I am trying to create a members only area where they can update there contact info in the company directory but only theirs. problem is i can't seem to get it where they can only update there on. i can either update everyone or no one but my code executes fine with no errors. Please help!
[PHP]
//This is the directory where images will be saved
$target = "uploads/images";
$target = $target . basename( $_FILES['photo']['name']);
//This gets all the other information from the form
$name=$_POST['name'];
$email=$_POST['email'];
$phone=$_POST['phone'];
$pic=($_FILES['photo']['name']);
// Connects to your Database
mysql_connect("localhost", "my_root", "") or die(mysql_error()) ;
mysql_select_db("my_photos") or die(mysql_error()) ;
//checks to see if the name submited is in the database
if (!get_magic_quotes_gpc()) {
$_POST['name'] = addslashes($_POST['name']);
}
$usercheck = $_POST['name'];
$check = mysql_query("SELECT name FROM employees WHERE name = '$usercheck'")
or die(mysql_error());
//checks the users cookie to see who they are
if(isset($_COOKIE['ID_my_cookie']))
{
$username = $_COOKIE['ID_my_cookie']; }
if ($username = $check)
{
$check2=$info;
}else{
$check2 != $info;
}
//compairs the name on the cookie with the name they are trying to update.
//if they don't match, error message
if ($check2 != $info)
{ echo("Sorry, you are only allowed to update your own information. Click <a href=login.php>HERE</a> to login as someone else.</br>");
echo ("Or, click <a href=membersarea.php>HERE</a> to go back.");
die(mysql_error());
}
// checks if the username is in use
if (!get_magic_quotes_gpc()) {
$_POST['name'] = addslashes($_POST['name']);
}
$usercheck = $_POST['name'];
$check2 = mysql_num_rows($check);
//if the name exists DELETE it
if ($check2 != 0) {
mysql_query("DELETE from `employees` where name = '$name'" );
}
//Writes the information to the database
mysql_query("INSERT INTO `employees` VALUES ('$name', '$email', '$phone', '$pic')") ;
//Writes the photo to the server
if(move_uploaded_file($_FILES['photo']['tmp_name'], $target))
{
//Tells you if its all ok
echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded, and your information has been added to the directory";
}
else {
//Gives and error if its not
echo "Sorry, there was a problem uploading your file.";
}
[/PHP]