我希望更新用户信息,如果他希望如他的名字,密码和头像图片。我不知道如何以及在何处保留UPDATE sql语句。这些更改将在个人资料页面中进行
profile.php:
session_start();
if (!isset($_SESSION['username'])) {
header("Location: login.php");
}
<form action="profile.php" method="post" enctype="multipart/form-data" autocomplete="off">
<fieldset>
<label for="firstName">First Name:</label>
<input type="text" name="firstName" placeholder="Your firstname" required>
<label for="password">Password:</label>
<input type="text" name="password" placeholder="Your new password">
<label>Upload a new profile picture: </label><input type="file" name="avatar" accept="image/*" />
<input type="submit" value="Submit Changes" name="changes" />
</fieldset>
users.php
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") {
//two passwords are equal to each other
if ($_POST['password'] == $_POST['confirmpassword']) {
//define other variables with submitted values from $_POST
$firstName = $mysqli->real_escape_string($_POST['firstName']);
$lastName = $mysqli->real_escape_string($_POST['lastName']);
$username = $mysqli->real_escape_string($_POST['username']);
$password = $mysqli->real_escape_string($_POST['password']);
$email = $mysqli->real_escape_string($_POST['email']);
$date = $mysqli->real_escape_string($_POST['regDate']);
//we can also do md5 hash password for security
// $password = md5($_POST['password']);
//
//path were our avatar image will be stored
$avatar_path = $mysqli->real_escape_string('images/' . $_FILES['avatar']['name']);
//checking email
//make sure the file type is image, image properties validates
if (preg_match("!image!", $_FILES['avatar']['type'])) {
//copy image to images/ folder
if (copy($_FILES['avatar']['tmp_name'], $avatar_path)) {
//if email does not already exist
//set session variables to display on the index page
$_SESSION['username'] = $username;
$_SESSION['avatar'] = $avatar_path;
//insert user data into database
$sql = "INSERT INTO users (firstName, lastName, username, email, password, avatar, regDate) "
. "VALUES ('$firstName','$lastName','$username', '$email', '$password', '$avatar_path', NOW())";
//check if mysql query is successful
if ($mysqli->query($sql) === true) {
header("location: index.php");
} else {
$_SESSION['message'] = 'User could not be added to the database!';
}
$mysqli->close();
} else {
$_SESSION['message'] = '';
}
} else {
$_SESSION['message'] = '';
}
} else {
$_SESSION['message'] = '';
}
}
我还有一个register.php,其中包含以下代码: 如会话开始; 以及用户需要的连接
UpdateUser两个:
if ($_SERVER["REQUEST_METHOD"] == "POST") {
//define other variables with submitted values from $_POST
$firstName = $mysqli->real_escape_string($_POST['firstName']);
$password = $mysqli->real_escape_string($_POST['password']);
$avatar_path = $mysqli->real_escape_string('images/' . $_FILES['avatar']['name']);
//make sure the file type is image, image properties validates
if (preg_match("!image!", $_FILES['avatar']['type'])) {
//copy image to images/ folder
if (copy($_FILES['avatar']['tmp_name'], $avatar_path)) {
//if email does not already exist
//set session variables to display on the index page
$_SESSION['username'] = $username;
$_SESSION['avatar'] = $avatar_path;
//insert user data into database
$sql = "UPDATE INTO users (firstName, password, avatar) "
. "VALUES ('$firstName', '$password', '$avatar_path'";
//check if mysql query is successful
if ($mysqli->query($sql) === true) {
echo 'updated successfully';
header("location: index.php");
} else {
$_SESSION['message'] = 'User could not be added to the database!';
}
$mysqli->close();
} else {
$_SESSION['message'] = 'File upload failed!';
}
} else {
$_SESSION['message'] = 'Please only upload GIF, JPG or PNG images!';
}
}
更新了profile.php
session_start();
if (!isset($_SESSION['username'])) {
header("Location: login.php");
}
$text = "Welcome to your profile page";
$_SESSION['message'] = '';
$mysqli = new mysqli("localhost", "root", "", "");
require 'updateUser.php';
答案 0 :(得分:0)
您可以将新的UPDATE查询放在另一个文件中,如果您想要哪个action="newfilename.php",那么您可以使用$_POST["firstname"]和其他输入然后添加它们到您的SQL查询。