macho>>>
Jeg har lige prøvet et hidden field, desværre uden held. Her er de fulde filer:
ret_info.php:
-----------------------------------------------------------------
<?php
session_start();
require("./CustomSql.inc.php");
if (!(session_is_registered("CID"))){
print "<a href=\"login.php\">$front_pleaselogin</a>";
exit;
}
$db = new CustomSQL($DBName);
$showtable = true;
$errortag = false;
if (!empty($edituser)) {
if (empty($email)){
$errortag = true;
$errormsg = $error_emailempty;
}
if ($email!=$emailretype){
$errortag = true;
$errormsg = $error_emailretypewrong;
}
if (!$errortag){
$db->edituser($email,$navn,$adresse,$postnr,$by,$telefon,$CID);
$showtable = false;
}
}
$userinfo = $db->getuserinfobyid($CID);
$email = $userinfo[0]["email"];
$navn = $userinfo[0]["navn"];
$adresse = $userinfo[0]["adresse"];
$postnr = $userinfo[0]["postnr"];
$by = $userinfo[0]["by"];
$telefon = $userinfo[0]["telefon"];
?>
<HTML>
<HEAD>
<TITLE>Ret dit kodeord</TITLE>
<meta http-equiv="Content-Type" content="text/html; charset=<?php print "$front_charset"; ?>">
<link rel="stylesheet" href="./style/style.css" type="text/css">
<style>
a:link
{
color: black;
text-decoration: none;
font-family: tahoma;
}
a:visited
{
color: black;
text-decoration: none;
font-family: tahoma;
}
a:hover
{
color: black;
text-decoration: underline;
font-family: tahoma;
}
a:active
{
color: black;
text-decoration: none;
font-family: tahoma;
}
</style>
<script language="JavaScript">
<!--
function MM_reloadPage(init) { //reloads the window if Nav4 resized
if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) {
document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }}
else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload();
}
MM_reloadPage(true);
// -->
</script>
</HEAD>
<BODY BGCOLOR=#FFFFFF LEFTMARGIN=0 TOPMARGIN=0 MARGINWIDTH=0 MARGINHEIGHT=0>
<CENTER>
<TABLE WIDTH=700 BORDER=0 CELLPADDING=0 CELLSPACING=0>
<TR>
<TD COLSPAN=8>
<a href="
http://www.vindue.proinmotion.dk/" border="0"><IMG SRC="images/top.gif" border="0" WIDTH=700 HEIGHT=139 ALT=""></a></TD>
</TR>
<TR>
<TD COLSPAN=8>
<IMG SRC="images/menu_over.gif" WIDTH=700 HEIGHT=7 ALT=""></TD>
</TR>
<TR>
<TD COLSPAN=2>
<IMG SRC="images/navigering.gif" WIDTH=146 HEIGHT=21 ALT=""></TD>
<TD>
<a href="
http://www.vindue.proinmotion.dk/tilmeld.php" border="0"><IMG SRC="images/tilmeld.gif" border="0" WIDTH=64 HEIGHT=21 ALT=""></a></TD>
<TD>
<a href="
http://www.vindue.proinmotion.dk/konceptet.php" border="0"><IMG SRC="images/konceptet.gif" border="0" WIDTH=84 HEIGHT=21 ALT=""></a></TD>
<TD>
<a href="
http://www.vindue.proinmotion.dk/kontakt.php" border="0"><IMG SRC="images/kontakt.gif" border="0" WIDTH=62 HEIGHT=21 ALT=""></a></TD>
<TD>
<a href="
http://www.vindue.proinmotion.dk/login.php" border="0"><IMG SRC="images/menu_05.gif" border="0" WIDTH=209 HEIGHT=21 ALT=""></a></TD>
<TD>
<a href="
http://www.proinmotion.dk/" border="0"><IMG SRC="images/pim.gif" border="0" WIDTH=122 HEIGHT=21 ALT=""></a></TD>
<TD>
<IMG SRC="images/menu_07.gif" WIDTH=13 HEIGHT=21 ALT=""></TD>
</TR>
<TR>
<TD COLSPAN=8>
<IMG SRC="images/menu_under.gif" WIDTH=700 HEIGHT=11 ALT=""></TD>
</TR>
<TR>
<TD>
<IMG SRC="images/main_11.gif" WIDTH=140 ALT=""></TD>
<TD COLSPAN=6 WIDTH=547 valign="top" align="center">
<FONT face="tahoma" size="2">
<?php
include("a_menu.php");
?>
<BR>
<center><U>Ret dine personlige informationer</U></center><BR><BR>
<center>
<table border="0" cellspacing="0" cellpadding="4" width="60%">
<tr>
<td bgcolor="#F2F2F2" class="menu_in">::<?php print "$front_modiinfo"; ?> <font color="#FF0000">*</font> <?php print "$front_requiredinfo"; ?></td>
</tr>
<?php
if ($errortag){
?>
<tr>
<td><font color="#FF0000"><?php print "$errormsg"; ?></font></td>
</tr>
<?php
}
?>
<tr>
<td>
<?php
if ($showtable){
?>
<form action="<?php print "$PHP_SELF"; ?>" method="POST">
<table border=0 cellpadding=2 cellspacing=2>
<tr><td width="120"><?php print "$front_email"; ?> : </td><td><input type="text" name="email" value="<?php print "$email"; ?>"> <font color="#FF0000">*</font></td></tr>
<tr><td>Gentag email : </td><td><input type="text" name="emailretype" value=""> <font color="#FF0000">*</font></td></tr>
<tr><td>Navn : </td><td><input type="text" name="navn" value="<?php print "$navn"; ?>"></td></tr>
<tr><td>Adresse : </td><td><input type="text" name="adresse" value="<?php print "$adresse"; ?>"></td></tr>
<tr><td>Postnummer : </td><td><input type="text" name="postnr" value="<?php print "$postnr"; ?>"></td></tr>
<tr><td>By : </td><td><input type="text" name="by" value="<?php print "$by"; ?>"></td></tr>
<tr><td>Telefonnummer : </td><td><input type="text" name="telefon" value="<?php print "$telefon"; ?>"></td></tr>
<input type="hidden" name="costumerid" value="<?php print "$costumerid"; ?>">
<tr><td></td><td><input type="submit" name="edituser" value="Ret information"></td></tr>
</table>
</form>
<?php
}
else{
?>
<a href="login.php"><?php print "$front_back"; ?></a>
<?php
}
?>
</td>
</tr>
<tr>
<td align="right"> </td>
</tr>
</table>
</center>
</FONT>
</TD>
<TD>
<IMG SRC="images/main_13.gif" WIDTH=13 HEIGHT=504 ALT=""></TD>
</TR>
<TR>
<TD COLSPAN=8>
<IMG SRC="images/main_14.gif" WIDTH=700 HEIGHT=18 ALT=""></TD>
</TR>
<TR>
<TD>
<IMG SRC="images/spacer.gif" WIDTH=140 HEIGHT=1 ALT=""></TD>
<TD>
<IMG SRC="images/spacer.gif" WIDTH=6 HEIGHT=1 ALT=""></TD>
<TD>
<IMG SRC="images/spacer.gif" WIDTH=64 HEIGHT=1 ALT=""></TD>
<TD>
<IMG SRC="images/spacer.gif" WIDTH=84 HEIGHT=1 ALT=""></TD>
<TD>
<IMG SRC="images/spacer.gif" WIDTH=62 HEIGHT=1 ALT=""></TD>
<TD>
<IMG SRC="images/spacer.gif" WIDTH=209 HEIGHT=1 ALT=""></TD>
<TD>
<IMG SRC="images/spacer.gif" WIDTH=122 HEIGHT=1 ALT=""></TD>
<TD>
<IMG SRC="images/spacer.gif" WIDTH=13 HEIGHT=1 ALT=""></TD>
</TR>
</TABLE>
</CENTER>
</BODY>
</HTML>
Og customSQl.inc.php:
-----------------------------------------------------------------
<?php
require("./DbSql.inc.php");
Class CustomSQL extends DBSQL
{
// the constructor
function CustomSQL($DBName = "")
{
$this->DBSQL($DBName);
}
function checkusername($username)
{
$sql = "select customerid from customer where username='$username'";
$result = $this->select($sql);
return $result;
}
function adduser($username,$password,$email,$homepage,$icq,$aol,$yahoo,$msn,$location,$occupation,$interests,$biography)
{
$sql = "insert into customer (username,password,email,homepage,icq,aol,yahoo,msn,location,occupation,interests,biography) values ('$username','$password','$email','$homepage','$icq','$aol','$yahoo','$msn','$location','$occupation','$interests','$biography')";
$result = $this->insert($sql);
return $result;
}
function logincheck($username,$password)
{
$sql = "select customerid from customer where username='$username' and password='$password'";
$result = $this->select($sql);
if (empty($result)) {
return 0;
}else{
$CID = $result[0]["customerid"];
return $CID;
}
}
function checkpassword($customerid,$password)
{
$sql = "select customerid from customer where password='$password' and customerid='$customerid'";
$result = $this->select($sql);
if (empty($result)) {
return 0;
}else{
$CID = $result[0]["customerid"];
return $CID;
}
}
function emailcheck($email)
{
$sql = "select password from customer where email='$email'";
$result = $this->select($sql);
if (empty($result)) {
return 0;
}else{
$password = $result[0]["password"];
return $password;
}
}
function getuserinfobyid($customerid)
{
$sql = "select * from customer where customerid='$customerid'";
$result = $this->select($sql);
return $result;
}
function edituser($email,$navn,$adresse,$postnr,$by,$telefon,$customerid)
{
$sql = "update customer set email='$email',navn='$navn',adresse='$adresse',postnr='$postnr',by='$by',telefon='$telefon' where customerid='$customerid'";
$results = $this->update($sql);
return $results;
}
function showuser($email,$navn,$adresse,$postnr,$by,$telefon,$customerid)
{
$sql = "update customer set email='$email',navn='$navn',adresse='$adresse',postnr='$postnr',by='$by',telefon='$telefon',vaerdi='$vaerdi',tjent='$tjent',periode='$periode',samlet_p='$samlet_p',billede1='$billede1',billede2='$billede2',billede3='$billede3',billlede4='$billede4' where customerid='$customerid'";
$results = $this->update($sql);
return $results;
}
function modifypass($password,$customerid)
{
$sql = "update customer set password='$password' where customerid='$customerid'";
$results = $this->update($sql);
return $results;
}
}
?>
Håber det hjælper.