I am trying to allow a user to update their account information.
I have a myaccount page which has a form. The form is prepopulated with the current information in the database for their account. My Select statement works, gets their info and populates.
I then check if any values have changed on form submit button press. If the field has changed i create an update statement with the changed values.
I am getting no errors when i run it but it is not updating the database
here is my code
<?php
session_start();
require_once(__DIR__ . '/square-connect/autoload.php');
$passcheck;
$formerrormsg;
// Configure Square Authorization
$accesstoken = '***************';
SquareConnect\Configuration::getDefaultConfiguration()->setAccessToken($accesstoken);
$customer_api = new SquareConnect\Api\CustomersApi();
$body = new \SquareConnect\Model\UpdateCustomerRequest();
// redirect user to login page if they're not logged in
if (!isset($_SESSION['Customer']) || empty($_SESSION['Customer'])) {
header('location: login.php');
} else {
$id = $_SESSION['Customer']['id'];
$location = "sql300.epizy.com";
$user = "epiz_23758113";
$dbpass = "*************";
$database = "epiz_23758113_Customers";
$link = new mysqli($location, $user, $dbpass, $database);
// Check connection
if ($link->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "SELECT * FROM accounts WHERE Customerid = '$id'";
$customer_result = mysqli_query($link, $sql);
while($row = mysqli_fetch_row($customer_result)){
$first_name = $row[1];
$last_name = $row[2];
$email = $row[3];
$password = $row[4];
$phone = $row[5];
$address = $row[6];
$apt = $row[7];
$city = $row[8];
$province = $row[9];
$postalcode = $row[10];
$country = $row[11];
$verified = $row[12];
};
mysqli_free_result($customer_result);
//UPDATING ACCOUNT
if(isset($_POST['submit'])){
//check passwords match
if($_POST["contact_form_pass1"] != $_POST["contact_form_pass2"] || $_POST["contact_form_pass1"] = "......." || $_POST["contact_form_pass2"] = "......." ){
$passcheck = 1;
if (empty($formerrormsg)){
$formerrormsg = "Passwords Do Not MATCH or were not changed";
} else {
$formerrormsg = $formerrormsg . "<br/> Passwords Do Not MATCH or were not changed";
}
}else{
//CHECK DATABASE FOR ALREADY MATCHING EMAIL
if (!isset($passcheck)){
//check password meets critera
if(!preg_match('/^[a-z0-9_-]{6,18}$/', $_POST["contact_form_pass1"])){
$check = 1;
if (empty($formerrormsg)){
$formerrormsg = "Password must be 6-18 Characters and must only be letters, number, - or _";
} else {
$formerrormsg = $formerrormsg . "<br/> Password must be 6-18 Characters and must only be letters, number, - or _";
}
}
$first_name2 = $link->real_escape_string($_POST['contact_form_first-name']);
$last_name2 = $link->real_escape_string($_POST['contact_form_last-name']);
$phone2 = $link->real_escape_string($_POST['contact_form_phone']);
$email2 = $link->real_escape_string($_POST['contact_form_email']);
$passinput = $link->real_escape_string($_POST['contact_form_pass1']);
$passinputchk = password_verify($passinput, $password);
$address2 = $link->real_escape_string($_POST['contact_form_st-address']);;
$apt2 = $link->real_escape_string($_POST['contact_form_apt']);
$province2 = $link->real_escape_string($_POST['contact_form_province']);
$postalcode2 = $link->real_escape_string($_POST['contact_form_PostalCode']);
$city2 = $link->real_escape_string($_POST['contact_form_city']);
$addressarray= array();
$update_query;
$update_query1 = "UPDATE accounts SET ";
$update_query2;
$update_query3 = " WHERE 'CustomerId'=$id";
if ($first_name2 != $first_name){
$body->setGivenName($first_name2);
$update_query2 = $update_query2 . "'FirstName'=$first_name2";
}
if ($last_name2 != $last_name){
$body->setFamilyName($last_name2);
if(isset($update_query2)){
$update_query2 = $update_query2 . ",'LastName'=$last_name2";
} else {
$update_query2 = $update_query2 . "'LastName'=$last_name2";
}
}
if ($email2 != $email){
$body->setEmailAddress($email2);
$verified2 = 0;
if(isset($update_query2)){
$update_query2 = $update_query2 . ",'Email'=$email2";
} else {
$update_query2 = $update_query2 . "'Email'=$email2";
}
}
if (password_verify($passinput, $password)){
} else {
$password = password_hash($passinput, PASSWORD_DEFAULT);
if(isset($update_query2)){
$update_query2 = $update_query2 . ",'password'=$password";
} else {
$update_query2 = $update_query2 . "'password'=$password";
}
}
if ($phone2 != $phone){
$body->setPhoneNumber($phone);
if(isset($update_query2)){
$update_query2 = $update_query2 . ",'Phone'=$phone2";
} else {
$update_query2 = $update_query2 . "'Phone'=$phone2";
}
}
if ($address2 != $address){
if(isset($addressarray)){
array_push($addressarray, ",'address_line_1'=>$address2");
} else {
array_push($addressarray, "'address_line_1'=>$address2");
}
if(isset($update_query2)){
$update_query2 = $update_query2 . ",'Address'=$address2";
} else {
$update_query2 = $update_query2 . "'Address'=$address2";
}
}
if ($apt2 != $apt){
if(isset($addressarray)){
array_push($addressarray, ",'address_line_2'=>$apt2");
} else {
array_push($addressarray, "'address_line_2'=>$apt2");
}
if(isset($update_query2)){
$update_query2 = $update_query2 . ",'apt'=$apt2";
} else {
$update_query2 = $update_query2 . "'apt'=$apt2";
}
}
if ($city2 != $city){
if(isset($addressarray)){
array_push($addressarray, ",'locality'=>$city2");
} else {
array_push($addressarray, "'locality'=>$city2");
}
if(isset($update_query2)){
$update_query2 = $update_query2 . ",'City'=$city2";
} else {
$update_query2 = $update_query2 . "'City'=$city2";
}
}
if ($province2 != $province){
if(isset($addressarray)){
array_push($addressarray, ",'administrative_district_level_1'=>$province2");
} else {
array_push($addressarray, "'administrative_district_level_1'=>$province2");
}
if(isset($update_query2)){
$update_query2 = $update_query2 . ",'Province'=$province2";
} else {
$update_query2 = $update_query2 . "'Province'=$province2";
}
}
if ($postalcode2 != $postalcode){
if(isset($addressarray)){
array_push($addressarray, "',postal_code'=>$postalcode2");
} else {
array_push($addressarray, "'postal_code'=>$postalcode2");
}
if(isset($update_query2)){
$update_query2 = $update_query2 . ",'PostalCode'=$postalcode2";
} else {
$update_query2 = $update_query2 . "'PostalCode'=$postalcode2";
}
}
if (isset($verified2)){
if(isset($update_query2)){
$update_query2 = $update_query2 . ",'verified'=$verified2";
} else {
$update_query2 = $update_query2 . "'verified'=$verified2";
}
}
if(isset($addressarray)){
$body->setAddress($addressarray);
}
if(isset($update_query2)){
$update_query = "$update_query1" . "$update_query2" . "$update_query3";
echo "<script type='text/javascript'>alert('$update_query');</script>";
try {
//DOES NOT EXIST IN DB SO INSERT IT
$customer_insert = mysqli_query($link, $update_query) or die(mysqli_error($link));
$link->close();
//Update SQUARE
$customerresult = $customer_api->UpdateCustomerRequest($id,$body);
if(isset($first_name2)){
$first_name=$first_name2;
}
if(isset($last_name2)){
$last_name=$last_name2;
}
$customersession = array
(
'id'=>$id,
'firstname'=>$first_name,
'lastname'=>$last_name,
'pass'=>$password
);
$_SESSION["Customer"] = $customersession;
mysqli_free_result($customer_insert);
//header('Location: myaccount.php');
} catch (Exception $e) {
echo 'Exception when calling CustomersApi->updateCustomer: ', $e->getMessage(), PHP_EOL;
}
} else {
echo '<script type="text/javascript">alert("No Changes Made");</script>';
}
}
}
}
$link->close();
?>
I am trying to take only changed inputs, then put them in a variable. I use 3 variables first is the first part of the UPDATE statement, second is for the values i want to update and 3rd is for the WHERE clause, i then concatenate together to form 1. i pass that to a mysqli_query.
Ideally i want this to update my database with the changed values.
My request, While posting the codes on other sites please avoid putting your configuration details.