the membership tutorial that im sure your all sick of reading about..

liam.smith · 04-15-2007

bet you get loads of visitors here asking about that tutorial right?
sadly I am yet another person who is stuck and I apologise now if im out of place asking for help here, if its the wrong section please someone move it, or just tell me i cant post here and i'll delete it.

dont wanna make anyone peed off, just need a bit of help and rather than (continue) to wrack my brains over just why its not working, thought id ask you lot seens as it could be something really simple (to you anyway)

so...i followed the instructions fine, and got everything set up, exept when i email the validation link, it sends the email fine but when you click the link inside it comes up page not found. i dont know why because the page exists =/

also, if i go into phpmyadmin and physically change the figure from 0 to 1 in the actkey feild for a user, they can then log in fine. its just that the link to validate in the email isnt doing what its sposed to.

any ideas why?
again sorry if this is wasting everyones time but im not afraid to ask for help so

thanks
liamx

**tamlin** · 04-15-2007

Hi liam,
Don't worry, you're not wasting anyone's time - this is the right place to ask questions if you're stuck.

I'm afraid I can't help you with your problem as PHP is all Greek to me, and the original author of the tutorial doesn't seem to be around here anymore, but I'm sure one of our resident web gurus will be along shortly to help you out.

Paging Dr. NotJustGraphics! You're needed in the O.R. stat!

liam.smith · 04-15-2007

hey
so I have fixed whatever problem I had and have the script running fine now =]

I feel bad for wasting the time of those who read this but I promise it was a last resort and I had no idea why it wasnt working and I dont now know why it suddenly worked, I just re did EXACTLY what Id done the first time =/

who knows but at least its working! good as that is though it raises my next task (im no php'er im learning as I go via tutorials and kind peoples help).

So let me tell you what i want to do next and you can tell me how feasable it is, if you wouldnt mind..

OK so i have it set up that someone can sign up, and log in and see their member profile where they can chage their password etc thanks to the tutorial here on BR.com

now, through various other resources online I am able to make a form, and have it so that when you enter information onto the form what you enter is stored in the database in the relevant table and fields. I also know how to make a search form that will look up whatever you type and if its in the databse, show it on screen.

This is all good and well but what i DONT know how to do (and thats hopefully where you guys come in) is how to make it so that when you sign up and then log in, the data you enter on the form belongs to that account. and so that only the person logged into that account can edit what they enterered. (i have the edit form but at the moment it allows anyone to edit anyone elses information).

So basically i want it so that someone signs up, enters some info on a form, making a profile, then whenever they like they can log in and edit what they wrote using the same form.

Like i said i have this set up atm the enter and edit form, but anyone can use it i need to link it with the members ID or whatever.

anyone think that sounds incredibly easy? or really difficult? I literally have no idea how hard it would be to do so before i go searching the net trying to do it figured id see how 'do-able' it is

loooong post. sorry! hope someone replies though =]
thanks for reading and if you need any more info just let me know, can even show you some forms online to illustrate what i mean if need be
xliam

*unleash* · 04-15-2007

well good you fixed the problem,

and as long as you're not spamming you can't waste any ones time on this forum. Because we got loads of time, you will see

*notjustgraphics* · 04-15-2007

Hi liam.smith

I'll assume you're using some type of "SELECT" query to display the info in the edit form... you need to restrict the active record by using a WHERE condition:

PHP Code:


			
SELECT * FROM table WHERE memberid = '#####'

Of course, table is the name of your table. memberid is the fieldname for your membership id's, and ##### is the specific id number for that user.

This way, the user will only see the data recorded for their account.

When the change the data, and I'll assume you are using a Java Submit function, you need to apply the same condition to your "UPDATE" query:

PHP Code:


			
UPDATE table SET field1 = 'value', field2 = 'value' WHERE memberid = '#####'

Again, table is the name of your table, memberid is the fieldname for your membership id's, and ##### is the specific id number for that user. field1 is the first information field you wish to update with the users new changes, field2 is the second, and so on.

I hope this helps.

Mike.

liam.smith · 04-21-2007

hi all
thanks for the help mike but im afraid im not really getting it =[

Let me try giving you my code and see if you can better understand where Im coming from?

I have used the tutorial on biorust to make the member system so that you can sign up and log in. All their info is stored in a table called "users"

the registration page for members

PHP Code:


			
<?php



include 'config.php';



if(isset($_POST['submit']))

{



$first = addslashes(trim($_POST['firstname']));

$surname = addslashes(trim($_POST['surname']));

$username = addslashes(trim($_POST['username']));

$email = addslashes(trim($_POST['email']));

$pass = addslashes(trim($_POST['password']));

$conf = addslashes(trim($_POST['confirm']));



$ip = $_SERVER['REMOTE_ADDR'];

$date = date("d, m y");



if ( $_POST['password'] == $_POST['confirm'] )

{}else{



echo '<script>alert("Your passwords did not match =[ please enter the same password in each field.");</script>';

echo '<script>history.back(1);</script>';

exit;



}



$password = md5($pass);



if ((((( empty($first) ) || ( empty($surname) ) || ( empty($username) ) || ( empty($email) ) || ( empty($password) )))))

{



echo '<script>alert("One or more field was left empty, gotta fill them all out!.");</script>';

echo '<script>history.back(1);</script>';

exit;



}



if((!strstr($email , "@")) || (!strstr($email , ".")))

{



echo '<script>alert("Pretty sure thats not a real email address. Please try again =p");</script>';

echo '<script>history.back(1);</script>';

exit;



}



$q = mysql_query("SELECT * FROM Users WHERE Username = '$username'") or die(mysql_error());

if(mysql_num_rows($q) > 0)

{



echo '<script>alert("Sadly that name already belongs to someone else =[ Try something else?");</script>';

echo '<script>history.back(1);</script>';

exit;



}



$name = $first . ' ' . $surname;

$actkey = mt_rand(1, 500).'f78dj899dd';

$act = sha1($actkey);



$query = mysql_query("INSERT INTO Users (Username, Password, Name, Email, Date, IP, Actkey) VALUES ('$username','$password','$name','$email','$date','$ip','$act')") or die(mysql_error());

$send = mail($email , "Registration Confirmation" , "Thank you for registering with YourScene!.\n\nYour username and password is below, along with details on how to activate your account.\n\nUser: ".$username."\nPass: ".$pass."\n\nClick the link below to activate your account:\nhttp://ys.hgbforum.net/activate.php?id=".$act."\n\nPlease do not reply to this email as its not an email address we check!.\n\nThanks", "FROM: contact@hgbforum.net");



if(($query)&&($send))

{



echo ' <html>

<head>

<title>Success</title>

<link href="style.css" rel="stylesheet" type="text/css">

</head>



<body>



<div id="success">

<p>Thank you for signing up to YourScene! you should recieve an email soon with your login details and your activation link so that you can activate your account.</p>

<p><a href="login.php">Click here</a> to login once you have activated your account.</p>

</div>



</body>

</html>

'; 



} else {



echo '

<html>

<head>

<title>Error</title>

<link href="style.css" rel="stylesheet" type="text/css">

</head>



<body>



<div id="error">

<p>We are sorry, there appears to be a problem with our website at the moment =[</p>

<p>Fear not though! Your data was not lost! Username: '.$username.' | Password: '.$pass.' | Email: '.$email.' | Full name: '.$name.'</p>

<p>Please try again in a little while.</p>

</div>



</body>

</html>

'; 



}



} else {



?>

<html>

<head>

<title>Sign Up</title>

<link href="style.css" rel="stylesheet" type="text/css">

</head>



<body>



<div id="wrapper">



<div id="head">the registration page</div>

<br>

<div id="main"> 

<p>Welcome to the registration, fill out the form below and hit Submit. All fields are required,so fill them all out! </p>

<form action="<?= $_SERVER['PHP_SELF'] ?>" method="post">

<table width="100%" border="0" cellpadding="0" cellspacing="0">

<tr>

<td width="50%">First name </td>

<td width="50%"><input name="firstname" type="text" id="firstname"></td>

</tr>

<tr>

<td>Surname</td>

<td><input name="surname" type="text" id="surname"></td>

</tr>

<tr>

<td>Email Address </td>

<td><input name="email" type="text" id="email"></td>

</tr>

<tr>

<td>Username</td>

<td><input name="username" type="text" id="username"></td>

</tr>

<tr>

<td>Password</td>

<td><input name="password" type="password" id="password"></td>

</tr>

<tr>

<td>Confirm Password </td>

<td><input name="confirm" type="password" id="confirm"></td>

</tr>

<tr>

<td>Register</td>

<td><input name="submit" type="submit" class="textBox" value="Submit"></td>

</tr>

</table>

</form>

When you click sumbit, you will be sent an email containing your username, password and details on how to activate your account =] </div>



</div>



</body>

</html>



<? } mysql_close($l); ?>

Seperatley I have a form that allows you to enter information into the table "bandprofile" in the same database.

Enter into bandprofile

PHP Code:


			
<html>

<head>

<link href="style.css" rel="stylesheet" type="text/css">

</head>

<body>

<?php

include("config.php");

if ($_POST['process'] == "yes") {

$name=addslashes($_POST['name']);

$bio=addslashes($_POST['bio']);

$site=addslashes($_POST['site']);

$photo=addslashes($_POST['photo']);

mysql_query("INSERT INTO bandprofile (name,bio,site,photo) VALUES('$name','$bio','$site','$photo')") or die(mysql_error());

?>

<p>Sorted! Your profiles all done =]</p>

<?php

}

else {

?>

<form action="makeprofile.php" method="post">

<input type="hidden" name="process" value="yes" />

<center><h1>Make A Profile</h1><br /> <br /></center>

<table border="0">

<tr>

<td>Band Name:</td>

<td><input type="text" name="name" /></td>

</tr>

<tr>

<td valign="top">Bio:</td>

<td><textarea rows="10" cols="20" name="bio"></textarea></td>

</tr>

<tr>

<td>URL to image:</td>

<td><input type="text" name="photo" /></td>

</tr>

<tr>

<td>Website:</td>

<td><input type="text" name="site" /></td>

</tr>

</table>

<br />

<input type="submit" value="Go" />

</form>

<?php

}

?> 

</body>

</html>

What id like is for when you sign up as a member your members page has a link (such as "customise my profile") to the bandprofile form on it. You fill it out and the info is sent to the table "bandprofile". Then, the next time you log in and click the link "customise my profile" the form is shown and in the different fields are all the information you entered last time.

Id like it so that you (as a member) can ONLY see / use the form that edits YOUR information

please, anyone that can help with this id be most grateful and could even give credit on my site if youd like =]

hope to hear back soon and any more information needed just ask!

(ps. sorry about the delay in response from myself Ive not been well latley)

thanks
Liamx

*notjustgraphics* · 04-21-2007

I understand what you are trying to do... I think...

If I am correct, you will have your user information in one table and the band profile information in another table. I'll assume that all members will have a record in the user table, and only those who choose to create a profile will have a record in the bandprofile table.

The easiest way to accomplish what you are trying is to create a field in the "user" table called something like "band_profile_id". This should be allowed to be NULL but should likely be an integer.

In the bandprofile table, you have to create a field called id or for convenience sake, "band_profile_id" and make this an integer also, but set it as a KEY and make it "Auto Increment". Then add a field called "username" that is the same configuration as the "username" field from the users table.

Now, when you update your records in each table, you can "cross-link" the users in the users table to the proper "band_profile_id" and vice-versa, you can link the band profiles to the proper username.

Once your tables are cross-linked, you can use SELECT FOR and UPDATE WHERE queries to properly pull records and/or update them from your forms.

You will have to modify the script extensively to accomplish what you are trying to do, and while I would love to help you out it is no quick task and unfortunately I don't have a lot of free time. I hope you are familiar enough with PHP and SQL to use the tips above to work this out on your own...

I'll keep an eye on this post if you need additional help, let me know.. I'll help when and how I can.

Mike.

liam.smith · 04-22-2007

Thank you SO much for taking the time to explain that to me =]

sadly its not what I wanted to hear =[ its taken me so long just to get where I am now and it appears I still have a HUGE hurdle.

I have only gotten into php and mysql to acheive this idea I had but maybe its better just left as an idea =[

*EDIT*
Ive just had a thought but im sure if it made it easier you may have already considered it but just incase...

What if I have ALL my information (log in and profile) in ONE table. and ONE form so when you sign up you see a form like:

Username:
Password:
Re-type password:

-----------------------

Band Name:
Band Bio:
Band Photo (url):
Band website (url):

with an ID field in the table.
THEN when Im making the edit info form, use Where ID = 1 (or whatever the member id is of the person who logged in)
and all the fields of the form have the information the user entered at sign up ready to edit.

would that work at all?
thanks

*notjustgraphics* · 04-22-2007

Yes, using a single form and a single table would definitely simplify matters...

There would be no need for cross-linking.

You simply need to add the fields to your form and change the PHP file to store the new fields in the table as well.

And yes, when you're using the WHERE clause to specify which user's records to retrieve, it will retrieve the band profile info as well, but you'll have to add those fields to the SELECT query as well.

Hope this helps a bit...

Mike.

liam.smith · 04-22-2007

Thanks for the speedy response.

OK so ive merged the two forms into one (the new member and new band profile forms) and they both sumbit all the right information into the right tables.

and the search and display profile still works fine =]

now just the editing bit. Ive made an edit form using a tutorial and the code looks like this:

PHP Code:


			
<? 

mysql_connect("HOST","DBUSERNAME","PASSWORD"); 

    

mysql_select_db("DBNAME"); 



if(!isset($cmd)) 

{

   $result = mysql_query("select * from Users order by id"); 

   

   while($r=mysql_fetch_array($result)) 

   { 

      $bandname=$r["bandname"];

      $id=$r["id"];

     

      echo "<a href='edit.php?cmd=edit&id=$id'>$bandname - Edit</a>";

      echo "<br>";

    }

}

?>



<?

if($_GET["cmd"]=="edit" || $_POST["cmd"]=="edit")

{

   if (!isset($_POST["submit"]))

   {

      $id = $_GET["id"];

      $sql = "SELECT * FROM Users WHERE id=$id";

      $result = mysql_query($sql);        

      $myrow = mysql_fetch_array($result);

      ?>

      

      <form action="edit.php" method="post">

      <input type=hidden name="id" value="<?php echo $myrow["id"] ?>">

   

      Band Name:<INPUT TYPE="TEXT" NAME="bandname" VALUE="<?php echo $myrow["bandname"] ?>" SIZE=30><br>

      Band Bio:<INPUT TYPE="TEXT" NAME="bio" VALUE="<?php echo $myrow["bio"] ?>" SIZE=30><br>

      Band Photo:<INPUT TYPE="TEXT" NAME="photo" VALUE="<?php echo $myrow["photo"] ?>" SIZE=30><br>

      Band Website:<INPUT TYPE="TEXT" NAME="site" VALUE="<?php echo $myrow["site"] ?>" SIZE=30><br>

      <input type="hidden" name="cmd" value="edit">

   

      <input type="submit" name="submit" value="submit">

   

      </form>

   

   <? } ?>

<?

   if ($_POST["$submit"])

   {

      $bandname = $_POST["bandname"];

      $bio = $_POST["bio"];

      $photo = $_POST["photo"];

      $site = $_POST["site"];

      $sql = "UPDATE Users SET bandname='$bandname',bio='$bio',photo='$photo',site='$site' WHERE id=$id";



      $result = mysql_query($sql);

      echo "Thank you! Information updated.";

   }

}

?>

Now this works in so much as it allows you to select an entry, and edit the fields. but i have to click the name of the prfile id like to edit first.

I was wondering, could you fix it so that i can put a link on my members page (the page you see when you sucessfully log in) saying "edit profile" and when you click it you are shown the form filled in with just your information automatically?

thanks for all your help on this by the way! but considering where I was not afew days ago I think we are making great progress wouldnt you say =]
x