I am attempting to update my accounts table for the current session ID with the data posted from a form. My first prepare statement is functioning fine and can be seen functioning through the placeholder variables in the form. It is my second prepare statement that doesnt seem to be working. From what I can tell, form doesn't seem to be posting the data correctly and I am unsure what the error is. It may very well be a simple error but I am stuck. Any help would be massively appreciated!
<?php
if(!isset($_SESSION['account_loggedin']))
{
header("Location: index.php");
}
$pdo=mysqli_connect("localhost","root","root","shoppingcart_advanced");
if(!$pdo)
{
echo(' Please Check Your Connection'.mysqli_connect_error($pdo));
}
$msg = ' ';
$stmt = $pdo->prepare('SELECT email, first_name, last_name, address_street, address_city, address_state, address_zip, address_country FROM accounts WHERE id = ?');
// In this case we can use the account ID to get the account info.
$stmt->bind_param('i', $_SESSION['account_id']);
$stmt->execute();
$stmt->bind_result($email, $first_name, $last_name, $address_street, $address_city, $address_state, $address_zip, $address_country);
$stmt->fetch();
$stmt->close();
// Handle edit profile post data
if (isset($_POST['submit'], $_POST['email'], $_POST['first_name'], $_POST['last_name'], $_POST['address_street'], $_POST['address_city'], $_POST['address_city'], $_POST['address_state'], $_POST['address_zip'], $_POST['address_country'])) {
// Make sure the submitted registration values are not empty.
if (!$_POST['email'] ||!$_POST['first_name'] || !$_POST['last_name'] || !$_POST['address_street'] || !$_POST['address_city'] || !$_POST['address_city'] || !$_POST['address_state'] || !$_POST['address_zip'] || !$_POST['address_country'] ) {
$msg = 'The input fields must not be empty!';
} else if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
$msg = 'Please provide a valid email address';
}
if (empty($msg)) {
// Check if new email already exists in database
$stmt = $pdo->prepare('SELECT * FROM accounts WHERE email = ? AND email != ?');
$stmt->bind_param('ss', $_POST['email'], $email);
$stmt->execute();
$stmt->store_result();
if ($stmt->num_rows > 0) {
$msg = 'Account already exists with that username and/or email!';
} else {
// no errors occured, update the account...
$stmt->close();
$uniqid = $email != $_POST['email'] ? uniqid() : $email;
$stmt = $pdo->prepare('UPDATE accounts SET email = ?,first_name = ?, last_name = ?, address_street = ?, address_city = ?, address_state = ?, address_zip = ?, address_country = ? WHERE id = ?');
$stmt->bind_param('ss', $_POST['email'],$_POST['first_name'], $_POST['last_name'], $_POST['address_street'], $_POST['address_city'], $_POST['address_state'], $_POST['address_zip'], $_POST['address_country'], $_SESSION['account_id']);
$stmt->execute();
$stmt->close();
$msg = 'account updated!';
}
}
}
?>
<?=template_header('Edit Profile')?>
<!DOCTYPE html>
<html>
<div class="EditProfile">
<h2>Edit delivery information</h2>
<div class="block">
<form action="index.php?page=saveProfile" method="post">
<label for="email">Email</label>
<input type="email" value="<?=$email?>" name="email" id="email" placeholder="Email">
<br>
<label for="first_name">First Name</label>
<input type="text" value="<?=$first_name?>" name="first_name" id="first_name" placeholder="First Name">
<br>
<label for="last_name">Last Name</label>
<input type="text" value="<?=$last_name?>"name="last_name" id="last_name" placeholder="Last Name">
<br>
<label for="address_street">Street</label>
<input type="text"value="<?=$address_street?>" name="address_street" id="address_street" placeholder="Street">
<br>
<label for="address_state">City</label>
<input type="text" value="<?=$address_state?>" name="address_state" id="address_state" placeholder="Address">
<br>
<label for="address_zip">Postcode</label>
<input type="address_zip" value="<?=$address_zip?>" name="address_zip" id="address_zip" placeholder="Postcode">
<br>
<label for="address_country">Country</label>
<input type="text"value="<?=$address_country?>" name="address_country" id="address_country" placeholder="Country">
<br>
<input class="submit" name="submit" type="submit" value="Submit">
<p><?=$error?></p>
<p><?=$msg?></p>
</form>
</div>
<p><img src="Images/PSign.PNG" alt="Logo" width="100" height="100"></p>
</div>
<?=template_footer()?>
</html>