0

I am making a simple user update page where the user can update the password and their email, but I want to do it with two separate forms, because if I use one, and sent one of the field empty, it will update it to empty in the database. (And I want the user to be able to update only email or only username).

Here is my code:

<html>
<body>

<?php

$con=mysqli_connect();
session_start();
if (!isset($_SESSION['ID'])){
    header('location:login.php');
}
//
?>

<?php

if(!isset($_POST['submit'])) {
    $con=mysqli_connect();
} else {
    if (mysqli_connect_errno()) {
        echo "Failed to connect to MySQL: " . mysqli_connect_error();
    }
}

?>

<?php

$email = mysqli_real_escape_string($con,$_POST['Email']);
$password = mysqli_real_escape_string ($con,$_POST['Password']);
$ID = $_SESSION['ID'];
$emailErr =  $passwordErr="";

function test_input($data)
{
     $data = trim($data);
     $data = stripslashes($data);
     $data = htmlspecialchars($data);
     return $data;
}

    if ($_SERVER["REQUEST_METHOD"] == "POST")

    {                           
        if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email))
        {
            $emailErr = "Please enter a valid Email Address";
        }

        else {

            $sql="UPDATE `customer`
            SET `Email`='$email'
            WHERE `ID`='$ID'";
            $result = mysqli_query($con,$sql);




echo "Update complete!";
//header("Location: userpage.html");



 if (!mysqli_query($con,$sql))
{
  die('Error: ' . mysqli_error($con));
}
}
}

?>

   <form action=<?php echo htmlspecialchars($_SERVER["PHP_SELF"])?>  method="post"><br />

Email:<br /> <input type="text" name="Email" value="<?php echo $email;?>">
<span class="error">* <?php echo $emailErr;?></span><br /><br />
<input type="submit">
</form> 

<?php



if ($_SERVER["REQUEST_METHOD"] == "POST")

    {                   





                        if (!preg_match("/^[a-zA-Z0-9@_]*$/",$password))

                            {
                            $passwordErr = "Please enter a valid password"; 
                            }




    else {





$sql="UPDATE `customer`
SET `Password`='$password'
WHERE `ID`='$ID'";
$result = mysqli_query($con,$sql);

echo "Update complete!";
//header("Location: userpage.html");



 if (!mysqli_query($con,$sql))
{
  die('Error: ' . mysqli_error($con));
}
}
}

mysqli_close($con);



?>


<form action=<?php echo htmlspecialchars($_SERVER["PHP_SELF"])?>  method="post"><br />
Password:<br /> <input type="password" name="Password">
<span class="error">* <?php echo $passwordErr;?></span><br /><br />
<input type="submit">
</form> 




</body>
</html>

With this code if I update the second form (which is the password) I will get an error for the first one, because it executes on submit. How can I make it so that I have two forms on the same page that update different rows in the table on clicking the submit button, without redirecting to a different page? Thank you

Improve this question

3 Answers 3

Reset to default
1

You could give each submit (or other input) a unique name, and check if it's set after POSTing

For example, give your submit button a name:

<input type="submit" name="turtle">

And in your PHP:

<?php
if(isset($_POST['turtle'])) {
    // Process the form associated with the "turtle" submit button.
} else {
    // Do the other form stuff.
}

?>
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

This seems to be the easiest way for me, as I don't wnat it to get too complicated. Thanks!!
@user3565574 nooooooo problem.
1

Why don't you combine into one form and check if the user has entered a password?

    <?php
    $con = mysqli_connect();
    session_start();
    if (!isset($_SESSION['ID'])){
        header('location:login.php');
    }

    if (mysqli_connect_errno()) {
      echo "Failed to connect to MySQL: " . mysqli_connect_error();
    }

    function test_input($data) {
         $data = trim($data);
         $data = stripslashes($data);
         $data = htmlspecialchars($data);
         return $data;
    }

    if (isset($_POST['submit'])):

        $email = mysqli_real_escape_string($_POST['Email']);
        $password = mysqli_real_escape_string($_POST['Password']);
        $ID = $_SESSION['ID'];

        // Validate Email
        if (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/",$email)) {
            $errors[] = "Please enter a valid Email Address";
        }

        // Check if the password field has been filled in
        if($password) {
            // If it has then do your regex...
            if (!preg_match("/^[a-zA-Z0-9@_]*$/",$password)) {
                $errors[] = "Please enter a valid password"; 
                $update_password = false;
            } else {
                $update_password = true;
            }       
        }   

        if(count($errors) == 0) {

            // Update Email
            $sql="UPDATE `customer`
            SET `Email`='$email'
            WHERE `ID`='$ID'";
            $result = mysqli_query($con,$sql);      

            // If the test above passed then update the password
            if($update_password) {
                $sql="UPDATE `customer`
                SET `Password`='$password'
                WHERE `ID`='$ID'";
                $result = mysqli_query($con,$sql);  
            }    

            echo 'Update Complete';
            //header("Location: userpage.html");

        }

    ?>
    <?php else: ?>
    <form action=<?php echo htmlspecialchars($_SERVER["PHP_SELF"])?>  method="post"><br />
        <?php if($errors): ?>
            <span class="error">* <?php echo explode(', ',$errors);?></span><br /><br />
        <?php endif; ?>
        Email:<br /> <input type="text" name="Email" value="<?php echo $email;?>">
        Password:<br /> <input type="password" name="Password">
        <input type="submit" name="submit">
</form>
    <?php endif; ?>

P.S I tidied up your code as it gave me a hernia.

Improve this answer

1 Comment

Also this code could be made more efficient but I don't have that much time to tidy it up to much ;)
-1

Use hidden inputs to seperate requests

OR

Use seperate files for your different forms as targets...

OR

Use jboneca's answer

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.