2

I use User Cake for user management system but I am struggling with one problem, I have had asked this question in their website but I couldn't find anyone to help me out.

What I need is simply making the users be able to update their information. ex. first name, phone, email....The email field updates correctly as it came with that functionality.

The fields that I added aren't being updated. Can someone give me some hints on what I am missing?

Here is what I tried looking at the email field. I have First Name field.

Funcs.php

   //Update a user's email
  function updateEmail($id, $email)
  {
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."users
    SET 
    email = ?
    WHERE
    id = ?");
$stmt->bind_param("si", $email, $id);
$result = $stmt->execute();
$stmt->close(); 
return $result;
    }


   //Update a user's first name. This is what isn't working. 
   function updateFirstname($id, $firstname)
   {
global $mysqli,$db_table_prefix;
$stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."users
    SET 
    firstname = ?
    WHERE
    id = ?");
$stmt->bind_param("si", $firstname, $id);
$result = $stmt->execute();
$stmt->close(); 
return $result;
    }

Here is class.user.php

 class loggedInUser {
public $email = NULL;
public $hash_pw = NULL;
public $user_id = NULL;
public $firstname = NULL;


   //Update a users email
public function updateEmail($email)
{
    global $mysqli,$db_table_prefix;
    $this->email = $email;
    $stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."users
        SET 
        email = ?
        WHERE
        id = ?");
    $stmt->bind_param("si", $email, $this->user_id);
    $stmt->execute();
    $stmt->close(); 
}

//Update a users first name
public function updateFirstname($firstname)
{
    global $mysqli,$db_table_prefix;
    $this->firstname = $firstname;
    $stmt = $mysqli->prepare("UPDATE ".$db_table_prefix."users
        SET 
        firstname = ?
        WHERE
        id = ?");
    $stmt->bind_param("si", $firstname, $this->user_id);
    $stmt->execute();
    $stmt->close(); 
}
    }

user_settings.php where I can change the fields and hit the update button. If I change the email and hit update, the email is updated but when I change firstname and hit update I get

nothing to update

    //Prevent the user visiting the logged in page if he is not logged in
    if(!isUserLoggedIn()) { header("Location: login.php"); die(); }

   if(!empty($_POST))
    {
$errors = array();
$successes = array();
$password = $_POST["password"];
$password_new = $_POST["passwordc"];
$password_confirm = $_POST["passwordcheck"];

$errors = array();
$email = $_POST["email"];
$firstname = $_POST["firstname"];


//Perform some validation
//Feel free to edit / change as required

//Confirm the hashes match before updating a users password
$entered_pass = generateHash($password,$loggedInUser->hash_pw);

if (trim($password) == ""){
    $errors[] = lang("ACCOUNT_SPECIFY_PASSWORD");
}
else if($entered_pass != $loggedInUser->hash_pw)
{
    //No match
    $errors[] = lang("ACCOUNT_PASSWORD_INVALID");
}   
if($email != $loggedInUser->email)
{
    if(trim($email) == "")
    {
        $errors[] = lang("ACCOUNT_SPECIFY_EMAIL");
    }
    else if(!isValidEmail($email))
    {
        $errors[] = lang("ACCOUNT_INVALID_EMAIL");
    }
    else if(emailExists($email))
    {
        $errors[] = lang("ACCOUNT_EMAIL_IN_USE", array($email));    
    }

    //End data validation
    if(count($errors) == 0)
    {
        $loggedInUser->updateEmail($email);
        $loggedInUser->updateFirstname($firstname);
        $successes[] = lang("ACCOUNT_EMAIL_UPDATED");
    }
}

if ($password_new != "" OR $password_confirm != "")
{
    if(trim($password_new) == "")
    {
        $errors[] = lang("ACCOUNT_SPECIFY_NEW_PASSWORD");
    }
    else if(trim($password_confirm) == "")
    {
        $errors[] = lang("ACCOUNT_SPECIFY_CONFIRM_PASSWORD");
    }
    else if(minMaxRange(8,50,$password_new))
    {   
        $errors[] = lang("ACCOUNT_NEW_PASSWORD_LENGTH",array(8,50));
    }
    else if($password_new != $password_confirm)
    {
        $errors[] = lang("ACCOUNT_PASS_MISMATCH");
    }

    //End data validation
    if(count($errors) == 0)
    {
        //Also prevent updating if someone attempts to update with the same password
        $entered_pass_new = generateHash($password_new,$loggedInUser->hash_pw);

        if($entered_pass_new == $loggedInUser->hash_pw)
        {
            //Don't update, this fool is trying to update with the same password ¬¬
            $errors[] = lang("ACCOUNT_PASSWORD_NOTHING_TO_UPDATE");
        }
        else
        {
            //This function will create the new hash and update the hash_pw property.
            $loggedInUser->updatePassword($password_new);
            $successes[] = lang("ACCOUNT_PASSWORD_UPDATED");
        }
    }
}
if(count($errors) == 0 AND count($successes) == 0){
    $errors[] = lang("NOTHING_TO_UPDATE");
}
    }
amdvb
  • 209
  • 1
  • 6
  • 15

1 Answers1

0
if($email != $loggedInUser->email)
{
    if(trim($email) == "")
    {
        $errors[] = lang("ACCOUNT_SPECIFY_EMAIL");
    }
    else if(!isValidEmail($email))
    {
        $errors[] = lang("ACCOUNT_INVALID_EMAIL");
    }
    else if(emailExists($email))
    {
        $errors[] = lang("ACCOUNT_EMAIL_IN_USE", array($email));    
    }

    //End data validation
    if(count($errors) == 0)
    {
        $loggedInUser->updateEmail($email);
        $successes[] = lang("ACCOUNT_EMAIL_UPDATED");
    }
}

Clone this function as 

if($firstname != $loggedInUser->firstname) blah blah

Remove this line from the function above move it in the new function:

loggedInUser->updateFirstname($firstname);

Just clone the function,just as you have done above.Change the error messages and add function to validate the name,it will be somewhat different,it will require more work.

Mihai
  • 26,325
  • 7
  • 66
  • 81