" size="2">
<option value="usa" selected >United States</option>
<option value="can" >Canada</option>
</select>
</strong></p>
<p align="center"><strong>State/Province:
<select name="dj_state" size="5" style="width:180; font: 8pt verdana,arial;" onchange="set_state(this.value);">
<option value="">Please select
</select>
<script> fill_states(); </script>
</strong></p>
<p align="center"><strong>City:
<select name="dj_city" size="5" style="width:180; font: 8pt verdana,arial;">
<option value="">Please select state
</select>
</strong></p>
</fieldset>
<div align="center">
<p> </p>
<p>
<input type="submit" name="Submit" value="Update">
</p>
</div>
</form><!-- End of Form -->
<?php
include ('templates/footer.inc'); // Include the HTML footer.
?>
Problem is, I am not getting any errors, its Not updating the database.. I can't figure it out..... Are my querys right? I have spent days trying to debug this script..
any help is always greatly appreicated!!!
-Ryan