0

PHP it's throwing at me

Notice: Undefined index: username in D:\xampp\htdocs\0100348514\pages\account.php on line 16

Warning: mysql_query() expects parameter 1 to be string, resource given in D:\xampp\htdocs\pages\account.php on line 19

But in my database I have it exactly the same 'username' but it's still throwing it at me any ideas?

Code on that page

<?php 
 $page = "My Account"; 
 session_start();
 include '../includes/config.php';
?>  
        <div id="searchbar">
                    <form action="search.php" method="get">
                    <input type="text" name="search" />
                    <input type="submit" name="submit" class="btn btn-primary" value="Search" />
                    </form>
                </div>
        </div>      


<?php 
 $username = $_SESSION['username']; 

 $sql = "SELECT * FROM login WHERE username = '$username'"; 
 $result = mysql_query($con, $sql) or die(mysql_error($con)); //run the query 
 $row = mysql_fetch_array($result); 
?> 


<div id="wrapper">

<section id="content" class="shadow">

                        <div id="titlebar">
                        <?php
                        echo $page = '<h1> My ACCOUNT </h1>';
                        ?>
                        </div>
                        <br />


 <?php 
 //user messages 
 if(isset($_SESSION['error'])) //if session error is set 
 { 
 echo '<div class="error">'; 
 echo '<p class="center">' . $_SESSION['error'] . '</p>'; //display error message 
 echo '</div><br />'; 
 unset($_SESSION['error']); //unset session error 
 } 
 elseif(isset($_SESSION['success'])) //if session success is set 
 { 
 echo '<div class="success">'; 
 echo '<p class="center">' . $_SESSION['success'] . '</p>'; //display success message 
 echo '</div><br />'; 
 unset($_SESSION['success']); //unset session success 
 } 
?> 
 <div id='left'>
 <form id="registration" form action="accountprocessing.php" method="post"> 
    <br />
    <fieldset><h1>Update Your Details</h1><br />

         <ol>
             <li>
             <label>Username*</label> <input type="text" name="username" required value="<?php echo $row['username'] ?>" readonly />
             </li>
             <?php 
             //generate drop-down list for state using enum data type and values from database 
             $tableName='member'; 
             $colState='state'; 

             function getEnumState($tableName, $colState) 
             { 
             global $con; //enable database connection in the function 
             $sql = "SHOW COLUMNS FROM $tableName WHERE field='$colState'"; 
            //retrieve enum column 
             $result = mysql_query($con, $sql) or die(mysql_error($con)); 
            //run the query 
             $row = mysql_fetch_array($result); //store the results in a variable named $row 
             $type = preg_replace('/(^enum\()/i', '', $row['Type']); //regular expression to replace the enum syntax with blank space 
             $enumValues = substr($type, 0, -1); //return the enum string 
             $enumExplode = explode(',', $enumValues); //split the enum string into individual values 
             return $enumExplode; //return all the enum individual values 
             } 
             $enumValues = getEnumState('member', 'state'); 
             echo '<select name="state">'; 

             if((is_null($row['state'])) || (empty($row['state']))) //if the state field is NULL or empty 
             { 
             echo "<option value=''>Please select</option>"; //display the 'Please select' message 
             } 
             else 
             { 
             echo "<option value=" . $row['state'] . ">" . $row['state'] . 
            "</option>"; //display the selected enum value 
             } 

             foreach($enumValues as $value) 
             { 
             echo '<option value="' . $removeQuotes = str_replace("'", "", 
            $value) . '">' . $removeQuotes = str_replace("'", "", $value) . '</option>'; //remove the quotes from the enum values 
             } 
             echo '</select><br />'; 
             ?> 
             </li>
             <p>&nbsp;</p> 
             <li>
             <label>Postcode*</label> <input type="text" name="postcode" required value="<?php echo $row['postcode'] ?>"/>
             </li><br /> 
             <li>
             <label>Country*</label> <input type="text" name="country" required value="<?php echo $row['country'] ?>"/>
             </li><br /> 
             <li>
             <label>Phone</label> <input type="text" name="phone" value="<?php echo $row['phone'] ?>"/>
             </li><br /> 
             <li>
             <label>Mobile</label> <input type="text" name="mobile" value="<?php echo $row['mobile'] ?>" />
             </li><br /> 
            <li>
            <label>Email*</label> <input type="email" name="email" required value="<?php echo $row['email'] ?>" />
            </li><br /> 
             <li><label>Gender*</label> 
             <?php 
             //generate drop-down list for gender using enum data type and values from database 
             $tableName='member'; 
             $colGender='gender'; 

             function getEnumGender($tableName, $colGender) 
             { 
             global $con; //enable database connection in the function 
             $sql = "SHOW COLUMNS FROM $tableName WHERE field='$colGender'"; 
            //retrieve enum column 
             $result = mysql_query($con, $sql) or die(mysql_error($con)); 
            //run the query 
             $row = mysql_fetch_array($result); //store the results in a variable named $row 
             $type = preg_replace('/(^enum\()/i', '', $row['Type']); //regular expression to replace the enum syntax with blank space 
             $enumValues = substr($type, 0, -1); //return the enum string 
             $enumExplode = explode(',', $enumValues); //split the enum string into individual values 
             return $enumExplode; //return all the enum individual values 
             } 

             $enumValues = getEnumGender('member', 'gender'); 
             echo '<select name="gender">'; 

             echo "<option value=" . $row['gender'] . ">" . $row['gender'] . 
            "</option>"; //display the selected enum value 
            foreach($enumValues as $value) 
             { 
             echo '<option value="' . $removeQuotes = str_replace("'", "", 
            $value) . '">' . $removeQuotes = str_replace("'", "", $value) . '</option>'; 
             } 
             echo '</select>'; 
             ?> 
             </li>
        </ol>
    </fieldset>
    <br />
    <fieldset> 
         <p>Subscribe to weekly email newsletter?</p><br /> 
         <label>Yes</label><input type="radio" name="newsletter" value="Y" <?php if($row['newsletter'] == "Y"){echo "checked";} ?>><br /> 
         <label>No</label><input type="radio" name="newsletter" value="N" <?php if($row['newsletter'] == "N"){echo "checked";} ?>>
         <input type="hidden" name="memberID" value="<?php echo $memberID; ?>"> 
         </fieldset><br />
         <p class="center"><input type="submit" name="accountupdate" value="Update Account" /></p><br />
</form>
</div>

<br />
    <div id='right'>
        <form id="registration" form action="accountimageprocessing.php" method="post" enctype="multipart/form-data">
        <input type="hidden" name="memberID" value="<?php echo $memberID; ?>"> 
    <br />
            <fieldset><h1>Update Image</h1><br />

             <?php 
             if((is_null($row['image'])) || (empty($row['image']))) //if the photo field is NULL or empty 
             { 
             echo "<p class='center'><img src='../images/members/member.png' width=150 height=150 alt='default photo' /></p>"; //display the default photo 
             } 
             else 
             { 
             echo "<p class='center'><img src='../images/members/" . ($row['image']) . "'" . 'width=150 height=150 alt="contact photo"' . "/></p><br />"; //display the contact photo
            } 
             ?> 

            <label>New Image</label> <input type="file" name="image" />
            <br /> 
            <p>Accepted files are JPG, GIF or PNG. Maximum size is 500kb.</p>
            <br /> 
            <p class='center'><input type="submit" name="imageupdate" value="Update Image" /></p>
        </form>
        <br />
        <br />
            <form action="accountpasswordprocessing.php" method="post"> 
             <h1>Update Password</h1> 
             <br />
             <p>Passwords must have a minimum of 8 characters.</p> <br />
             <label>New Password*</label> <input type="password" name="password" pattern=".{8,}" title= "Password must be 8 characters or more" required />
             <br /> 
             <input type="hidden" name="memberID" value="<?php echo $memberID; ?>"> 
             <br />
             <p class='center'><input type="submit" name="passwordupdate" value="Update Password" /></p> 
             <br />
            </form>

            <h1>Delete My Account</h1>
            <br />
            <p>We're sorry to hear you'd like to delete your account. By clicking the button below you will permanently delete your account.</p>
            <br />
            <form action="accountdelete.php" method="post"> 
            <p class='center'><input type="submit" value="Delete My Account" onclick="return confirm('Are you sure you wish to permanently delete your account?');" ></p> 

            <input type="hidden" name="memberID" value="<?php echo $memberID; ?>"><br />    
        </fieldset>
         </form>
         </div>

        </section> <!-- end #content --> 
        <div id="footernav" class id="shadow">
                                <?php 
                                    require "../inc/footer.php"; 
                                ?>
                            </div>
         </div>
Ariana
  • 31
  • 5
  • All this code is not required. we only need the error line and a few lines prior & 1 or two lines after the line of code in question – Daryl Gill Oct 20 '14 at 14:12
  • @DarylGill I know, but just to be safe. – Ariana Oct 20 '14 at 14:13
  • `$result = mysql_query($con, $sql)` in `mysql_`, connection comes last. That's the fix for the 2nd error. – Funk Forty Niner Oct 20 '14 at 14:14
  • Add this `$_SESSION['username'] = $_POST['username'];` fix for the 1st problem. – Funk Forty Niner Oct 20 '14 at 14:17
  • @Fred-ii- I should have maybe rephrased my question a bit more, I'm more interested in just a user being able to change their email and password. – Ariana Oct 20 '14 at 14:17
  • Then disregard all (my) comments given. See the answer below. – Funk Forty Niner Oct 20 '14 at 14:18
  • @Fred-ii- I do apologize. – Ariana Oct 20 '14 at 14:19
  • Please, [don't use `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php), They are no longer maintained and are [officially deprecated](https://wiki.php.net/rfc/mysql_deprecation). Learn about [prepared statements](http://en.wikipedia.org/wiki/Prepared_statement) instead, and use [PDO](http://us1.php.net/pdo) or [MySQLi](http://us1.php.net/mysqli). [This article](http://php.net/manual/en/mysqlinfo.api.choosing.php) will help you decide. – Jay Blanchard Oct 20 '14 at 14:21

1 Answers1

0

Your mysql_query parameteres are reversed. It should be:

mysql_query($sql, $con);

Also as you can see in the linked PHP Manual page, this extension is deprecated and alternatives should be used:

This extension is deprecated as of PHP 5.5.0, and will be removed in the future. Instead, the MySQLi or PDO_MySQL extension should be used. See also MySQL: choosing an API guide and related FAQ for more information. Alternatives to this function include: mysqli_query() PDO::query()

Bogdan
  • 43,166
  • 12
  • 128
  • 129
  • 1
    Ok. What about `Notice: Undefined index: username in D:\xampp\htdocs\0100348514\pages\account.php on line 16`? – Funk Forty Niner Oct 20 '14 at 14:15
  • That error is self explanatory. The OP should check whether there is an entry in the global `$_SESSION` array with the key 'username'. – Bogdan Oct 20 '14 at 14:17