-2

I'm working on a login system where users have to fill in their profile info after registration and logging in. During the registration part i get their details in a table named users with primary key user_id here is a screen shot of the table

users

Next after the user logs in I create a different table name students where the users fills up a form about his profile, but for this table I'm trying to get the same user_id as the primary key as it was for the table users

students

So what I do is I get the user_id from the first table (users) in a variable $ident = $user->user_id; and then try to insert the value of this variable in the "students" table user_id with the code

$sql = "INSERT INTO students (user_id,full_name, gender, dob, present_add, contact_add, interest, qualification, course_date, board_name, marks, phone)
VALUES ('".$_POST[$ident]."', '".$_POST["full_name"]."', '".$_POST["gender"]."', '".$_POST["dob"]."', '".$_POST["present_add"]."', '".$_POST["contact_add"]."', '".$_POST["interest"]."', '".$_POST["qualification"]."' ,'".$_POST["course_date"]."','".$_POST["board_name"]."', '".$_POST["marks"]."', '".$_POST["phone"]."')";

but I'm getting a error while doing so ("undefined offset: 1) please help here is the complete code

<?php
/**
 * Tutorial: PHP Login Registration system
 *
 * Page : Profile
 */

// Start Session
session_start();

// check user login
if(empty($_SESSION['user_id']))
{
    header("Location: index.php");
}

// Database connection
require __DIR__ . '/database.php';
$db = DB();

// Application library ( with DemoLib class )
require __DIR__ . '/lib/library.php';
$app = new DemoLib();


$user = $app->UserDetails($_SESSION['user_id']); // get user details
$ident = $user->user_id;






if(isset($_POST["submit"])){
$hostname='localhost';
$username='root';
$password='';

try {
$dbh = new PDO("mysql:host=$hostname;dbname=college",$username,$password);

$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); // <== add this line
$sql = "INSERT INTO students (user_id,full_name, gender, dob, present_add, contact_add, interest, qualification, course_date, board_name, marks, phone)
VALUES ('".$_POST[$ident]."', '".$_POST["full_name"]."', '".$_POST["gender"]."', '".$_POST["dob"]."', '".$_POST["present_add"]."', '".$_POST["contact_add"]."', '".$_POST["interest"]."', '".$_POST["qualification"]."' ,'".$_POST["course_date"]."','".$_POST["board_name"]."', '".$_POST["marks"]."', '".$_POST["phone"]."')";
if ($dbh->query($sql)) {
echo "<script type= 'text/javascript'>alert('New Record Inserted Successfully');</script>";
}
else{
echo "<script type= 'text/javascript'>alert('Data not successfully Inserted.');</script>";
}

$dbh = null;
}
catch(PDOException $e)
{
echo $e->getMessage();
}

}
?>
<!doctype html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Profile</title>
    <!-- Latest compiled and minified CSS -->
    <link rel="stylesheet" href="css/bootstrap.min.css">
</head>
<body>
    <div class="container">
        <div class="well">
            <h2>
                Profile
            </h2>
            <h3>Hello <?php echo $ident ?>,</h3>
            <p>
                Lorem ipsum dolor sit amet, consectetur adipisicing elit. Consectetur deserunt dolore fuga labore magni maxime, quaerat reiciendis tenetur? Accusantium blanditiis doloribus earum error inventore laudantium nesciunt quis reprehenderit ullam vel?
            </p>
            <a href="logout.php" class="btn btn-primary">Logout</a>
        </div>





<form action="" method="post">
<label>Full Name :</label>
<input type="text" name="full_name" id="full_name" required="required" placeholder="First Middle Last"/><br /><br />
<label>Gender</label>  
  <input type="radio" name="gender" id="gender" value="male" checked> Male<br>
  <input type="radio" name="gender" id="gender" value="female"> Female<br>
  <input type="radio" name="gender" id="gender" value="other"> Other<br /><br />
<label>Date Of Birth :</label>
<input type="date" name="dob" id="dob" required="required" placeholder="yyyy-mm-dd"/><br /><br />
<label>Present Address :</label>
<input type="text" name="present_add" id="present_add" required="required" placeholder="Enter Your Present Address"/><br /><br />
<label>Contact Address :</label>
<input type="text" name="contact_add" id="contact_add" required="required" placeholder="Enter Your Contact Address"/><br /><br />
<label>Programme you Wish to Apply for :</label>
  <select name="interest" id="interest">
    <option value="B.tech">B.tech</option>
    <option value="MBBS">MBBS</option>
    <option value="B.Arch">B.Arch</option>
    <option value="B.Pharm">B.Pharm</option>
    <option value="B.A">B.A</option>
    <option value="B.Sc">B.Sc</option>
    <option value="M.Pharm">M.Pharm</option>
    <option value="M.tech">M.tech</option>
    <option value="M.A">M.A</option>
    <option value="MBA">MBA</option>
    <option value="M.Sc">M.Sc</option>
  </select><br /><br />
<label>Name of Secondary School/High School/College/University :</label>
<input type="text" name="qualification" id="qualification" required="required" placeholder="Please Enter The Relevant Exam Name You Recently Appeared For"/><br /><br />
<label>Dates Attended From and To :</label>
<input type="text" name="course_date" id="course_date" required="required" placeholder="yyyy-mm-dd to yyyy-mm-dd"/><br /><br />
<label>Board Name :</label>
<input type="text" name="board_name" id="board_name" required="required" placeholder="Name of Board"/><br /><br />
<label>Marks :</label>
<input type="text" name="marks" id="marks" required="required" placeholder="Grades Achieved"/><br/><br />
<label>phone :</label>
<input type="text" name="phone" id="phone" required="required" placeholder="Please Enter your Phone Number"/><br /><br />
<input type="submit" value=" Submit " name="submit"/><br />
</form>



</div>
<?php

?>      
</body>
</html>

how can I get the same id for students as it is for users

MD. Khairul Basar
  • 4,976
  • 14
  • 41
  • 59
Ankur Choudhury
  • 189
  • 2
  • 13
  • It's telling you that `$_POST[$ident]` does not exist. `var_dump` your `$_POST` array and have a look to see – Bananaapple Sep 05 '17 at 09:50
  • `$_POST[$ident]` - What is `$ident`? Likely `1`. Why do you think `$_POST[1]` would exist? – deceze Sep 05 '17 at 09:50
  • Your code is vulnerable to MySQL injection. Please use [prepared statements](http://php.net/manual/en/pdo.prepared-statements.php) – IsThisJavascript Sep 05 '17 at 09:51
  • Just change your `$_POST[$ident]` to `$ident` in your SQL statement. and I see you're using `PDO` but still your code is open to SWL injection try to convert the code in to using prepare statements. – S4NDM4N Sep 05 '17 at 09:54
  • If you can not fix simple stuff like this on your own, if you even fail to properly research such an issue that has been discussed countless times before already ... then maybe on that knowledge/skill level you should not be working on a login system in the first place, that is rather bound to end up in trouble. I’d strongly recommend that you go with an existing, established solution. – CBroe Sep 05 '17 at 09:55
  • i cannot fix simple things like dis :( neither can u answer to such a simple question :D :D :D – Ankur Choudhury Sep 07 '17 at 05:49

1 Answers1

0

Change $_POST[$ident] to $ident. User id is in $ident not in $_POST[$ident]. I hope this helps.

Vijay Rathore
  • 593
  • 8
  • 16
  • thanks a lot that helped, but if i try to reenter the values in database it gives me the error Integrity constraint violation: 1062 Duplicate entry '1' for key 'PRIMARY' is there any way to replace the old value with new – Ankur Choudhury Sep 05 '17 at 10:07
  • According to your current structure only 1 row per user_id is allowed in student table. If you want more then 1 row you will have to remove user_id as primary key. And if you want keep it this way and update the row when user comes the second time you can use insert on duplicate key update statement of mysql. You can check here for more details https://dev.mysql.com/doc/refman/5.7/en/insert-on-duplicate.html . I hope this helped. – Vijay Rathore Sep 05 '17 at 10:18
  • i m very new to php, i m working on this project because there is no one else to do the the backend for me, so please dont mind me asking....what and where do i have to insert to use on duplicate key. UPDATE t1 SET c=c+1 WHERE a=1; makes no sense to me...plz help – Ankur Choudhury Sep 06 '17 at 08:24
  • Append this in the end of your insert query => "ON DUPLICATE KEY UPDATE full_name = '$_POST["full_name"]', gender = '$_POST["gender"]' , dob = '$_POST["dob"]', present_add = '$_POST["present_add"]', contact_add = '$_POST["contact_add"]', interest = '$_POST["interest"]', qualification = '$_POST["qualification"]', course_date = '$_POST["course_date"]', board_name = '$_POST["board_name"]', marks = '$_POST["marks"]', phone = '$_POST["phone"]'" . – Vijay Rathore Sep 06 '17 at 10:46