2014-09-20 24 views
0

以下腳本更新數據庫。 問題......我不知道如何將ID更改爲已登錄的實際用戶。我目前使用電子郵件地址作爲登錄用戶名。電子郵件地址作爲電子郵件存儲在數據庫中。更新函數,用戶標識未知

<?php 

    session_start(); 

$con=mysqli_connect("localhost", "root", "", "test"); 

if (mysqli_connect_errno()) { 

    echo "Failed to connect to MySQL: " . mysqli_connect_error(); 
} 


$firstname = mysqli_real_escape_string($con, $_POST['firstname']); 

$lastname = mysqli_real_escape_string($con, $_POST['lastname']); 


$sql="UPDATE users SET `firstname`='$firstname' WHERE `id???`=??#?? LIMIT 1"; 


if (!mysqli_query($con,$sql)) { 

    die('Error: ' . mysqli_error($con)); 

} 

echo "1 record added"; 

mysqli_close($con); 

?> 

<?php 

if(!isset($_SESSION['email'])){ 
    session_start(); 
} 

    if($_GET["logout"]==1 AND $_SESSION['id']) { session_destroy(); 

     $message="You have been logged out"; 

    } 

include("connection.php"); 

if ($_POST['submit']=="Sign Up") { 

    if (!$_POST['email']) $error.="<br />Please enter your email"; 
     else if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) $error.="<br />Please enter a valid email address"; 

    if (!$_POST['password']) $error.="<br />Please enter your password"; 
     else { 

     if (strlen($_POST['password'])<8) $error.="<br />Please enter a password with at least 8 characters"; 
     if (!preg_match('`[A-Z]`', $_POST['password'])) $error.="<br />Please enter at least 1 capital letter"; 

     } 

    if ($error) $error = "There were error(s) in your signup details:".$error; 
    else { 


     $query = "SELECT * FROM `users` WHERE email='".mysqli_real_escape_string($link, $_POST['email'])."'"; 

     $result = mysqli_query($link, $query); 

     $results = mysqli_num_rows($result); 

     if ($results) $error = "That email address is already registered"; 

     else { 

      $query="INSERT INTO `users` (`email`, `password`) VALUES('".mysqli_real_escape_string($link, $_POST['email'])."', '".md5(md5($_POST['email']).$_POST['password'])."')"; 

      mysqli_query($link, $query); 

      $message = "You've been signed up!"; 

      $_SESSION['id']=mysqli_insert_id($link);    

      header("Location:profile.php"); 

     } 

    } 

} 

if ($_POST['submit']=="Log In") { 

    $query="SELECT * FROM `users` WHERE email='".mysqli_real_escape_string($link, $_POST['loginemail'])."' AND password='".md5(md5($_POST['loginemail']).$_POST['loginpassword'])."' LIMIT 1"; 

    $result = mysqli_query($link, $query); 

    $row = mysqli_fetch_array($result); 

    if ($row) { 

     $_SESSION['id']=$row['id']; 

      header("Location:profile.php"); 

     } else { 

     $loginerror = "We could not find a user with that email and password. Please try again."; 

     } 
    } 
?> 
+2

你忘了張貼代碼親愛的。 – 2014-09-20 08:24:13

回答

0

您需要在登錄時將用戶ID存儲在會話變量中來執行此操作。 例如,在您的登錄腳本:

if(!isset($_SESSION)){ 
    session_start(); 
} 

//有些登錄腳本,你做一個查詢表對,以確認用戶的詳細信息。

$_SESSION['userid'] = $parameter_containing_result_from_login_query 

然後在你的上面更新您使用:

$sql="UPDATE users SET `firstname`='$firstname', `lastname` = '$lastname' WHERE `id`='" . $_SESSION['userid'] . "'"; 
+0

是這樣的嗎? JUST編輯了上述內容 – Anthony 2014-09-20 15:55:02