Make PHP Sites

Last updated: 2015-09-13

Managing account information

In this section, we'll go over how to provide users a page to modify their account information, such as their name, phone number, etc.

The code for this version will be written in a procedural method.

Requirements

Refer to the Get Started section to know what you need to use this tutorial. You must also have an understanding of HTML and how a web page is constructed.

Prerequisites

To use this tutorial, we recommend that you use our other lessons, User log-in and log-out, User registration or something similar.

The database described in those tutorials is necessary if you plan to follow this tutorial line-by-line.

Contents

The database

In the previous lessons, User registration and User log-in and log-out, we created and worked with a database and table. We'll be using that same setup with modifications. We're adding the fields "fname," "lname" and "phone."

Database name: social

We'll use this database for more social apps

Table: users

Column Type Description
userID INT (11) This will be the primary key. It is a unique ID number assigned to each individual user. It should be set to increment automatically.
email Varchar (250) This will hold the user's email address. They'll use this to log into your site.
password Text The user's password will be encrypted.
salt Int (11) "salt" will be used to encrypt they user's password.
fname Varchar (250) This will hold the user's first name
lname Varchar (250) This will hold the user's last name
phone Varchar (250) This will hold the user's phone number
isDeleted Bool A TRUE/FALSE value that will be used to tell if a user has canceld there account or has been blocked.
timestamp Timestamp A time stamp, provided by the database, about time the account was created or last updated.

The account information form

Create a php file for the web form which will provide the use a method to change some of their information. This is all the code for the form you will need to get started with this tutorial.

					<html>
						<head>
							<title>Manage information</title>
						</head>
						
						<body>
							
							<h1>Manage information</h1>
							
							<form action="" method="post">
							
								<p>
									<label for="fname">Your first name</label>
									<br/>
									<input type="text" name="fname" id="fname" />
								</p>
								
								<p>
									<label for="lname">Your last name</label>
									<br/>
									<input type="text" name="lname" id="lname" />
								</p>
								
								<p>
									<label for="phone">Your phone number</label>
									<br/>
									<input type="text" name="phone" id="phone" />
								</p>
								
								<p>
									<button type="submit">Update</button>
								</p>
								
							</form>
							
						</body>
					</html>
				

Loading the current info

We're going to query the database to get the user's current information and put it in the form. This is dependent on the user's ID contained in the $_SESSION array we created in the lesson about user log-in.

Above the HTML we created, query the database for the user's information.

					<?php
						// Connect to the database
						
						// What's the address of your database?
						$database_host = 'localhost';
						
						// What's the username to connect?
						$database_user = 'root';
						
						// What's the password for that user?
						$database_password = 'password';
						
						// What's the name of the database?
						$database = 'social';
						
						// User the MySQLi class to connect to database
				        $mysqli = new mysqli($database_host, $database_user, $database_password, $database);
						
						// Get the user's ID number from the $_SESSION array
						$userID = $_SESSION['userID'];
						
						// Query for all the user info
						$sql = "SELECT fname, lname, phone FROM users WHERE userID=" . $userID;
						$query = $mysqli->query($sql);
						
						// Get all the info as an array
						$users = $query->fetch_assoc();
					?>
					
					<html>
						[...]
					</html>
				

If that query works successfully, we would have an array of information similar to this:

					Array(
						[0] => Array(
								[fname] => 'John',
								[lname] => 'Smith',
								[email] => 'john@johnsmith.com'
							)
					)
				

Notice how the array of user informaiton is within another array. When we used $user = $query->fetch_assoc(), we were turning all the info collected from the query into an indexed array. With the system we are using that we designed, it's impossible for multiple users to have the same ID number. However, if this was a different kind of query and to users did have the same ID number for some reason, the array of informaiton would look like this:

					Array(
						[0] => Array(
								[fname] => 'John',
								[lname] => 'Smith',
								[phone] => 'XXX-XXX-XXXX'
							),
						[1] => Array(
								[fname] => 'Jessica',
								[lname] => 'Matthews',
								[phone] => 'XXX-XXX-XXXX'
							),
						[2] => Array(
								[fname] => 'Michael',
								[lname] => 'Richards',
								[phone] => 'XXX-XXX-XXXX'
							)
					)
				

Since we know we are working with just one user, we'll use this line of code to separte the users's array from the entire query's array.

					<?php
						[...]
						
						// Get all the info as an array
						$users = $query->fetch_assoc();
						
						// Get individual user's array out of array
						$user = $users[0];
					?>
					
					<html>
						[...]
					</html>
				

We now have the user's information and can load it automatically into the form's input fields.

Filling the form input fields

If you aren't sure how to print PHP strings onto HTML code, read our lesson about working with PHP in HTML.

Here is the HTML form with the PHP injected.

					<?php
						[...]
						
						// Get individual user's array out of array
						$user = $users[0];
					?>
					
					<html>
						[...]
						
							<form action="" method="post">
							
								<p>
									<label for="fname">Your first name</label>
									<br/>
									<input type="text" name="fname" id="fname" value="<?php echo $user['fname']; ?>" />
								</p>
								
								<p>
									<label for="lname">Your last name</label>
									<br/>
									<input type="text" name="lname" id="lname" value="<?php echo $user['lname']; ?>" />
								</p>
								
								<p>
									<label for="phone">Your phone number</label>
									<br/>
									<input type="text" name="phone" id="phone" value="<?php echo $user['phone']; ?>" />
								</p>
								
								<p>
									<button type="submit">Update</button>
								</p>
								
							</form>
						
						[...]
						
					</html>
				

Notice how the array $user is filling the value="" tags in the HTML form.

Updating their information

We want to give the user the ability to update their information. This process is almost exactly like the user registration process. Instead of inserting a new row into the database, we're updating an existing row according to the user's ID.

					<?php
						[...]
						
						// User the MySQLi class to connect to database
						$mysqli = new mysqli($database_host, $database_user, $database_password, $database);
						
						[...]
						
						// Get the user's ID number from the $_SESSION array
						$userID = $_SESSION['userID'];
						
						// If the user clicked the "submit" button
						if(!empty($_POST)){
							// Get the form values and sanitize them
							$fname = $mysqli->real_escape_string($_POST['fname']);
							$lname = $mysqli->real_escape_string($_POST['lname']);
							$phone = $mysqli->real_escape_string($_POST['phone']);
							
							// Update the user's row
							$sql = "UPDATE users SET fname='" . $fname . "', lname='" . $lname . "', phone='" . $phone . "' WHERE userID=" . $userID;
							$query = $mysqli->query($sql);
						}
						
						[...]
						
						// Get individual user's array out of array
						$user = $users[0];
					?>
					
					<html>
						[...]
						
							<form action="" method="post">
								[...]
							</form>
						
						[...]
						
					</html>
				

Don't forget the WHERE piece of the query, or it will change the information for all users.

All the code

					<?php
						// Connect to the database
						 
						// What's the address of your database?
						$database_host = 'localhost';
						 
						// What's the username to connect?
						$database_user = 'root';
						 
						// What's the password for that user?
						$database_password = 'password';
						 
						// What's the name of the database?
						$database = 'social';
						 
						// User the MySQLi class to connect to database
						$mysqli = new mysqli($database_host, $database_user, $database_password, $database);
						 
						// Get the user's ID number from the $_SESSION array
						$userID = $_SESSION['userID'];
						
						// If the user clicked the "submit" button
						if(!empty($_POST)){
							// Get the form values and sanitize them
                            $fname = $mysqli->real_escape_string($_POST['fname']);
                            $lname = $mysqli->real_escape_string($_POST['lname']);
                            $phone = $mysqli->real_escape_string($_POST['phone']);
                            
                            // Update the user's row
							$sql = "UPDATE users SET fname='" . $fname . "', lname='" . $lname . "', phone='" . $phone . "' WHERE userID=" . $userID;
							$query = $mysqli->query($sql);
						}
						
						// Query for all the user info
						$sql = "SELECT fname, lname, phone FROM users WHERE userID=" . $userID;
						$query = $mysqli->query($sql);
						 
						// Get all the info as an array
						$users = $query->fetch_assoc();
					?>
					
					<html>
						<head>
							<title>Manage information</title>
						</head>
						
						<body>
							
							<h1>Manage information</h1>
						
							<form action="" method="post">
							
								<p>
									<label for="fname">Your first name</label>
									<br/>
									<input type="text" name="fname" id="fname" value="<?php echo $user['fname']; ?>" />
								</p>
								
								<p>
									<label for="lname">Your last name</label>
									<br/>
									<input type="text" name="lname" id="lname" value="<?php echo $user['lname']; ?>" />
								</p>
								
								<p>
									<label for="phone">Your phone number</label>
									<br/>
									<input type="text" name="phone" id="phone" value="<?php echo $user['phone']; ?>" />
								</p>
								
								<p>
									<button type="submit">Update</button>
								</p>
								
							</form>
						
						</body>
					</html>
				

Contact us

Questions or problems? Want to contribute to this tutorial or others?

Contact us