I am trying to update the status of my users from the value of 0 to 1 using a query but the thing is I did not have status on the registration form so I could not pass it through a session so at the moment I am trying to get the data from the status column in the table and assign it to a php variable so I can use to do my query but I am not getting the value from the status table to assign to the php variable .The code below is the table I am using to get the data from:
DROP Database IF EXISTS royalDB;
CREATE Database royalDB;
USE royalDB;
CREATE TABLE tblPassenger (
passengerID tinyint(8) NOT NULL UNIQUE AUTO_INCREMENT,
firstName varchar(255) NOT NULL,
lastName varchar(255) NOT NULL,
gender varchar(255) NOT NULL,
dob varchar(255)NOT NULL,
username varchar(255) NOT NULL UNIQUE,
password varchar(255) NOT NULL,
email varchar(255) NOT NULL UNIQUE,
address varchar(255) NOT NULL,
status tinyint(1) NOT NULL,
PRIMARY KEY (passengerID)
);
INSERT INTO tblPassenger (firstName, lastName, gender, dob, username, password, email, address, status) VALUES ("Kadeem","Thompson", "Male", "05-22-1996","kt1234","test1234","kt@gmail.com","P.O. Box 189, 8430 Suscipit, Ave", 1);
This is the PHP CODE:
<?php
$feedback= "";
session_start();
//Feedback variable to update user of system status
$codev = $_POST['code'];
$user= $_SESSION['username'];
//validate data
validate($codev, $user);
if($feedback != ""){
Header("Location:../presentation/verifyAccount.php?feedbackMsg=$feedback");
}else {//bind parameters to the statement object
# code...
sanitize($user);
include("../data/dbConnection.php");
$status = ("SELECT * FROM tblPassenger WHERE username = $user");
if ($stmt = mysqli_prepare($mysqli, "UPDATE tblPassenger SET status = 1 WHERE username = ?"))
{//bind parameters to the statement object
mysqli_stmt_bind_param($stmt, "is", $status, $user);
$feedback = "";if(mysqli_stmt_execute($stmt)){
$feedback .= "Your Account is Activated.";
Header("Location:../presentation/verifyAccount.php?feedbackMsg=$feedback");
}else {
$feedback .= "$status";
Header("Location:../presentation/verifyAccount.php?feedbackMsg=$feedback");
}
}
}
//include connection string
//Function to SANITIZE (Clean) data
function sanitize($data){
$data = trim($data);
$data = stripslashes($data);
$data = filter_var($data, FILTER_SANITIZE_SPECIAL_CHARS);
$data = filter_var($data, FILTER_SANITIZE_STRING);
$data = filter_var($data, FILTER_SANITIZE_STRING);
$data = filter_var($data, FILTER_SANITIZE_STRING);
//for,at data for storage (maintain uniformity)
$data = strtolower($data);
$data = ucfirst($data);
//finally... return the cleaned and formatted data
return $data;
}//end sanitize function
function validate($codeVal, $userV){
global $feedback;
if($codeVal == null || $codeVal == ""){
$feedback .= "Please Enter a verfication Code.";
}elseif ($codeVal != $userV) {
$feedback .= "Verification Code do not Match";
}else {
$feedback .= "";
}
}//End of validation Block
?>