profiel functie is broken

savant11 · 9 aug 2010

HOi allemaal,

heb dit:

Het formulier:

Code:

<?php
session_start();  
 //include('./wp-content/themes/Stadslab/header.php');  
  $page_title = 'Edit Profile';
 // require_once('header.php');
 // require_once('appvars.php');
  require_once('connectvars.php');
  // Make sure the user is logged in before going any further. 
?>


		
					
<h1>profiel</h1>
<p></p>
<fieldset>
      <legend>Persoonlijke Informatie</legend>
<table align="left">
<form method="POST" action="./editprofile.php">

 
<tr>
	
<tr>
	<td><strong>Voornaam:</strong></td>
	<td><input type="text" name="voornaam" maxlength="255" value="<?php if (!empty($vnaamaam)) echo $vnaamnaam; ?>"></td>
</tr>

<tr>
	<td><strong>Achternaam:</strong></td>
	<td><input type="text" name="achternaam" maxlength="255" value="<?php if (!empty($anaam)) echo $anaam; ?>"></td>
</tr>

<tr>
<td><strong><label for="gender">Geslacht:</label></strong></td>
      <td><select id="gender" name="gender">
        <option value="M" <?php if (!empty($gslacht) && $geslacht == 'M') echo 'selected = "selected"'; ?>>Man</option>
        <option value="F" <?php if (!empty($geslacht) && $geslacht == 'F') echo 'selected = "selected"'; ?>>vrouw</option>
      <td></select><br /></td>
</tr>
<tr>
	<td><strong>Tussenvoegsel:</strong></td>
	<td><input name="tussenvoegsel" type="text" maxlength="255" value="<?php if (!empty($tussenvoegsel)) echo $tussenvoegsel;?>" /></td>
	</tr>


<tr>
	<td><strong>Email:</strong></td>
	<td><input type="text" name="email" maxlength="255" value = "<?php if (!empty($email)) echo $email; ?>" ></td>
</tr>

<tr>
	<td><strong>Straat:</strong></td>
	<td><input type="text" name="straat" maxlength="255" value = "<?php if (!empty($straat)) echo $straat; ?>" ></td>
</tr>


<tr>
	<td><strong>Woonplaats:</strong></td>
	<td><input name="stad" type="text" maxlength="255" value="<?php if (!empty($woonplaats)) echo $woonplaats; ?>" /></td>
</tr>



<tr>
	<td><strong>Postcode:</strong></td>
	<td><input name="postcode" type="text" maxlength="255" value="<?php if (!empty($postcode)) echo $postcode; ?>" /></td>
</tr>

<tr>
	<td><strong>Telefoon nummer:</strong></td>
	<td><input name="telnummer" type="text" maxlength="255" value="<?php if (!empty($telnummer)) echo $telnummer; ?>" /></td>
</tr>
<tr>
	<td><strong>geboorte datum:</strong></td>
	<td>
		<select name="dag" value = "<?php if (!empty($gebdatum)) echo $gebdatum; ?>">
<option label="dag" value="" selected="selected">dag</option>
<option label="01" value="01">01</option>
<option label="02" value="02">02</option>
<option label="03" value="03">03</option>
<option label="04" value="04">04</option>
<option label="05" value="05">05</option>
<option label="06" value="06">06</option>
<option label="07" value="07">07</option>

<option label="08" value="08">08</option>
<option label="09" value="09">09</option>
<option label="10" value="10">10</option>
<option label="11" value="11">11</option>
<option label="12" value="12">12</option>
<option label="13" value="13">13</option>
<option label="14" value="14">14</option>
<option label="15" value="15">15</option>
<option label="16" value="16">16</option>

<option label="17" value="17">17</option>
<option label="18" value="18">18</option>
<option label="19" value="19">19</option>
<option label="20" value="20">20</option>
<option label="21" value="21">21</option>
<option label="22" value="22">22</option>
<option label="23" value="23">23</option>
<option label="24" value="24">24</option>
<option label="25" value="25">25</option>

<option label="26" value="26">26</option>
<option label="27" value="27">27</option>
<option label="28" value="28">28</option>
<option label="29" value="29">29</option>
<option label="30" value="30">30</option>
<option label="31" value="31">31</option>
</select>
	
	<select name="maand" value "<?php if (!empty($gebdatum)) echo $gebdatum; ?>">
<option label="maand" value="" selected="selected">maand</option>
<option label="januari" value="01">januari</option>

<option label="februari" value="02">februari</option>
<option label="maart" value="03">maart</option>
<option label="april" value="04">april</option>
<option label="mei" value="05">mei</option>
<option label="juni" value="06">juni</option>
<option label="juli" value="07">juli</option>
<option label="augustus" value="08">augustus</option>
<option label="september" value="09">september</option>
<option label="oktober" value="10">oktober</option>

<option label="november" value="11">november</option>
<option label="december" value="12">december</option>
</select>
	
	<select name="jaar" value "<?php if (!empty($gebdatum)) echo $gebdatum; ?>">
<option label="jaar" value="" selected="selected">jaar</option>
<option label="2010" value="2010">2010</option>
<option label="2009" value="2009">2009</option>
<option label="2008" value="2008">2008</option>
<option label="2007" value="2007">2007</option>
<option label="2006" value="2006">2006</option>

<option label="2005" value="2005">2005</option>
<option label="2004" value="2004">2004</option>
<option label="2003" value="2003">2003</option>
<option label="2002" value="2002">2002</option>
<option label="2001" value="2001">2001</option>
<option label="2000" value="2000">2000</option>
<option label="1999" value="1999">1999</option>
<option label="1998" value="1998">1998</option>
<option label="1997" value="1997">1997</option>

<option label="1996" value="1996">1996</option>
<option label="1995" value="1995">1995</option>
<option label="1994" value="1994">1994</option>
<option label="1993" value="1993">1993</option>
<option label="1992" value="1992">1992</option>
<option label="1991" value="1991">1991</option>
<option label="1990" value="1990">1990</option>
<option label="1989" value="1989">1989</option>
<option label="1988" value="1988">1988</option>

<option label="1987" value="1987">1987</option>
<option label="1986" value="1986">1986</option>
<option label="1985" value="1985">1985</option>
<option label="1984" value="1984">1984</option>
<option label="1983" value="1983">1983</option>
<option label="1982" value="1982">1982</option>
<option label="1981" value="1981">1981</option>
<option label="1980" value="1980">1980</option>
<option label="1979" value="1979">1979</option>

<option label="1978" value="1978">1978</option>
<option label="1977" value="1977">1977</option>
<option label="1976" value="1976">1976</option>
<option label="1975" value="1975">1975</option>
<option label="1974" value="1974">1974</option>
<option label="1973" value="1973">1973</option>
<option label="1972" value="1972">1972</option>
<option label="1971" value="1971">1971</option>
<option label="1970" value="1970">1970</option>

<option label="1969" value="1969">1969</option>
<option label="1968" value="1968">1968</option>
<option label="1967" value="1967">1967</option>
<option label="1966" value="1966">1966</option>
<option label="1965" value="1965">1965</option>
<option label="1964" value="1964">1964</option>
<option label="1963" value="1963">1963</option>
<option label="1962" value="1962">1962</option>
<option label="1961" value="1961">1961</option>

<option label="1960" value="1960">1960</option>
<option label="1959" value="1959">1959</option>
<option label="1958" value="1958">1958</option>
<option label="1957" value="1957">1957</option>
<option label="1956" value="1956">1956</option>
<option label="1955" value="1955">1955</option>
<option label="1954" value="1954">1954</option>
<option label="1953" value="1953">1953</option>
<option label="1952" value="1952">1952</option>

<option label="1951" value="1951">1951</option>
<option label="1950" value="1950">1950</option>
<option label="1949" value="1949">1949</option>
<option label="1948" value="1948">1948</option>
<option label="1947" value="1947">1947</option>
<option label="1946" value="1946">1946</option>
<option label="1945" value="1945">1945</option>
<option label="1944" value="1944">1944</option>
<option label="1943" value="1943">1943</option>

<option label="1942" value="1942">1942</option>
<option label="1941" value="1941">1941</option>
<option label="1940" value="1940">1940</option>
<option label="1939" value="1939">1939</option>
<option label="1938" value="1938">1938</option>
<option label="1937" value="1937">1937</option>
<option label="1936" value="1936">1936</option>
<option label="1935" value="1935">1935</option>
<option label="1934" value="1934">1934</option>

<option label="1933" value="1933">1933</option>
<option label="1932" value="1932">1932</option>
<option label="1931" value="1931">1931</option>
<option label="1930" value="1930">1930</option>
<option label="1929" value="1929">1929</option>
<option label="1928" value="1928">1928</option>
<option label="1927" value="1927">1927</option>
<option label="1926" value="1926">1926</option>
<option label="1925" value="1925">1925</option>

<option label="1924" value="1924">1924</option>
<option label="1923" value="1923">1923</option>
<option label="1922" value="1922">1922</option>
<option label="1921" value="1921">1921</option>
<option label="1920" value="1920">1920</option>
<option label="1919" value="1919">1919</option>
<option label="1918" value="1918">1918</option>
<option label="1917" value="1917">1917</option>
<option label="1916" value="1916">1916</option>

<option label="1915" value="1915">1915</option>
<option label="1914" value="1914">1914</option>
<option label="1913" value="1913">1913</option>
<option label="1912" value="1912">1912</option>
<option label="1911" value="1911">1911</option>
<option label="1910" value="1910">1910</option>
<option label="1909" value="1909">1909</option>
<option label="1908" value="1908">1908</option>
<option label="1907" value="1907">1907</option>

<option label="1906" value="1906">1906</option>
<option label="1905" value="1905">1905</option>
<option label="1904" value="1904">1904</option>
<option label="1903" value="1903">1903</option>
<option label="1902" value="1902">1902</option>
<option label="1901" value="1901">1901</option>
<option label="1900" value="1900">1900</option>
</select>	
	</td>
</tr>

<tr>
	<td><strong>projectnaam:</strong></td>
	<td>
    
    
    </td>
    
</tr>
<tr>
<td><strong>link van website:</strong></td>
	<td><input type = "text"  name = "website" maxlength = "255" value = "<?php if (!empty($website)) echo $website; ?>"></td>	

	</tr>
<tr>

	<td><img src = "C:\wamp\www\SLL\wp-content\themes\Stadslab\images\lib" alt = 'Hyves' title = hyves/></td>
	<td><input type = "text"  name = "hyves" maxlength = "255" value="<?php if (!empty($hyves)) echo $hyves; ?>"></td>	
	</tr><tr>
	<td><img src = "./stadslableiden/images/imageFacebook.jpg" alt='Facebook' title='acebook'/></td>	
	<td><input type = "text"  name = "facebook" maxlength = "255" vlaue ="<?php if (!empty($facebook)) echo $facebook; ?>"></td>	
	</tr>
	<tr>
	<td><img src = "./sll/stadslableiden/images/imageLinkedin.jpg" alt = 'Linkedin' title = 'linkedin'/></td>
	<td><input name="linkedin" type="text" maxlength="255" value="<?php if (!empty($linkedin)) echo $linkedin; ?>"/></td>
	</tr>
	<tr>
<td><img src = "./stadslableiden/images/imageTwitter.jpg" alt = 'Twitter' title = 'twitter'/></td>
		<td><input name="twitter" type="text" maxlength="255" value="<?php if (!empty($twitter)) echo $twitter; ?>"/></td>	
	</tr>	
	
	<tr>
	<td><strong>Functie:</strong></td>
	<td><input name="functie" type name="textarea" cols = "40" rows = "5" maxlength="255" value="<?php if (!empty($functie)) echo $functie; ?>" /></td>
	</tr>
	
	<tr>
	<td><strong>Profiel info:</strong></td>
	<td><input name="profielinfo" type="text" maxlength="255" value="<?php if (!empty($profielinfo)) echo $profielinfo; ?>" /></td>
	</tr>
	
	<tr>
	<td><strong>Specialiteit:</strong></td>
	<td><input name="specialiteit" type="text" maxlength="255" value="<?php if (!empty($specialiteit)) echo $specialiteit; ?>" /></td>
	</tr>
	
	<tr>
	<td><input type="hidden" name="old_picture" value="<?php if (!empty($old_picture)) echo $old_picture; ?>" /></td>
      <td><strong><label for="new_picture">Picture:</label></strong>
      <input type="file" id="new_picture" name="new_picture" /></td>
      </tr>
      <?php if (!empty($old_picture)) {
        echo '<img class="profile" src="' . MM_UPLOADPATH . $old_picture . '" alt="Profile Picture" />';
      } ?>
	
	
	

<tr>
	<td colspan="2" align="left"><input type="submit" name="submit" value="Opslaan" /></td>
	<?php echo '<a href="./logout.php">Log Out (' . $_SESSION['username'] . ')</a>';?>
</tr>
</fieldset>
</form>
</table>
<center></center>

Dat de pagina om de gegevens in het formulier op te slaan, wijzigen:

Code:

<?php

//require_once("")
  // Start the session
  session_start();

  
  $page_title = 'Edit Profile';
 // require_once('header.php');

 // require_once('appvars.php');
  require_once('connectvars.php');
  require_once('appvars.php');

  // Make sure the user is logged in before going any further.
  if (!isset($_SESSION['id'])) {
    echo '<p class="login">Eerst <a href="./?page_id=676">inloggen </a> voor toestemming.</p>';
    exit();
  }  
  

  // Connect to the database
  $dbc = mysql_connect(DB_HOST,DB_USER,DB_PASSWORD);
  mysql_select_db(DB_NAME,$dbc);

  //get_header(); 
  
  if (isset($_POST['submit'])) {
    // Grab the profile data from the POST
    $vnaam = mysql_real_escape_string(trim($_POST['voornaam']));
    $anaam = mysql_real_escape_string(trim($_POST['achternaam'])); 
    $geslacht = mysql_real_escape_string(trim($_POST['geslacht'])); 
    $functie = mysql_real_escape_string(trim($_POST['functie']));  
    $email = mysql_real_escape_string(trim($_POST['email'])); 	
    $gebdatum = mysql_real_escape_string(trim($_POST['gebdatum']));
    $straat = mysql_real_escape_string(trim($_POST['straat']));  
    $woonplaats = mysql_real_escape_string(trim($_POST['woonplaats'])); 
    $postcode = mysql_real_escape_string(trim($_POST['postcode']));
    $huisnummer = mysql_real_escape_string(trim($_POST['huisnummer']));
    $telnummer = mysql_real_escape_string(trim($_POST['telnummer']));       
    $profielinfo = mysql_real_escape_string(trim($_POST['profielinfo']));
    $specialiteit = mysql_real_escape_string(trim($_POST['specialiteit']));
    $website = mysql_real_escape_string(trim($_POST['website']));   
    $hyves = mysql_real_escape_string(trim($_POST['hyves']));
    $facebook = mysql_real_escape_string(trim($_POST['facebook']));
    $linkedin = mysql_real_escape_string(trim($_POST['linkedin']));    
    $twitter = mysql_real_escape_string(trim($_POST['twitter']));
    $pnaam = mysql_real_escape_string(trim($_POST['projectnaam']));   
    $tussenvoegsel = mysql_real_escape_string(trim($_POST['tussenvoegsel']));
    $error = false;
    //print_r($_POST);
	//echo $_SESSION['id'] . " = id";
	
    //Uploaden van de afbeelding
    
   // Validate and move the uploaded picture file, if necessary
    if (!empty($new_picture)) {
      if ((($new_picture_type == 'image/gif') || ($new_picture_type == 'image/jpeg') || ($new_picture_type == 'image/pjpeg') ||
        ($new_picture_type == 'image/png')) && ($new_picture_size > 0) && ($new_picture_size <= MM_MAXFILESIZE) &&
        ($new_picture_width <= MM_MAXIMGWIDTH) && ($new_picture_height <= MM_MAXIMGHEIGHT)) {
        if ($_FILES['file']['error'] == 0) {
          // Move the file to the target upload folder
          $target = MM_UPLOADPATH . basename($new_picture);
          if (move_uploaded_file($_FILES['new_picture']['tmp_name'], $target)) {
            // The new picture file move was successful, now make sure any old picture is deleted
            if (!empty($old_picture) && ($old_picture != $new_picture)) {
              @unlink(MM_UPLOADPATH . $old_picture);
            }
          }
          else {
            // The new picture file move failed, so delete the temporary file and set the error flag
            @unlink($_FILES['new_picture']['tmp_name']);
            $error = true;
            echo '<p class="error">Sorry, there was a problem uploading your picture.</p>';
          }
        }
      }
      else {
        // The new picture file is not valid, so delete the temporary file and set the error flag
        @unlink($_FILES['new_picture']['tmp_name']);
        $error = true;
        echo '<p class="error">Your picture must be a GIF, JPEG, or PNG image file no greater than ' . (MM_MAXFILESIZE / 1) .
          ' KB and ' . MM_MAXIMGWIDTH . 'x' . MM_MAXIMGHEIGHT . ' pixels in size.</p>';
      }
    }    
    //End van uploaden van de afbeelding   
    
    
    
   $gebdat = $_POST['jaar'] .'-'. $_POST['maand'] .'-'. $_POST['dag'];
	//echo '<br><br>' . $vnaam . $anaam . $geslacht . $gebdat . $stad;
    // Update the profile data in the database
    if (!$error) {
    	
      if (!empty($vnaam) && !empty($anaam) && !empty($functie) && !empty($email) && !empty($gebdatum) && !empty($straat)&&!empty($woonplaats)
      		&& !empty($postcode) && !empty($huisnummer) && !empty($telnummer) && !empty($profielinfo)&& !empty($specialiteit)&& !empty($website)
      		&& !empty($hyves) && !empty($facebook) && !empty($linkedin) && !empty($twitter) && !empty($tussenvoegsel)) {
      		if (!empty($new_picture)) {
          $query = "UPDATE sll_medewerker SET vnaam = '$vnaam', anaam = '$anaam',$functie = 'functie',$email = 'email', gebdatum = '$gebdatum',
          woonplaats = '$woonplaats',postcode = '$postcode',huisnummer = $huisnummer,telnummer = '$telnummer', profielinfo = '$profielinfo',  
          specialiteit = '$specialiteit',website='$website',hyves = '$hyves', facebook = '$facebook', linkedin = '$linkedin', twitter = '$twitter',
          tussenvoegsel = '$tussenvoegsel'
           WHERE id_medewerker = '" . $_SESSION['id'] . "'";
        }
       else {
       	 // echo 'ja submit <br>' . $_SESSION['id'] . '<br>';
          $query = "UPDATE sll_medewerker SET vnaam = '$vnaam', anaam = '$anaam',$functie = 'functie',$email = 'email', gebdatum = '$gebdatum',
          woonplaats = '$woonplaats',postcode = '$postcode',huisnummer = $huisnummer,telnummer = '$telnummer', profielinfo = '$profielinfo',  
          specialiteit = '$specialiteit',website='$website',hyves = '$hyves', facebook = '$facebook', linkedin = '$linkedin', twitter = '$twitter',
          tussenvoegsel = '$tussenvoegsel'
           WHERE id_medewerker = '" . $_SESSION['id'] . "'";
       }
          $q = "select id_project FROM sll_project_medewerker WHERE id_medewerker = '" . $_SESSION['id'] . "' ";
          $data = mysql_query($q) or die("fout id");
          $res = mysql_fetch_row($data);
          $pid = $res[0];
         // echo "PID = " . $pid . $pnaam;
   
          $query2 = "UPDATE sll_project SET naam = '$pnaam' WHERE id = '$pid'"; 
        mysql_query($query) or die("sql update medewerker verkeerd");
		mysql_query($query2) or die("sql update pid verkeerd");
        // Confirm success with the user
        echo '<p>Uw profiel is met succes geupdate. Wilt u het zien <a href="./sll/viewprofile.php">Uw profiel zien</a>?</p>';

        mysql_close($dbc);
        exit();
      } 
      else {
     // echo "foute statements van niels";
     echo '<p class="error">You must enter all of the profile data (the picture is optional).</p>';
      }
      
      
      }
    }
   // End of check for form submission
  else {
    
    $query = "SELECT huisnummer,profielinfo,specialiteit,website, telnummer,hyves,facebook, linkedin, 
        tussenvoegsel,twitter,pnaam FROM sll_medewerker WHERE id_medewerker = '" . $_SESSION['id'] . "'";
        
    $data = mysql_query($query) or die("handig!!!");
    //echo $data;
    $row = mysql_fetch_array($data);

    if ($row != NULL) {
      $vnaam = $row['vnaam'];
      $anaam = $row['anaam']; 
      $geslacht = $row['geslacht'];
      $functie = $row['functie'];    
      $email = $row['email'];
      $gebdatum = $row['geboortedatum'];
      $straat = $row['straat'];
      $woonplaats = $row['woonplaats'];
      $postcode = $row['postcode'];
      $huisnummer = $row['huisnummer'];
      $telnummer = $row['telnummer'];
      $profielinfo = $row['profielinfo'];
      $specialiteit = $row['specialiteit'];
      $website = $row['website'];      
      $hyves = $row['hyves'];
      $facebook = $row['facebook'];
      $linkedin = $row['linkedin'];
      $twitter = $row['twitter'];
      $pnaam = $row['pnaam'];  
      $tussenvoegsel = $row['tussenvoegsel'];    
      $old_picture = $row['picture'];
      
      //$stad = $row['stad'];
      //$oud_afbeelding = $row['afbeelding'];
      //echo $stad;
    }
    else {
     // echo '<p class="error">Oeps prbleem met uw profiel.</p>';
    }
  }

  mysql_close($dbc);
?>

En het formulier om wat er is opgeslagen daadwerkelijk te laten zien:

Code:

<?php
  // Start the session
  require_once('startsession.php');

  // Insert the page header
  $page_title = 'View Profile';
  require_once('header.php');

  require_once('appvars.php');
  require_once('connectvars.php');

  // Make sure the user is logged in before going any further.
  if (!isset($_SESSION['id'])) {
    echo '<p class="login">Please <a href="login.php">log in</a> to access this page.</p>';
    exit();
  }

  // Show the navigation menu
  

  // Connect to the database
  $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

  // Grab the profile data from the database
  if (!isset($_GET['id_medewerker'])) {
    $query = "SELECT vnaam,  anaam,geslacht, functie,  email, gebdatum ,woonplaats ,postcode ,huisnummer ,telnummer , profielinfo ,  
          specialiteit,website,hyves , facebook , linkedin , twitter , tussenvoegsel FROM sll_medewerker WHERE id_medewerker = '" . $_SESSION['id'] . "'";
  }
  else {
   $query = "SELECT vnaam,  anaam,geslacht,  functie,  email, gebdatum ,woonplaats ,postcode ,huisnummer ,telnummer , profielinfo ,  
          specialiteit,website,hyves , facebook , linkedin , twitter , tussenvoegsel FROM sll_medewerker WHERE id_medewerker = '" . $_SESSION['id'] . "'";
  }
  $data = mysqli_query($dbc, $query);

  if (mysqli_num_rows($data) == 1) {
    // The user row was found so display the user data
    $row = mysqli_fetch_array($data);
    echo '<table>';
    if (!empty($row['username'])) {
      echo '<tr><td class="label">Username:</td><td>' . $row['username'] . '</td></tr>';
    }
    if (!empty($row['vnaam'])) {
      echo '<tr><td class="label">First name:</td><td>' . $row['vnaam'] . '</td></tr>';
    }
    if (!empty($row['anaam'])) {
      echo '<tr><td class="label">Last name:</td><td>' . $row['anaam'] . '</td></tr>';
    }
    
   
     if (!empty($row['geslacht'])) {
      echo '<tr><td class="label">Geslacht:</td><td>';
      if ($row['geslacht'] == 'M') {
        echo 'man';
      }
      else if ($row['gender'] == 'v') {
        echo 'vrouw';
      }
      else {
        echo '?';
      }
      echo '</td></tr>';
    }//End geslacht
    
   if (!empty($row['functie'])) {
      echo '<tr><td class="label">Functie:</td><td>' . $row['functie'] . '</td></tr>';
    }
    if (!empty($row['email'])) {
      echo '<tr><td class="label">Email:</td><td>' . $row['email'] . '</td></tr>';
    }
    
  if (!empty($row['gebdatum'])) {
      echo '<tr><td class="label">Geboorte datum:</td><td>';
      if ($row['dag'] == 'd') {
        echo 'dag';
      }
      else if ($row['gebdatum'] == 'm') {
        echo 'maand';
      }
      else if ($row['gebdatum'] == j){
      	echo 'jaar';
      }
      else {
        echo '?';
      }
      echo '</td></tr>';
    }//End gebdatum
    
   if (!empty($row['woonplaats'])) {
      echo '<tr><td class="label">Wooonplaats:</td><td>' . $row['woonplaats'] . '</td></tr>';
    }
    if (!empty($row['postcode'])) {
      echo '<tr><td class="label">Postcode:</td><td>' . $row['postcode'] . '</td></tr>';
    }
    if (!empty($row['huisnummer'])) {
      echo '<tr><td class="label">Huisnummer:</td><td>' . $row['huisnummer'] . '</td></tr>';
    }
    
   if (!empty($row['telnummer'])) {
      echo '<tr><td class="label">Telefoon nummer:</td><td>' . $row['telnummer'] . '</td></tr>';
    }
    if (!empty($row['profielinfo'])) {
      echo '<tr><td class="label">Profiel info:</td><td>' . $row['profielinfo'] . '</td></tr>';
    }
    if (!empty($row['specialiteit'])) {
      echo '<tr><td class="label">specialiteit:</td><td>' . $row['specialiteit'] . '</td></tr>';
    }
    
   if (!empty($row['website'])) {
      echo '<tr><td class="label">Webstie:</td><td>' . $row['website'] . '</td></tr>';
    }
    if (!empty($row['hyves'])) {
      echo '<tr><td class="label">Hyves:</td><td>' . $row['hyves'] . '</td></tr>';
    }
    if (!empty($row['facebook'])) {
      echo '<tr><td class="label">facebook:</td><td>' . $row['facebook'] . '</td></tr>';
    }
    
     if (!empty($row['linkedin'])) {
      echo '<tr><td class="label">linkedin:</td><td>' . $row['linkedin'] . '</td></tr>';
    }
    if (!empty($row['hyves'])) {
      echo '<tr><td class="label">Hyves:</td><td>' . $row['hyves'] . '</td></tr>';
    }
    if (!empty($row['twitter'])) {
      echo '<tr><td class="label">Twitter:</td><td>' . $row['twitter'] . '</td></tr>';
    } 

     if (!empty($row['tussenvoegsel'])) {
      echo '<tr><td class="label">Tussenvoegsel:</td><td>' . $row['tussenvoegsel'] . '</td></tr>';
    } 
    
    
    if (!empty($row['birthdate'])) {
      if (!isset($_GET['user_id']) || ($_SESSION['user_id'] == $_GET['user_id'])) {
        // Show the user their own birthdate
        echo '<tr><td class="label">Birthdate:</td><td>' . $row['birthdate'] . '</td></tr>';
      }
      else {
        // Show only the birth year for everyone else
        list($year, $month, $day) = explode('-', $row['birthdate']);
        echo '<tr><td class="label">Year born:</td><td>' . $year . '</td></tr>';
      }
    }//End brithdate
   
    if (!empty($row['picture'])) {
      echo '<tr><td class="label">Picture:</td><td><img src="' . MM_UPLOADPATH . $row['picture'] .
        '" alt="Profile Picture" /></td></tr>';
    }
    echo '</table>';
    if (!isset($_GET['id_medewerker']) || ($_SESSION['user_id'] == $_GET['id_medewerker'])) {
      echo '<p>Would you like to <a href="editprofile.php">edit your profile</a>?</p>';
    }
  } // End of check for a single row of user results
  else {
    echo '<p class="error">There was a problem accessing your profile.</p>';
  }

  mysqli_close($dbc);
?>

<?php
  // Insert the page footer
  require_once('footer.php');
?>

Nu log ik eerst in en zie dan ook mijn gebruikersnaam met de volgende functie:

Code:

<?php echo '<a href="./logout.php">Log Out (' . $_SESSION['username'] . ')</a>';?>

maar als ik dan de gevens in vul in het formulier en druk op de button opslaan dan wordt we gevraagd om in te loggen:

Eerst inloggen voor toestemming.

Iemand een suggestie. alvast enorm bedankt!!

kenikavanbis · 10 aug 2010

wow veel code

ik vermoed dat je deze melding te zien krijgt

PHP:

  if (!isset($_SESSION['id'])) {
    echo '<p class="login">Please <a href="login.php">log in</a> to access this page.</p>';
    exit();
  }

juist mogelijks is uw session niet opgeslagen

mooier zou zijn dat de data die je wouw versturen effen in een sessionvariabele visitor of zoiets zet dan kan je deze ook al inlezen
offline kan je ook print_r($_SESSION); dan zie je alle opgeslagen data niet verstandig om dit online te doen.

savant11 · 10 aug 2010

hoi,

ik heb het nu zo:

Code:

<?php
  
  $page_title = 'Edit Profile'; 

 
  require_once('connectvars.php');
  require_once('appvars.php');
  require_once('startsession.php'); 

  // Make sure the user is logged in before going any further.
  
  if (!isset($_SESSION['id_medewerker'])) {
  	
  	print_r($_SESSION);
    echo '<p class="login">Eerst <a href="./?page_id=676">inloggen </a> voor toestemming.</p>';
    exit();
    print_r($_SESSION);
   //echo 'hallo';
  }  
  
  
  

  // Connect to the database
  $dbc = mysql_connect(DB_HOST,DB_USER,DB_PASSWORD);
  mysql_select_db(DB_NAME,$dbc);

  //get_header(); 
  
  if (isset($_POST['submit'])) {
    // Grab the profile data from the POST
    $vnaam = mysql_real_escape_string(trim($_POST['voornaam']));
    $anaam = mysql_real_escape_string(trim($_POST['achternaam'])); 
    $geslacht = mysql_real_escape_string(trim($_POST['geslacht'])); 
    $functie = mysql_real_escape_string(trim($_POST['functie']));  
    $email = mysql_real_escape_string(trim($_POST['email'])); 	
    $gebdatum = mysql_real_escape_string(trim($_POST['gebdatum']));
    $straat = mysql_real_escape_string(trim($_POST['straat']));  
    $woonplaats = mysql_real_escape_string(trim($_POST['woonplaats'])); 
    $postcode = mysql_real_escape_string(trim($_POST['postcode']));
    $huisnummer = mysql_real_escape_string(trim($_POST['huisnummer']));
    $telnummer = mysql_real_escape_string(trim($_POST['telnummer']));       
    $profielinfo = mysql_real_escape_string(trim($_POST['profielinfo']));
    $specialiteit = mysql_real_escape_string(trim($_POST['specialiteit']));
    $website = mysql_real_escape_string(trim($_POST['website']));   
    $hyves = mysql_real_escape_string(trim($_POST['hyves']));
    $facebook = mysql_real_escape_string(trim($_POST['facebook']));
    $linkedin = mysql_real_escape_string(trim($_POST['linkedin']));    
    $twitter = mysql_real_escape_string(trim($_POST['twitter']));
    //$naam = mysql_real_escape_string(trim($_POST['naam']));   
    $tussenvoegsel = mysql_real_escape_string(trim($_POST['tussenvoegsel']));
    $error = false;
    //print_r($_POST);
	//echo $_SESSION['id'] . " = id";
	
    //Uploaden van de afbeelding
    
   // Validate and move the uploaded picture file, if necessary
    if (!empty($new_picture)) {
      if ((($new_picture_type == 'image/gif') || ($new_picture_type == 'image/jpeg') || ($new_picture_type == 'image/pjpeg') ||
        ($new_picture_type == 'image/png')) && ($new_picture_size > 0) && ($new_picture_size <= MM_MAXFILESIZE) &&
        ($new_picture_width <= MM_MAXIMGWIDTH) && ($new_picture_height <= MM_MAXIMGHEIGHT)) {
        if ($_FILES['file']['error'] == 0) {
          // Move the file to the target upload folder
          $target = MM_UPLOADPATH . basename($new_picture);
          if (move_uploaded_file($_FILES['new_picture']['tmp_name'], $target)) {
            // The new picture file move was successful, now make sure any old picture is deleted
            if (!empty($old_picture) && ($old_picture != $new_picture)) {
              @unlink(MM_UPLOADPATH . $old_picture);
            }
          }
          else {
            // The new picture file move failed, so delete the temporary file and set the error flag
            @unlink($_FILES['new_picture']['tmp_name']);
            $error = true;
            echo '<p class="error">Sorry, there was a problem uploading your picture.</p>';
          }
        }
      }
      else {
        // The new picture file is not valid, so delete the temporary file and set the error flag
        @unlink($_FILES['new_picture']['tmp_name']);
        $error = true;
        echo '<p class="error">Your picture must be a GIF, JPEG, or PNG image file no greater than ' . (MM_MAXFILESIZE / 1) .
          ' KB and ' . MM_MAXIMGWIDTH . 'x' . MM_MAXIMGHEIGHT . ' pixels in size.</p>';
      }
    }    
    //End van uploaden van de afbeelding   
    
    
    
   //$gebdat = $_POST['jaar'] .'-'. $_POST['maand'] .'-'. $_POST['dag'];
	//echo '<br><br>' . $vnaam . $anaam . $geslacht . $gebdat . $stad;
    // Update the profile data in the database
    if (!$error) {
    	
      if (!empty($vnaam) && !empty($anaam) && !empty($geslacht) &&!empty($functie) && !empty($email) && !empty($gebdatum) && !empty($straat)&&!empty($woonplaats)
      		&& !empty($postcode) && !empty($huisnummer) && !empty($telnummer) && !empty($profielinfo)&& !empty($specialiteit)&& !empty($website)
      		&& !empty($hyves) && !empty($facebook) && !empty($linkedin) && !empty($twitter) && !empty($tussenvoegsel)) {
      		if (!empty($new_picture)) {
          $query = "UPDATE sll_medewerker SET vnaam = '$vnaam', anaam = '$anaam',geslacht = '$geslacht',$functie = 'functie',$email = 'email', gebdatum = '$gebdatum',
          woonplaats = '$woonplaats',postcode = '$postcode',huisnummer = $huisnummer,telnummer = '$telnummer', profielinfo = '$profielinfo',  
          specialiteit = '$specialiteit',website='$website',hyves = '$hyves', facebook = '$facebook', linkedin = '$linkedin', twitter = '$twitter',
          tussenvoegsel = '$tussenvoegsel'
           WHERE id_medewerker = '" . $_SESSION['id_medewerker'] . "'";
        }
       else {
       	 // echo 'ja submit <br>' . $_SESSION['id'] . '<br>';
          $query = "UPDATE sll_medewerker SET vnaam = '$vnaam', anaam = '$anaam',geslacht = '$geslacht',$functie = 'functie',$email = 'email', gebdatum = '$gebdatum',
          woonplaats = '$woonplaats',postcode = '$postcode',huisnummer = $huisnummer,telnummer = '$telnummer', profielinfo = '$profielinfo',  
          specialiteit = '$specialiteit',website='$website',hyves = '$hyves', facebook = '$facebook', linkedin = '$linkedin', twitter = '$twitter',
          tussenvoegsel = '$tussenvoegsel'
           WHERE id_medewerker = '" . $_SESSION['id_medewerker'] . "'";
       }
          //$q = "select id_project FROM sll_project_medewerker WHERE id_medewerker = '" . $_SESSION['id'] . "' ";
          //$data = mysql_query($q) or die("fout id");
          //$res = mysql_fetch_row($data);
         // $pid = $res[0];
         // echo "PID = " . $pid . $pnaam;
   
          //$query2 = "UPDATE sll_project SET naam = '$pnaam' WHERE id = '$pid'"; 
        //mysql_query($query) or die("sql update medewerker verkeerd");
		//mysql_query($query2) or die("sql update pid verkeerd");
        // Confirm success with the user
        echo '<p>Uw profiel is met succes geupdate. Wilt u het zien <a href="./viewprofile.php">Uw profiel zien</a>?</p>';

        mysql_close($dbc);
        exit();
      } 
      else {
     // echo "foute statements van niels";
     echo '<p class="error">You must enter all of the profile data (the picture is optional).</p>';
      }
      
      
      }
    }
   // End of check for form submission
  else {
    
    $query = "SELECT huisnummer,profielinfo,specialiteit,website, telnummer,hyves,facebook, linkedin, 
        tussenvoegsel,twitter,pnaam FROM sll_medewerker WHERE id_medewerker = '" . $_SESSION['id_medewerker'] . "'";
        
    $data = mysql_query($query) or die("handig!!!");
    //echo $data;
    $row = mysql_fetch_array($data);

    if ($row != NULL) {
      $vnaam = $row['vnaam'];
      $anaam = $row['anaam']; 
      $geslacht = $row['geslacht'];
      $functie = $row['functie'];    
      $email = $row['email'];
      $gebdatum = $row['geboortedatum'];
      $straat = $row['straat'];
      $woonplaats = $row['woonplaats'];
      $postcode = $row['postcode'];
      $huisnummer = $row['huisnummer'];
      $telnummer = $row['telnummer'];
      $profielinfo = $row['profielinfo'];
      $specialiteit = $row['specialiteit'];
      $website = $row['website'];      
      $hyves = $row['hyves'];
      $facebook = $row['facebook'];
      $linkedin = $row['linkedin'];
      $twitter = $row['twitter'];
      $pnaam = $row['pnaam'];  
      $tussenvoegsel = $row['tussenvoegsel'];    
      $old_picture = $row['picture'];
      
      //$stad = $row['stad'];
      //$oud_afbeelding = $row['afbeelding'];
      //echo $stad;
    }
    else {
     // echo '<p class="error">Oeps prbleem met uw profiel.</p>';
    }
  }

  mysql_close($dbc);
?>

en voor de sessie variables:

Code:

<?php
  session_start();

  // If the session vars aren't set, try to set them with a cookie
  if (!isset($_SESSION['id_medewerker'])) {
    if (isset($_COOKIE['id_medewerker']) && isset($_COOKIE['username'])) {
      $_SESSION['id_medewerker'] = $_COOKIE['id_medewerker'];
      $_SESSION['username'] = $_COOKIE['username'];
    }
  }
?>

maar als ik nu dus: print_r($_SESSION); neerzet, krijg ik dit te zien:

Array ( [user_id] => 15 [username] => niels [id] => )

Eerst inloggen voor toestemming.

Maar ik heb geen user_id. IK heb een id_medewerker. dat heb ik ook in mijn file staan.

Snap er niks van.

kenikavanbis · 10 aug 2010

als ik het goed voor heb is user_id medewerker_id geworden.

Vooraf eerst checken waar dat medewerker id vandaan komt
dus database cheken of deze gegeven terugvindbaar zijn

maar je zal ook je login moet geven op te zien of hij wordt het id wordt ingesteld maar verwijder dan vaste wachtwoorden indien die er al dan niet in zouden staan

klik altijd op php als je phpcode zet dat maakt het leesbaarder
bekijk ook volgende verandering al eens staat nog niet volledig naar mijn zin maar ik vermoed dat je wel zal zien wat in_array doet
validatie is een beetje slordig bij een assosatieve array zou je met een loop alle variabelen kunnen controleren of ze leeg zijn

PHP:

<?php
	$page_title = 'Edit Profile'; 
	require_once('connectvars.php');
	require_once('appvars.php');
	require_once('startsession.php'); 
	// Make sure the user is logged in before going any further.
	if (!isset($_SESSION['id_medewerker'])) {
			print_r($_SESSION);
			echo '<p class="login">Eerst <a href="./?page_id=676">inloggen </a> voor toestemming.</p>';
			exit();// dit is sluiten nadien word er niets meer uitgevoerd
	}  
  // Connect to the database
  $dbc = mysql_connect(DB_HOST,DB_USER,DB_PASSWORD);
  mysql_select_db(DB_NAME,$dbc);
  //get_header(); 
  if (isset($_POST['submit'])) {
    // Grab the profile data from the POST
    $vnaam = mysql_real_escape_string(trim($_POST['voornaam']));
    $anaam = mysql_real_escape_string(trim($_POST['achternaam'])); 
    $geslacht = mysql_real_escape_string(trim($_POST['geslacht'])); 
    $functie = mysql_real_escape_string(trim($_POST['functie']));  
    $email = mysql_real_escape_string(trim($_POST['email'])); 	
    $gebdatum = mysql_real_escape_string(trim($_POST['gebdatum']));
    $straat = mysql_real_escape_string(trim($_POST['straat']));  
    $woonplaats = mysql_real_escape_string(trim($_POST['woonplaats'])); 
    $postcode = mysql_real_escape_string(trim($_POST['postcode']));
    $huisnummer = mysql_real_escape_string(trim($_POST['huisnummer']));
    $telnummer = mysql_real_escape_string(trim($_POST['telnummer']));       
    $profielinfo = mysql_real_escape_string(trim($_POST['profielinfo']));
    $specialiteit = mysql_real_escape_string(trim($_POST['specialiteit']));
    $website = mysql_real_escape_string(trim($_POST['website']));   
    $hyves = mysql_real_escape_string(trim($_POST['hyves']));
    $facebook = mysql_real_escape_string(trim($_POST['facebook']));
    $linkedin = mysql_real_escape_string(trim($_POST['linkedin']));    
    $twitter = mysql_real_escape_string(trim($_POST['twitter']));
    //$naam = mysql_real_escape_string(trim($_POST['naam']));   
    $tussenvoegsel = mysql_real_escape_string(trim($_POST['tussenvoegsel']));
    $error = false;
    //print_r($_POST);
	//echo $_SESSION['id'] . " = id";
    //Uploaden van de afbeelding
    $mimes = array('image/gif', 'image/jpeg', 'image/pjpeg','image/png');
   // Validate and move the uploaded picture file, if necessary
    if (!empty($new_picture)) {
      if (in_array($new_picture_type,$mimes)&&($new_picture_size > 0)&&($new_picture_size <= MM_MAXFILESIZE) &&
        ($new_picture_width <= MM_MAXIMGWIDTH) && ($new_picture_height <= MM_MAXIMGHEIGHT)) {
        if ($_FILES['file']['error'] == 0) {
          // Move the file to the target upload folder
          $target = MM_UPLOADPATH . basename($new_picture);
          if (move_uploaded_file($_FILES['new_picture']['tmp_name'], $target)) {
            // The new picture file move was successful, now make sure any old picture is deleted
            if (!empty($old_picture) && ($old_picture != $new_picture)) {
              @unlink(MM_UPLOADPATH . $old_picture);
            }
          }else{
            // The new picture file move failed, so delete the temporary file and set the error flag
            @unlink($_FILES['new_picture']['tmp_name']);
            $error = true;
            echo '<p class="error">Sorry, there was a problem uploading your picture.</p>';
          }
        }
      }else {
        // The new picture file is not valid, so delete the temporary file and set the error flag
        @unlink($_FILES['new_picture']['tmp_name']);
        $error = true;
        echo '<p class="error">Your picture must be a GIF, JPEG, or PNG image file no greater than '.(MM_MAXFILESIZE / 1).' KB and '.MM_MAXIMGWIDTH.'x'.MM_MAXIMGHEIGHT.' pixels in size.</p>';
      }
    }    
    //End van uploaden van de afbeelding      
   //$gebdat = $_POST['jaar'] .'-'. $_POST['maand'] .'-'. $_POST['dag'];
	//echo '<br><br>' . $vnaam . $anaam . $geslacht . $gebdat . $stad;
    // Update the profile data in the database
    if (!$error) {
      if (!empty($vnaam) && !empty($anaam) && !empty($geslacht) &&!empty($functie) && !empty($email) && !empty($gebdatum) && !empty($straat)&&!empty($woonplaats)&& !empty($postcode) && !empty($huisnummer) && !empty($telnummer) && !empty($profielinfo)&& !empty($specialiteit)&& !empty($website)&& !empty($hyves) && !empty($facebook) && !empty($linkedin) && !empty($twitter) && !empty($tussenvoegsel)) {
      		if (!empty($new_picture)) {
          $query = "UPDATE sll_medewerker SET vnaam = '$vnaam', anaam = '$anaam',geslacht = '$geslacht',$functie = 'functie',$email = 'email', gebdatum = '$gebdatum',woonplaats = '$woonplaats',postcode = '$postcode',huisnummer = $huisnummer,telnummer = '$telnummer', profielinfo = '$profielinfo', specialiteit = '$specialiteit',website='$website',hyves = '$hyves', facebook = '$facebook', linkedin = '$linkedin', twitter = '$twitter',tussenvoegsel = '$tussenvoegsel'WHERE id_medewerker = '" . $_SESSION['id_medewerker'] . "'";
        }else{
       	 // echo 'ja submit <br>' . $_SESSION['id'] . '<br>';
          $query = "UPDATE sll_medewerker SET vnaam = '$vnaam', anaam = '$anaam',geslacht = '$geslacht',$functie = 'functie',$email = 'email', gebdatum = '$gebdatum', woonplaats = '$woonplaats',postcode = '$postcode',huisnummer = $huisnummer,telnummer = '$telnummer', profielinfo = '$profielinfo', specialiteit = '$specialiteit',website='$website',hyves = '$hyves', facebook = '$facebook', linkedin = '$linkedin', twitter = '$twitter', tussenvoegsel = '$tussenvoegsel' WHERE id_medewerker = '" . $_SESSION['id_medewerker'] . "'";
       }
          //$q = "select id_project FROM sll_project_medewerker WHERE id_medewerker = '" . $_SESSION['id'] . "' ";
          //$data = mysql_query($q) or die("fout id");
          //$res = mysql_fetch_row($data);
         // $pid = $res[0];
         // echo "PID = " . $pid . $pnaam;
          //$query2 = "UPDATE sll_project SET naam = '$pnaam' WHERE id = '$pid'"; 
        //mysql_query($query) or die("sql update medewerker verkeerd");
		//mysql_query($query2) or die("sql update pid verkeerd");
        // Confirm success with the user
        echo '<p>Uw profiel is met succes geupdate. Wilt u het zien <a href="./viewprofile.php">Uw profiel zien</a>?</p>';
        mysql_close($dbc);
        exit();
      }else {
	     // echo "foute statements van niels";
	     echo '<p class="error">You must enter all of the profile data (the picture is optional).</p>';
      }
      }
      // End of check for form submission
    }else {
    $query = "SELECT huisnummer,profielinfo,specialiteit,website, telnummer,hyves,facebook, linkedin, 
        tussenvoegsel,twitter,pnaam FROM sll_medewerker WHERE id_medewerker = '" . $_SESSION['id_medewerker'] . "'";   
    $data = mysql_query($query) or die("handig!!!");
    //echo $data;
    $row = mysql_fetch_array($data);
    if ($row != NULL) {
      $vnaam = $row['vnaam'];
      $anaam = $row['anaam']; 
      $geslacht = $row['geslacht'];
      $functie = $row['functie'];    
      $email = $row['email'];
      $gebdatum = $row['geboortedatum'];
      $straat = $row['straat'];
      $woonplaats = $row['woonplaats'];
      $postcode = $row['postcode'];
      $huisnummer = $row['huisnummer'];
      $telnummer = $row['telnummer'];
      $profielinfo = $row['profielinfo'];
      $specialiteit = $row['specialiteit'];
      $website = $row['website'];      
      $hyves = $row['hyves'];
      $facebook = $row['facebook'];
      $linkedin = $row['linkedin'];
      $twitter = $row['twitter'];
      $pnaam = $row['pnaam'];  
      $tussenvoegsel = $row['tussenvoegsel'];    
      $old_picture = $row['picture'];
      //$stad = $row['stad'];
      //$oud_afbeelding = $row['afbeelding'];
      //echo $stad;
    }else {
     // echo '<p class="error">Oeps prbleem met uw profiel.</p>';
    }
  }
  mysql_close($dbc);
?>

kenikavanbis · 10 aug 2010

het setten van de sessie met een cookie doe je beter niet
je zoekt achter de naam en dan vergelijk je het wachtwoord en dan wordt toegelaten of niet
een cookie dat ingesteld is kan gemanipuleert worden dus je hebt geen veiligheid meer dan ook veel online spyware kunnen dat je wachtwoord lezen of userid.

savant11 · 11 aug 2010

hoi,

oke, ik krijg nu dit te zien:

Array ( [id_medewerker] => [username] => h ) ?

id_medewerker = leeg. in de database zie ik toch echt staan id_medewerker = 13
LOGIN:

PHP:

<?php
  

require_once('startsession.php');
require_once('connectvars.php');

  // Start the session
  

  // Clear the error message
  $error_msg = "";

  // If the user isn't logged in, try to log  in
  if (!isset($_SESSION['id_medewerker'])) {
    if (isset($_POST['submit'])) {
      
      $dbc = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
       mysql_select_db(DB_NAME,$dbc);

      // Grab the user-entered log-in data
      $username = mysql_real_escape_string(trim($_POST['username']));
      $wachtwoord = mysql_real_escape_string(trim($_POST['wachtwoord']));

      if (!empty($username) && !empty($wachtwoord)) {
        // Look up the username and password in the database
        $query = "SELECT  username FROM sll_medewerker WHERE username = ('$username') AND wachtwoord = MD5('$wachtwoord')";
        $data = mysql_query($query);

        if (mysql_num_rows($data) == 1) {
          // The log-in is OK so set the user id_medewerker and username session and redirect to the home page
          $row = mysql_fetch_array($data);
          $_SESSION['id_medewerker'] = $row['id_medewerker'];
          $_SESSION['username'] = $row['username'];
          //setcookie('id_medewerker', $row['id_medewerker'], time() + (60 * 60 * 24 * 30));    // 
          //setcookie('username', $row['username'], time() + (60 * 60 * 24 * 30));  // 
          $home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/editForm.php';
          header('Location: ' . $home_url);
        }
        else {
          // De gebruikersnaam of paswoord is niet correct
          $error_msg = 'U moet een geldige username en/of wachtwoord invullen.';
        }
      }
      else {
        // U heeft geen wachtwoord en/of gebruikersnaam ingetikt 
        $error_msg = 'U moet wel een wachtwoord en/of gebruikersnaam invullen.';
      }
    }
  }

  // Insert the page header
  $page_title = 'Log In';
  //require_once('header.php');

  // If the session var is empty, show any error message and the log-in form; otherwise confirm the log-in
  if (empty($_SESSION['id_medewerker'])) {
    echo '<p class="error">' . $error_msg . '</p>';
?>

  

<?php
  }
  else {
    // Confirm the successful log-in
    echo('<p class="login">You are logged in as ' . $_SESSION['username'] . '.</p>');
     $home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . 'editForm.php';
          header('Location: ' . $home_url);
  }
?>

<?php
  // Insert the page footer
  //require_once('footer.php');
?>

EDITPROFILE

PHP:

<?php
  
  $page_title = 'Edit Profile'; 

 
  require_once('connectvars.php');
  require_once('appvars.php');
  require_once('startsession.php'); 

  // Make sure the user is logged in before going any further.
  
  if (!isset($_SESSION['id_medewerker'])) {
  	
  	print_r($_SESSION);
    echo '<p class="login">Eerst <a href="./?page_id=676">inloggen </a> voor toestemming.</p>';
    exit();
   
   //echo 'hallo';
  }  
  
  
  

  // Connect to the database
  $dbc = mysql_connect(DB_HOST,DB_USER,DB_PASSWORD);
  mysql_select_db(DB_NAME,$dbc);

  //get_header(); 
  
  if (isset($_POST['submit'])) {
    // Grab the profile data from the POST
    $vnaam = mysql_real_escape_string(trim($_POST['voornaam']));
    $anaam = mysql_real_escape_string(trim($_POST['achternaam'])); 
    $geslacht = mysql_real_escape_string(trim($_POST['geslacht'])); 
    $functie = mysql_real_escape_string(trim($_POST['functie']));  
    $email = mysql_real_escape_string(trim($_POST['email'])); 	
    $gebdatum = mysql_real_escape_string(trim($_POST['gebdatum']));
    $straat = mysql_real_escape_string(trim($_POST['straat']));  
    $woonplaats = mysql_real_escape_string(trim($_POST['woonplaats'])); 
    $postcode = mysql_real_escape_string(trim($_POST['postcode']));
    $huisnummer = mysql_real_escape_string(trim($_POST['huisnummer']));
    $telnummer = mysql_real_escape_string(trim($_POST['telnummer']));       
    $profielinfo = mysql_real_escape_string(trim($_POST['profielinfo']));
    $specialiteit = mysql_real_escape_string(trim($_POST['specialiteit']));
    $website = mysql_real_escape_string(trim($_POST['website']));   
    $hyves = mysql_real_escape_string(trim($_POST['hyves']));
    $facebook = mysql_real_escape_string(trim($_POST['facebook']));
    $linkedin = mysql_real_escape_string(trim($_POST['linkedin']));    
    $twitter = mysql_real_escape_string(trim($_POST['twitter']));
    //$naam = mysql_real_escape_string(trim($_POST['naam']));   
    $tussenvoegsel = mysql_real_escape_string(trim($_POST['tussenvoegsel']));
    $error = false;
    //print_r($_POST);
	//echo $_SESSION['id'] . " = id";
	
    //Uploaden van de afbeelding
    
   // Validate and move the uploaded picture file, if necessary
    if (!empty($new_picture)) {
      if ((($new_picture_type == 'image/gif') || ($new_picture_type == 'image/jpeg') || ($new_picture_type == 'image/pjpeg') ||
        ($new_picture_type == 'image/png')) && ($new_picture_size > 0) && ($new_picture_size <= MM_MAXFILESIZE) &&
        ($new_picture_width <= MM_MAXIMGWIDTH) && ($new_picture_height <= MM_MAXIMGHEIGHT)) {
        if ($_FILES['file']['error'] == 0) {
          // Move the file to the target upload folder
          $target = MM_UPLOADPATH . basename($new_picture);
          if (move_uploaded_file($_FILES['new_picture']['tmp_name'], $target)) {
            // The new picture file move was successful, now make sure any old picture is deleted
            if (!empty($old_picture) && ($old_picture != $new_picture)) {
              @unlink(MM_UPLOADPATH . $old_picture);
            }
          }
          else {
            // The new picture file move failed, so delete the temporary file and set the error flag
            @unlink($_FILES['new_picture']['tmp_name']);
            $error = true;
            echo '<p class="error">Sorry, there was a problem uploading your picture.</p>';
          }
        }
      }
      else {
        // The new picture file is not valid, so delete the temporary file and set the error flag
        @unlink($_FILES['new_picture']['tmp_name']);
        $error = true;
        echo '<p class="error">Your picture must be a GIF, JPEG, or PNG image file no greater than ' . (MM_MAXFILESIZE / 1) .
          ' KB and ' . MM_MAXIMGWIDTH . 'x' . MM_MAXIMGHEIGHT . ' pixels in size.</p>';
      }
    }    
    //End van uploaden van de afbeelding   
    
    
    
   //$gebdat = $_POST['jaar'] .'-'. $_POST['maand'] .'-'. $_POST['dag'];
	//echo '<br><br>' . $vnaam . $anaam . $geslacht . $gebdat . $stad;
    // Update the profile data in the database
    if (!$error) {
    	
      if (!empty($vnaam) && !empty($anaam) && !empty($geslacht) &&!empty($functie) && !empty($email) && !empty($gebdatum) && !empty($straat)&&!empty($woonplaats)
      		&& !empty($postcode) && !empty($huisnummer) && !empty($telnummer) && !empty($profielinfo)&& !empty($specialiteit)&& !empty($website)
      		&& !empty($hyves) && !empty($facebook) && !empty($linkedin) && !empty($twitter) && !empty($tussenvoegsel)) {
      		if (!empty($new_picture)) {
          $query = "UPDATE sll_medewerker SET vnaam = '$vnaam', anaam = '$anaam',geslacht = '$geslacht',$functie = 'functie',$email = 'email', gebdatum = '$gebdatum',
          woonplaats = '$woonplaats',postcode = '$postcode',huisnummer = $huisnummer,telnummer = '$telnummer', profielinfo = '$profielinfo',  
          specialiteit = '$specialiteit',website='$website',hyves = '$hyves', facebook = '$facebook', linkedin = '$linkedin', twitter = '$twitter',
          tussenvoegsel = '$tussenvoegsel'
           WHERE id_medewerker = '" . $_SESSION['id_medewerker'] . "'";
        }
       else {
       	 // echo 'ja submit <br>' . $_SESSION['id'] . '<br>';
          $query = "UPDATE sll_medewerker SET vnaam = '$vnaam', anaam = '$anaam',geslacht = '$geslacht',$functie = 'functie',$email = 'email', gebdatum = '$gebdatum',
          woonplaats = '$woonplaats',postcode = '$postcode',huisnummer = $huisnummer,telnummer = '$telnummer', profielinfo = '$profielinfo',  
          specialiteit = '$specialiteit',website='$website',hyves = '$hyves', facebook = '$facebook', linkedin = '$linkedin', twitter = '$twitter',
          tussenvoegsel = '$tussenvoegsel'
           WHERE id_medewerker = '" . $_SESSION['id_medewerker'] . "'";
       }
          //$q = "select id_project FROM sll_project_medewerker WHERE id_medewerker = '" . $_SESSION['id'] . "' ";
          //$data = mysql_query($q) or die("fout id");
          //$res = mysql_fetch_row($data);
         // $pid = $res[0];
         // echo "PID = " . $pid . $pnaam;
   
          //$query2 = "UPDATE sll_project SET naam = '$pnaam' WHERE id = '$pid'"; 
        //mysql_query($query) or die("sql update medewerker verkeerd");
		//mysql_query($query2) or die("sql update pid verkeerd");
        // Confirm success with the user
        echo '<p>Uw profiel is met succes geupdate. Wilt u het zien <a href="./viewprofile.php">Uw profiel zien</a>?</p>';

        mysql_close($dbc);
        exit();
      } 
      else {
     // echo "foute statements van niels";
     echo '<p class="error">You must enter all of the profile data (the picture is optional).</p>';
      }
      
      
      }
    }
   // End of check for form submission
  else {
    
    $query = "SELECT huisnummer,profielinfo,specialiteit,website, telnummer,hyves,facebook, linkedin, 
        tussenvoegsel,twitter,pnaam FROM sll_medewerker WHERE id_medewerker = '" . $_SESSION['id_medewerker'] . "'";
        
    $data = mysql_query($query) or die("handig!!!");
    //echo $data;
    $row = mysql_fetch_array($data);

    if ($row != NULL) {
      $vnaam = $row['vnaam'];
      $anaam = $row['anaam']; 
      $geslacht = $row['geslacht'];
      $functie = $row['functie'];    
      $email = $row['email'];
      $gebdatum = $row['geboortedatum'];
      $straat = $row['straat'];
      $woonplaats = $row['woonplaats'];
      $postcode = $row['postcode'];
      $huisnummer = $row['huisnummer'];
      $telnummer = $row['telnummer'];
      $profielinfo = $row['profielinfo'];
      $specialiteit = $row['specialiteit'];
      $website = $row['website'];      
      $hyves = $row['hyves'];
      $facebook = $row['facebook'];
      $linkedin = $row['linkedin'];
      $twitter = $row['twitter'];
      $pnaam = $row['pnaam'];  
      $tussenvoegsel = $row['tussenvoegsel'];    
      $old_picture = $row['picture'];
      
      //$stad = $row['stad'];
      //$oud_afbeelding = $row['afbeelding'];
      //echo $stad;
    }
    else {
     // echo '<p class="error">Oeps prbleem met uw profiel.</p>';
    }
  }

  mysql_close($dbc);
?>

Supersnail · 11 aug 2010

savant11 zei:

Je vraagt alleen de "username" op in deze query. Daarom is $row['id_medewerker'] leeg.

savant11 · 11 aug 2010

HOi,

THX!!

Echt stom van me

profiel functie is broken

savant11

Gebruiker

kenikavanbis

Terugkerende gebruiker

savant11

Gebruiker

kenikavanbis

Terugkerende gebruiker

kenikavanbis

Terugkerende gebruiker

savant11

Gebruiker

Supersnail

Terugkerende gebruiker

savant11

Gebruiker

Nieuwste berichten

Wij waarderen jouw privacy