<?php require_once('Connections/connection.php'); ?> <? mysql_query("set names big5"); // 啟動session if (!isset($_SESSION)) { session_start(); } // 尚未登入 if (!isset($_SESSION['MM_Username'])) { // 在login_form.php檔案中,登入成功後要前往那一個檔案 $_SESSION['nextstep'] = 'member_info.php'; header('Location: login_form.php'); } ?> <?php function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue; switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "member_info_form")) { $updateSQL = sprintf("UPDATE member SET username=%s, password=%s, name=%s, sex=%s, birthday=%s, email=%s, phone=%s, address=%s, uniform=%s,WHERE id=%s", GetSQLValueString($_POST['username'], "text"), GetSQLValueString($_POST['password'], "text"), GetSQLValueString($_POST['name'], "text"), GetSQLValueString($_POST['sex'], "text"), GetSQLValueString($_POST['birthday'], "date"), GetSQLValueString($_POST['email'], "text"), GetSQLValueString($_POST['phone'], "text"), GetSQLValueString($_POST['address'], "text"), GetSQLValueString($_POST['uniform'], "text"), GetSQLValueString($_POST['id'], "int")); mysql_select_db($database_connection, $connection); $Result1 = mysql_query($updateSQL, $connection) or die(mysql_error()); mysql_query("set names big5"); $updateGoTo = "index.php"; if (isset($_SERVER['QUERY_STRING'])) { $updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?"; $updateGoTo .= $_SERVER['QUERY_STRING']; } header(sprintf("Location: %s", $updateGoTo)); } $colname_member_info = "-1"; if (isset($_SESSION['MM_Username'])) { $colname_member_info = (get_magic_quotes_gpc()) ? $_SESSION['MM_Username'] : addslashes($_SESSION['MM_Username']); } mysql_select_db($database_connection, $connection); $query_member_info = sprintf("SELECT * FROM member WHERE username = '%s'", $colname_member_info); $member_info = mysql_query($query_member_info, $connection) or die(mysql_error()); $row_member_info = mysql_fetch_assoc($member_info); $totalRows_member_info = mysql_num_rows($member_info); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=big5" /> <title>基本資料</title> <link href="CSS/all.css" rel="stylesheet" type="text/css" /> <link href="CSS/member_info.css" rel="stylesheet" type="text/css" /> <script type="text/JavaScript"> <!-- function MM_goToURL() { //v3.0 var i, args=MM_goToURL.arguments; document.MM_returnValue = false; for (i=0; i<(args.length-1); i+=2) eval(args[i]+".location='"+args[i+1]+"'"); } //--> </script> </head> <body> <table class="all_style1"> <tr> <td align="left" valign="top" class="all_style2"> <table align="center" class="member_info_style1"> <tr> <td align="left" valign="middle" class="member_info_style2"><span class="member_info_style3">基本資料</span></td> </tr> <tr> <td align="left" valign="top" class="member_info_style4"> <table> <tr> <td> <form action="<?php echo $editFormAction; ?>" id="member_info_form" name="member_info_form" method="POST"> <table class="member_info_style5"> <tr> <td colspan="2" align="left" valign="top" class="member_info_style6"> <strong> 注意事項：</strong> <ol> <li>在修改之前，請先確認您要修改的資料。<br /></li> <li>修改資料之後，就無法再還原。</li></ol><hr class="member_info_style10" /> </td> </tr> <tr> <td align="center" valign="middle" class="member_info_style7"><span class="member_info_style11">帳　　號 </span> </td> <td class="member_info_style4"> <input name="username" type="text" class="member_info_style8" id="username" onblur=" if (this.value.search(/[\u4E00-\u9FA5]/g) != -1) { alert('[帳號] 欄位不可以是中文!'); this.value = ''; this.focus(); }" value="<?php echo $row_member_info['username']; ?>" size="20" maxlength="12" /> （4~10個字元，請勿使用中文） </td> </tr> <tr> <td align="center" valign="middle" class="member_info_style7"> <span class="member_info_style11">密　　碼</span></td> <td class="member_info_style4"> <input name="password" type="text" class="member_info_style8" id="password" onblur=" if (this.value.search(/[\W]/g) != -1) { alert('[密碼] 欄位必須是英文字母與數字!'); this.value = ''; this.focus(); }" value="<?php echo $row_member_info['password']; ?>" size="20" maxlength="12" /> （4~10個字元，請勿使用中文） </td> </tr> <tr> <td align="center" valign="middle" class="member_info_style7"> <span class="member_info_style11">姓　　名</span> </td> <td class="member_info_style4"> <input name="name" type="text" class="member_info_style8" id="name" value="<?php echo $row_member_info['name']; ?>" size="20" /> </td> </tr> <tr> <td align="center" valign="middle" class="member_info_style7"><span class="member_info_style11">暱　　稱</span> </td> <td class="member_info_style4"><input name="uniform" type="text" class="member_info_style8" id="uniform" value="<?php echo $row_member_info['uniform']; ?>" size="40" /> </td> </tr> <tr> <td align="center" valign="middle" class="member_info_style7"> <span class="member_info_style11">性　　別</span> </td> <td class="member_info_style4"> <input <?php if (!(strcmp($row_member_info['sex'],"男"))) {echo "checked=\"checked\"";} ?> name="sex" type="radio" value="男" /> &nbsp;男&nbsp; <input <?php if (!(strcmp($row_member_info['sex'],"女"))) {echo "checked=\"checked\"";} ?> name="sex" type="radio" value="女" /> &nbsp;女 </td> </tr> <tr> <td align="center" valign="middle" class="member_info_style7"> <span class="member_info_style11">電子信箱</span> </td> <td class="member_info_style4"> <input name="email" type="text" class="member_info_style8" id="email" onblur=" if (this.value.search(/^\w+((\.\w+)|(-\w+))*@\w+((\.|-)\w+)*\.\w+$/) == -1) { alert('[電子信箱] 欄位的格式不正確!'); this.value = ''; this.focus(); }" value="<?php echo $row_member_info['email']; ?>" size="40" /> </td> </tr> <tr> <td align="center" valign="middle" class="member_info_style7"> <span class="member_info_style11">出生日期</span> </td> <td class="member_info_style4"> <input name="birthday" type="text" class="member_info_style8" id="birthday" value="<?php echo $row_member_info['birthday']; ?>" size="20" /> （請填入西元年, 例如 1991-1-1） </td> </tr> <tr> <td align="center" valign="middle" class="member_info_style7"> <span class="member_info_style11">連絡電話</span> </td> <td class="member_info_style4"> <input name="phone" type="text" class="member_info_style8" id="phone" value="<?php echo $row_member_info['phone']; ?>" size="20" /> </td> </tr> <tr> <td align="center" valign="middle" class="member_info_style7"> <span class="member_info_style11">地　　址</span> </td> <td class="member_info_style4"> <input name="address" type="text" class="member_info_style8" id="address" value="<?php echo $row_member_info['address']; ?>" size="50" /> </td> </tr> <tr> <td colspan="2" class="member_info_style9"> <hr class="member_info_style10" /> <input name="member_info_submit" type="submit" id="member_info_submit" value="確定送出" onclick=" var fieldvalue = document.member_info_form.username.value; if (fieldvalue == '') { alert('[帳號] 欄位不可以是空白!'); document.member_info_form.username.focus(); return false; } else if (fieldvalue.length < 4 || fieldvalue.length > 10) { alert('[帳號] 欄位的長度必須是4~10個字元!'); document.member_info_form.username.focus(); return false; } fieldvalue = document.member_info_form.password.value; if (fieldvalue == '') { alert('[密碼] 欄位不可以是空白!'); document.member_info_form.password.focus(); return false; } else if (fieldvalue.length < 4 || fieldvalue.length > 10) { alert('[密碼] 欄位的長度必須是4~10個字元!'); document.member_info_form.password.focus(); return false; } fieldvalue = document.member_info_form.name.value; if (fieldvalue == '') { alert('[姓名] 欄位不可以是空白!'); document.member_info_form.name.focus(); return false; } fieldvalue = document.member_info_form.uniform.value; if (fieldvalue == '') { alert('[暱稱] 欄位不可以是空白!'); document.member_info_form.uniform.focus(); return false; } fieldvalue = document.member_info_form.email.value; if (fieldvalue == '') { alert('[電子信箱] 欄位不可以是空白!'); document.member_info_form.email.focus(); return false; } fieldvalue = document.member_info_form.phone.value; if (fieldvalue == '') { alert('[連絡電話] 欄位不可以是空白!'); document.member_info_form.phone.focus(); return false; } fieldvalue = document.member_info_form.address.value; if (fieldvalue == '') { alert('[地址] 欄位不可以是空白!'); document.member_info_form.address.focus(); return false; }" /> <input name="member_info_cancel" type="button" id="member_info_cancel" onclick="MM_goToURL('parent','index.php');return document.MM_returnValue" value="取消" /> <hr class="member_info_style10" /> </td> </tr> </table> <input name="id" type="hidden" id="id" value="<?php echo $row_member_info['id']; ?>" /> <input type="hidden" name="MM_update" value="member_info_form"> </form> </td> </tr> </table> </td> </tr> </table> </body> </html> <?php mysql_free_result($member_info); ?> 抱歉ˊˋ SQL就差不多是這些了...我是新手..都拿工具書參考著改 還請各位大大賜教... -- ※ 發信站: 批踢踢實業坊(ptt.cc) ◆ From: 220.133.71.108