Editare profilo utente [da amministratore]

sappe

Nuovo Utente
27 Mar 2011
27
0
0
Rieccomi (so che mi odiate ma io vi voglio tanto bene :D) questa è la pagina dove l'amministratore può modificare il profilo di un utente (non può modificare il nickname però, e neanche la password, che non ho inserito infatti):
PHP:
<?php 
$ID=$_GET['ID'];
$sql="SELECT * FROM utenti WHERE IDutente = '$ID'";
$res=mysql_query($sql,$conn)or die("Error!".mysql_error());
while ($records=mysql_fetch_assoc($res)) {
$dateB = $records['DataNascita'];
   $date = explode ( "-", $dateB );
   $year = $date[0];
   $month = $date[1];
   $day = $date[2];
   $dateB = $records['DataNascita'];
	 $place = $records['LuogoNascita'];
   echo <<<MESS
<FORM name="edit" action="editProfile1.php" METHOD=POST>
<input type="hidden" name="$ID" value="ID">
<div><b>Nickname</b>:</div><INPUT type=text name="nickname" value="$records[Nickname]" readonly></br>
<div><b>Name</b>:</div><INPUT type=text name="name" value="$records[Name]"></br>
<div><b>Surname</b>:</div><INPUT type=text name="surname" value="$records[Surname]"></br>
<div><b>Address</b>:</div><INPUT type=text name="address" value="$records[Address]">* This field is not required</br>
<div><b>E-mail</b>:</div><INPUT type=text name="email" value="$records[Email]"></br>
<div><b>Telephone number</b>:</div><INPUT type=text name="telephone" value="$records[Telephone]" onKeyUp="onlynumber(this);">* This field is not required</br>
<div><b>Place of birth</b>:</div><INPUT type=text name="place" value="$place">
<fieldset>
   <legend><b>Birthday</b>:</legend>
	 </br>(actuail birthday: $day/$month/$year)</br>
   <select name="day" >
   <option value="1" selected="selected">1</option>
   <option value="2">2</option>
   <option value="3">3</option>
	 <option value="4">4</option>
	 <option value="5">5</option>
	 <option value="6">6</option>
	 <option value="7">7</option>
	 <option value="8">8</option>
	 <option value="9">9</option>
	 <option value="10">10</option>
	 <option value="11">11</option>
	 <option value="12">12</option>
	 <option value="13">13</option>
	 <option value="14">14</option>
	 <option value="15">15</option>
	 <option value="16">16</option>
	 <option value="17">17</option>
	 <option value="18">18</option>
	 <option value="19">19</option>
	 <option value="20">20</option>
	 <option value="21">21</option>
	 <option value="22">22</option>
	 <option value="23">23</option>
	 <option value="24">24</option>
	 <option value="25">25</option>
	 <option value="26">26</option>
	 <option value="27">27</option>
	 <option value="28">28</option>
	 <option value="29">29</option>
	 <option value="30">30</option>
	 <option value="31">31</option>
  </select>
	 <select name="month" >
   <option value="01" selected="selected">January</option>
   <option value="02">February</option>
   <option value="03">March</option>
	 <option value="04">April</option>
   <option value="05">May</option>
   <option value="06">June</option>
   <option value="07">July</option>
   <option value="08">August</option>
   <option value="09">September</option>
   <option value="10">October</option>
   <option value="11">November</option>
   <option value="12">December</option>
  </select>
	<select name="year" >
   <option value="1950" selected="selected">1950</option>
   <option value="1951">1951</option>
   <option value="1952">1952</option>
	 <option value="1953">1953</option>
	 <option value="1954">1954</option>
	 <option value="1955">1955</option>
	 <option value="1956">1956</option>
	 <option value="1957">1957</option>
	 <option value="1958">1958</option>
	 <option value="1959">1959</option>
	 <option value="1960">1960</option>
	 <option value="1961">1961</option>
	 <option value="1962">1962</option>
	 <option value="1963">1963</option>
	 <option value="1964">1964</option>
	 <option value="1965">1965</option>
	 <option value="1967">1967</option>
	 <option value="1968">1968</option>
	 <option value="1969">1969</option>
	 <option value="1970">1970</option>
	 <option value="1971">1971</option>
	 <option value="1972">1972</option>
	 <option value="1973">1973</option>
	 <option value="1974">1974</option>
	 <option value="1975">1975</option>
	 <option value="1976">1976</option>
	 <option value="1977">1977</option>
	 <option value="1978">1978</option>
	 <option value="1979">1979</option>
	 <option value="1980">1980</option>
	 <option value="1981">1981</option>
	 <option value="1982">1982</option>
	 <option value="1983">1983</option>
	 <option value="1984">1984</option>
	 <option value="1985">1985</option>
	 <option value="1986">1986</option>
	 <option value="1987">1987</option>
	 <option value="1988">1988</option>
	 <option value="1989">1989</option>
	 <option value="1990">1990</option>
	 <option value="1991">1991</option>
	 <option value="1992">1992</option>
	 <option value="1993">1993</option>
	 <option value="1994">1994</option>
	 <option value="1995">1995</option>
	 <option value="1996">1996</option>
	 <option value="1997">1997</option>
	 <option value="1998">1998</option>
	 <option value="1999">1999</option>
	 <option value="2000">2000</option>
	 <option value="2001">2001</option>
	 <option value="2002">2002</option>
	 <option value="2003">2003</option>
	 <option value="2004">2004</option>
	 <option value="2005">2005</option>
	 <option value="2006">2006</option>
	 <option value="2007">2007</option>
	 <option value="2008">2008</option>
	 <option value="2009">2009</option>
	 <option value="2010">2010</option>
  </select>
 </fieldset></br>
<fieldset><label><b>Interests</b>:
 <legend>Select at least one interest, maximum three:</legend><br>
 (actual interests: $records[Interesse1] $records[Interesse2] $records[Interesse3] $records[Interesse4] $records[Interesse5] $records[Interesse6] $records[Interesse7] $records[Interesse8] $records[Interesse9])</br>
 <input type="checkbox" name="int1" value="sketch"/> Sketch
 <br>
 <input type="checkbox" name="int2" value="art"/> Art 
 <br>
 <input type="checkbox" name="int3" value="painting"/> Painting 
 <br>
 <input type="checkbox" name="int4" value="music"/> Music
 <br>
 <input type="checkbox" name="int5" value="games"/> Games
 <br>
 <input type="checkbox" name="int6" value="book"/> Book
 <br>
 <input type="checkbox" name="int7" value="photography"/> Photography
 <br>
 <input type="checkbox" name="int8" value="film"/> Film
 <br>
 <input type="checkbox" name="int9" value="other"/> Other
 </label>
</fieldset>
  </br>
  </br>
  </br>
<div align="center"><button type="submit">
   submit
 </button></div></form>
MESS;
}
 ?>
e questa è la pagina che dovrebbe svolgere l'azione:
PHP:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<?php session_start();
$ID=$_POST['ID'];
$nickname=$_POST['nickname'];
$name=$_POST['name'];
$surname=$_POST['surname'];
$address=$_POST['address'];
$email=$_POST['email'];
$telephone=$_POST['telephone'];
$place=$_POST['place'];
$day=$_POST['day'];
          $month=$_POST['month'];
          $year=$_POST['year'];
          $dateB = $year.'-'.$month.'-'.$day;
$contaInterest = 0;
if (isset($_POST['int1'])){ $int1 = $_POST['int1']; $contaInterest++;
} else {
  $int1='';
}
if (isset($_POST['int2'])){ $int2 = $_POST['int2']; $contaInterest++;
} else {
  $int2='';
}
if (isset($_POST['int3'])){ $int3 = $_POST['int3']; $contaInterest++;
} else {
  $int3='';
} 
if (isset($_POST['int4'])){ $int4 = $_POST['int4']; $contaInterest++;
} else {
  $int4='';
}
if (isset($_POST['int5'])){ $int5 = $_POST['int5']; $contaInterest++;
} else {
  $int5='';
}
if (isset($_POST['int6'])){ $int6 = $_POST['int6']; $contaInterest++;
} else {
  $int6='';
}
if (isset($_POST['int7'])){ $int7 = $_POST['int7']; $contaInterest++;
} else {
  $int7='';
}
if (isset($_POST['int8'])){ $int8 = $_POST['int8']; $contaInterest++;
} else {
  $int8='';
}
if (isset($_POST['int9'])){ $int9 = $_POST['int9']; $contaInterest++;
} else {
  $int9='';
}
?>
<HTML>
<HEAD>
<TITLE>Edit Profile</TITLE><link href="style.css" rel="stylesheet" type="text/css">
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
</HEAD>
<BODY>
<div align="center">
  <TABLE class="maintable" CELLPADDING="0" CELLSPACING="0">
    <TR> 
      <TD COLSPAN=3> <IMG SRC="images/index_01.gif" WIDTH="727" HEIGHT="240" ALT=""></TD>
    </TR>
    <TR> </div>
      <TD ROWSPAN=2 class="navbg" valign="top"><div id="nav">
          <p><span class="h2">Menu</span> <a href="index.php">Home</a> <a href="rules.php">Rules</a> 
            <a href="gallery.php">Gallery</a> <a href="upload.php">Upload</a> <a href="search.php">Search</a>
            <span class="endbox"></span> </p>
						
<?php 
if ((isset($_SESSION['login']))&&((isset($_SESSION['password'])))){
   echo <<<print
	 	 
	 <p><span class="h2">Logout</span> <a href="profile.php">Your Profile</a> <a href="logout.php">Logout</a><span class="endbox"></span> </p>
         <p><span class="h2">Friendship</span> <a href="users.php">Search user</a> <a href="friend.php">My friends</a> <a href="request.php">Friends request</a> <span class="endbox"></span> </p>
print;
}
else {
   echo <<<print
	 
	 <p><span class="h2">Sign in</span> <a href="create.html">Create account</a> <a href="login.htm">Login</a><span class="endbox"></span></p>
print;
}
 ?>
<?php 
include("connessione.inc");
if (isset($_SESSION['login'])) { 
    $login = $_SESSION['login']; 
$sqlA="SELECT Nickname FROM utenti WHERE Nickname = '$login' AND Admin = '1'";
$resA=mysql_query($sqlA,$conn)or die("Error!".mysql_error());
$lines=mysql_num_rows($resA);
if ($lines == 1){
 echo <<<print
	 
	 <p><span class="h2">Admin</span> <a href="admin.php">Administration</a><span class="endbox"></span></p>
print;
}
}
echo <<<print

 </p>
        </div></TD>
      <TD ROWSPAN=2 class="contentbg" valign="top"><div id="content">
print;
 ?>          <h1>Edit Profile</h1>
<?php 
include("connessione.inc");
function control ($name, $surname, $email, $place, $contaInterest){
   $result=true;
	 if ($name=="" or $surname=="" or $email=="" or $place==""){
      $result=false;
	    echo "</br>Missing data</br>";	 
	 }
	 if ($contaInterest > 3){
	    $result=false;
	    echo "</br>Maximum three interests!!</br>";
	 }
}
if (control($name, $surname, $email, $place, $contaInterest) == true){
$sql="UPDATE utenti SET Name='$name' WHERE IDutente='$ID')";
$res=mysql_query($sql,$conn)or die("Error!".mysql_error());
$sql1="UPDATE utenti SET Surname='$surname' WHERE IDutente='$ID')";
$res1=mysql_query($sql1,$conn)or die("Error!".mysql_error());
$sql2="UPDATE utenti SET Email='$email' WHERE IDutente='$ID')";
$res2=mysql_query($sql2,$conn)or die("Error!".mysql_error());
$sql3="UPDATE utenti SET DataNascita='$dateB' WHERE IDutente='$ID')";
$res3=mysql_query($sql3,$conn)or die("Error!".mysql_error());
$sql4="UPDATE utenti SET Address='$address' WHERE IDutente='$ID')";
$res4=mysql_query($sql4,$conn)or die("Error!".mysql_error());
$sql5="UPDATE utenti SET Telephone='$telephone' WHERE IDutente='$ID')";
$res5=mysql_query($sql5,$conn)or die("Error!".mysql_error());
$sql6="UPDATE utenti SET LuogoNascita='$place' WHERE IDutente='$ID')";
$res6=mysql_query($sql6,$conn)or die("Error!".mysql_error());
$sql7="UPDATE utenti SET Interesse1='$int1' WHERE IDutente='$ID')";
$res7=mysql_query($sql7,$conn)or die("Error!".mysql_error());
$sql8="UPDATE utenti SET Interesse2='$int2' WHERE IDutente='$ID')";
$res8=mysql_query($sql8,$conn)or die("Error!".mysql_error());
$sql9="UPDATE utenti SET Interesse3='$int3' WHERE IDutente='$ID')";
$res9=mysql_query($sql9,$conn)or die("Error!".mysql_error());
$sql10="UPDATE utenti SET Interesse4='$int4' WHERE IDutente='$ID')";
$res10=mysql_query($sql10,$conn)or die("Error!".mysql_error());
$sql11="UPDATE utenti SET Interesse5='$int5' WHERE IDutente='$ID')";
$res11=mysql_query($sql11,$conn)or die("Error!".mysql_error());
$sql12="UPDATE utenti SET Interesse6='$int6' WHERE IDutente='$ID')";
$res12=mysql_query($sql12,$conn)or die("Error!".mysql_error());
$sql13="UPDATE utenti SET Interesse7='$int7' WHERE IDutente='$ID')";
$res13=mysql_query($sql13,$conn)or die("Error!".mysql_error());
$sql14="UPDATE utenti SET Interesse8='$int8' WHERE IDutente='$ID')";
$res14=mysql_query($sql14,$conn)or die("Error!".mysql_error());
$sql15="UPDATE utenti SET Interesse9='$int9' WHERE IDutente='$ID')";
$res15=mysql_query($sql15,$conn)or die("Error!".mysql_error());
echo "You have edit $nickname page. </br></br> Nickname: $nickname </br> Email: $email </br> Name: $name </br> Surname: $surname</br> Birthday: $dateB</br>$address</br> $email</br> $telephone</br> $place</br> $int1</br> $int2</br> $int3</br> $int4</br> $int5</br> $int6</br> $int7</br> $int8</br> $int9 </br></br>"; 
}
?>


					
          </br>
					</br>
					</br>
					</br>
          <h1>©SketchMania</h1>
      <TD valign="top" class="spacer"></TD>
    </TR><TR> 
      <TD height="2" class="spacer2"></TD>
    </TR><TR> 
      <TD COLSPAN="3" class="creditsbg">
				<p>| Contact us <a href="http://yahoo.com/" target="_blank">sketchmania@yahoo.com</a> | </p></TD>
    </TR>
  </TABLE>
</div>
</BODY>
</HTML>
mi restituisce quest'errore:
PHP:
Notice: Undefined index: ID in C:\Program Files\EasyPHP-5.3.2\www\Sito\editProfile1.php on line 3
sinceramente qua mi sembra di aver fatto tutto bene, anche a logica (una volta tanto! Correggetemi se sbaglio), non capisco come mai non funziona e come risolvere!
 

sappe

Nuovo Utente
27 Mar 2011
27
0
0
Grazie della correzione :D allora la stringa di errore non me la restituisce più, ma comunque non stampa quello che dovrebbe stampare, quindi credo che ci sia un errore qua:
PHP:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<?php session_start();
$ID=$_POST['ID'];
$nickname=$_POST['nickname'];
$name=$_POST['name'];
$surname=$_POST['surname'];
$address=$_POST['address'];
$email=$_POST['email'];
$telephone=$_POST['telephone'];
$place=$_POST['place'];
$day=$_POST['day'];
          $month=$_POST['month'];
          $year=$_POST['year'];
          $dateB = $year.'-'.$month.'-'.$day;
$contaInterest = 0;
if (isset($_POST['int1'])){ $int1 = $_POST['int1']; $contaInterest++;
} else {
  $int1='';
}
if (isset($_POST['int2'])){ $int2 = $_POST['int2']; $contaInterest++;
} else {
  $int2='';
}
if (isset($_POST['int3'])){ $int3 = $_POST['int3']; $contaInterest++;
} else {
  $int3='';
} 
if (isset($_POST['int4'])){ $int4 = $_POST['int4']; $contaInterest++;
} else {
  $int4='';
}
if (isset($_POST['int5'])){ $int5 = $_POST['int5']; $contaInterest++;
} else {
  $int5='';
}
if (isset($_POST['int6'])){ $int6 = $_POST['int6']; $contaInterest++;
} else {
  $int6='';
}
if (isset($_POST['int7'])){ $int7 = $_POST['int7']; $contaInterest++;
} else {
  $int7='';
}
if (isset($_POST['int8'])){ $int8 = $_POST['int8']; $contaInterest++;
} else {
  $int8='';
}
if (isset($_POST['int9'])){ $int9 = $_POST['int9']; $contaInterest++;
} else {
  $int9='';
}
?>
<HTML>
<HEAD>
<TITLE>Edit Profile</TITLE><link href="style.css" rel="stylesheet" type="text/css">
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
</HEAD>
<BODY>
<div align="center">
  <TABLE class="maintable" CELLPADDING="0" CELLSPACING="0">
    <TR> 
      <TD COLSPAN=3> <IMG SRC="images/index_01.gif" WIDTH="727" HEIGHT="240" ALT=""></TD>
    </TR>
    <TR> </div>
      <TD ROWSPAN=2 class="navbg" valign="top"><div id="nav">
          <p><span class="h2">Menu</span> <a href="index.php">Home</a> <a href="rules.php">Rules</a> 
            <a href="gallery.php">Gallery</a> <a href="upload.php">Upload</a> <a href="search.php">Search</a>
            <span class="endbox"></span> </p>
						
<?php 
if ((isset($_SESSION['login']))&&((isset($_SESSION['password'])))){
   echo <<<print
	 	 
	 <p><span class="h2">Logout</span> <a href="profile.php">Your Profile</a> <a href="logout.php">Logout</a><span class="endbox"></span> </p>
         <p><span class="h2">Friendship</span> <a href="users.php">Search user</a> <a href="friend.php">My friends</a> <a href="request.php">Friends request</a> <span class="endbox"></span> </p>
print;
}
else {
   echo <<<print
	 
	 <p><span class="h2">Sign in</span> <a href="create.html">Create account</a> <a href="login.htm">Login</a><span class="endbox"></span></p>
print;
}
 ?>
<?php 
include("connessione.inc");
if (isset($_SESSION['login'])) { 
    $login = $_SESSION['login']; 
$sqlA="SELECT Nickname FROM utenti WHERE Nickname = '$login' AND Admin = '1'";
$resA=mysql_query($sqlA,$conn)or die("Error!".mysql_error());
$lines=mysql_num_rows($resA);
if ($lines == 1){
 echo <<<print
	 
	 <p><span class="h2">Admin</span> <a href="admin.php">Administration</a><span class="endbox"></span></p>
print;
}
}
echo <<<print

 </p>
        </div></TD>
      <TD ROWSPAN=2 class="contentbg" valign="top"><div id="content">
print;
 ?>          <h1>Edit Profile</h1>
<?php 
include("connessione.inc");
function control ($name, $surname, $email, $place, $contaInterest){
   $result=true;
	 if ($name=="" or $surname=="" or $email=="" or $place==""){
      $result=false;
	    echo "</br>Missing data</br>";	 
	 }
	 if ($contaInterest > 3){
	    $result=false;
	    echo "</br>Maximum three interests!!</br>";
	 }
}
if (control($name, $surname, $email, $place, $contaInterest) == true){
$sql="UPDATE utenti SET Name='$name' WHERE IDutente='$ID')";
$res=mysql_query($sql,$conn)or die("Error!".mysql_error());
$sql1="UPDATE utenti SET Surname='$surname' WHERE IDutente='$ID')";
$res1=mysql_query($sql1,$conn)or die("Error!".mysql_error());
$sql2="UPDATE utenti SET Email='$email' WHERE IDutente='$ID')";
$res2=mysql_query($sql2,$conn)or die("Error!".mysql_error());
$sql3="UPDATE utenti SET DataNascita='$dateB' WHERE IDutente='$ID')";
$res3=mysql_query($sql3,$conn)or die("Error!".mysql_error());
$sql4="UPDATE utenti SET Address='$address' WHERE IDutente='$ID')";
$res4=mysql_query($sql4,$conn)or die("Error!".mysql_error());
$sql5="UPDATE utenti SET Telephone='$telephone' WHERE IDutente='$ID')";
$res5=mysql_query($sql5,$conn)or die("Error!".mysql_error());
$sql6="UPDATE utenti SET LuogoNascita='$place' WHERE IDutente='$ID')";
$res6=mysql_query($sql6,$conn)or die("Error!".mysql_error());
$sql7="UPDATE utenti SET Interesse1='$int1' WHERE IDutente='$ID')";
$res7=mysql_query($sql7,$conn)or die("Error!".mysql_error());
$sql8="UPDATE utenti SET Interesse2='$int2' WHERE IDutente='$ID')";
$res8=mysql_query($sql8,$conn)or die("Error!".mysql_error());
$sql9="UPDATE utenti SET Interesse3='$int3' WHERE IDutente='$ID')";
$res9=mysql_query($sql9,$conn)or die("Error!".mysql_error());
$sql10="UPDATE utenti SET Interesse4='$int4' WHERE IDutente='$ID')";
$res10=mysql_query($sql10,$conn)or die("Error!".mysql_error());
$sql11="UPDATE utenti SET Interesse5='$int5' WHERE IDutente='$ID')";
$res11=mysql_query($sql11,$conn)or die("Error!".mysql_error());
$sql12="UPDATE utenti SET Interesse6='$int6' WHERE IDutente='$ID')";
$res12=mysql_query($sql12,$conn)or die("Error!".mysql_error());
$sql13="UPDATE utenti SET Interesse7='$int7' WHERE IDutente='$ID')";
$res13=mysql_query($sql13,$conn)or die("Error!".mysql_error());
$sql14="UPDATE utenti SET Interesse8='$int8' WHERE IDutente='$ID')";
$res14=mysql_query($sql14,$conn)or die("Error!".mysql_error());
$sql15="UPDATE utenti SET Interesse9='$int9' WHERE IDutente='$ID')";
$res15=mysql_query($sql15,$conn)or die("Error!".mysql_error());
echo "You have edit $nickname page. </br></br> Nickname: $nickname </br> Email: $email </br> Name: $name </br> Surname: $surname</br> Birthday: $dateB</br>$address</br> $email</br> $telephone</br> $place</br> $int1</br> $int2</br> $int3</br> $int4</br> $int5</br> $int6</br> $int7</br> $int8</br> $int9 </br></br>"; 
}
?>


					
          </br>
					</br>
					</br>
					</br>
          <h1>©SketchMania</h1>
      <TD valign="top" class="spacer"></TD>
    </TR><TR> 
      <TD height="2" class="spacer2"></TD>
    </TR><TR> 
      <TD COLSPAN="3" class="creditsbg">
				<p>| Contact us <a href="http://yahoo.com/" target="_blank">sketchmania@yahoo.com</a> | </p></TD>
    </TR>
  </TABLE>
</div>
</BODY>
</HTML>
Nemmeno mi stampa se mancano dei campi! Non capisco proprio :S
Grazie dell'aiuto! :D