I am trying to show user information using a small PHP script, called myinfo.php. The relevant part of which is shown below:
while($return = mysql_fetch_assoc($result)) {
echo "<form action=UpdateInfo.php method=post>";
echo "<p id=greeting> Hi ".$return['FirstName'].", below is all of your personal information: </p>";
echo '<p> First Name: <input type="text" name="firstname" value= "'.$return['FirstName'].'"/></p>';
echo '<p> Surname: <input type="text" name="surname" value= "'.$return['Surname'].'" /></p>';
echo '<p> House Number: <input type="number" name="housenumber" value= "'.$return['HouseNumber'].'"/></p>';
echo '<p> Address Line One: <input type=text name="addressone" value= "'.$return['AddressLineOne'].'" /></p>';
echo '<p> Address Line Two: <input type=text name="addresstwo" value= "'.$return['AddressLineTwo'].'" /></p>';
echo '<p> County: <input type=text name="county" value= "'.$return['County'].'" /></p>';
echo '<p> Phone Number: <input type=number name="phonenumber" value= "' .$return['PhoneNumber'].'" /></p>';
echo '<p> Email: <input type=email name="email" value= "'.$return['Email'].'" /></p>';
echo '<p> Username: <input type=text name="username" value= "'.$return['Username'].'" /></p>';
echo '<p> Password: <input type=password name="password" value= "'.$return['Password'].'" /></p>';
echo '<p> User Type: <input type="text" name="usertype" value= "'.$return['UserType'].'" /></p>';
echo '<input id="submit" type="submit" value="Update Info" />';
echo "</form>";
}
The input values are all pre filled with the users own information so the user can edit the input values and then click on the "update info" submit button in order to update his/her info. Once this button is clicked the user is sent to the "updateinfo.php" page where they have to confirm the change in information and are shown the changes they are about to make, as shown below:
echo '<p id="confirmation">Are you sure you wish to make the following changes to your personal information?</p>';
echo '<form action="CompleteUpdate.php" method="post">';
echo "<p>First Name: " . $_POST["firstname"] . "</p>";
echo "<p>Surname: " . $_POST["surname"] . "</p>";
echo "<p>House Number: " . $_POST["housenumber"] . "</p>";
echo "<p>Address Line One: " . $_POST["addressone"] . "</p>";
echo "<p>Address Line Two: " . $_POST["addresstwo"] . "</p>";
echo "<p>County: " . $_POST["county"] . "</p>";
echo "<p>Phone Number: " . $_POST["phonenumber"] . "</p>";
echo "<p>Email: " . $_POST["email"] . "</p>";
echo "<p>Username: " . $_POST["username"] . "</p>";
echo "<p>Password: " . $_POST["password"] . "</p>";
echo "<p>Usertype: " . $_POST["usertype"] . "</p>";
echo '<input id="submit" type="submit" value="Update Info" /></form>';
echo '<form action="CancelUpdate.php"><input id="submit" type="submit" value="Cancel" /></form>';
Here the user now clicks the "update info" button or decides to cancel the update. If the update info button is clicked the following PHP script is invoked:
$sql=("UPDATE completeinfo SET FirstName='$_POST[firstname]', Surname='$_POST[surname]', AddressLineOne='$_POST[addresslineone]', AddressLineTwo='$_POST[addresslinetwo]', County='$_POST[county]', Email='$_POST[email]', Username='$_POST[username]', Password=SHA1('$_POST[password]'), UserType='$_POST[usertype]' WHERE Username='".$_SESSION['username']."'");
The problem I am having is that the update query instead of replacing the old values with the new ones, represented by the $_POST values, it now leaves them completely blank. The query knows exactly where to edit in my database so I must presume the "where" clause is working but for some reason $_POST is not fetching the correct values in the query, even though it works perfectly well in the previous PHP scripts. Any ideas how to solve this problem would be greatly appreciated. Thanks