Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Issue w/ account_edit.php


JEWbacca

Recommended Posts

Posted

When visiting the account_edit.php page on my site all the fields (First Name, Last Name, E-Mail Address, Telephone Number and Fax Number) display "h" rather than the correct information from the database. The correct information still comes through on orders, is viewable/editable via the catalog side address_book_process.php and admin side customers.php page.

 

I have attempted to restore my account_edit.php code back to its original state (I have installed an anti robot validation contribution) however the problem still persists.

 

Any insight on what might be causing this? Perhaps something being called on an external page?

 

Here is an image:

Account_Info.png

 

Here is the account_edit.php code:

<?php
/*
 $Id: account_edit.php,v 1.65 2003/06/09 23:03:52 hpdl Exp $

 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2003 osCommerce

 Released under the GNU General Public License
*/

 require('includes/application_top.php');
// BOF Anti Robot Validation v2.5
 if (ACCOUNT_VALIDATION == 'true' && ACCOUNT_EDIT_VALIDATION == 'true') {
   require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_ACCOUNT_VALIDATION);
   include_once('includes/functions/' . FILENAME_ACCOUNT_VALIDATION);
 }
// EOF Anti Robot Registration v2.5
 if (!tep_session_is_registered('customer_id')) {
   $navigation->set_snapshot();
   tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
 }

// needs to be included earlier to set the success message in the messageStack
 require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_ACCOUNT_EDIT);

 if (isset($HTTP_POST_VARS['action']) && ($HTTP_POST_VARS['action'] == 'process')) {
   if (ACCOUNT_GENDER == 'true') $gender = tep_db_prepare_input($HTTP_POST_VARS['gender']);
   $firstname = tep_db_prepare_input($HTTP_POST_VARS['firstname']);
   $lastname = tep_db_prepare_input($HTTP_POST_VARS['lastname']);
   if (ACCOUNT_DOB == 'true') $dob = tep_db_prepare_input($HTTP_POST_VARS['dob']);
   $email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']);
   $telephone = tep_db_prepare_input($HTTP_POST_VARS['telephone']);
   $fax = tep_db_prepare_input($HTTP_POST_VARS['fax']);

   $error = false;

   if (ACCOUNT_GENDER == 'true') {
     if ( ($gender != 'm') && ($gender != 'f') ) {
       $error = true;

       $messageStack->add('account_edit', ENTRY_GENDER_ERROR);
     }
   }

   if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
     $error = true;

     $messageStack->add('account_edit', ENTRY_FIRST_NAME_ERROR);
   }

   if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
     $error = true;

     $messageStack->add('account_edit', ENTRY_LAST_NAME_ERROR);
   }

   if (ACCOUNT_DOB == 'true') {
     if (!checkdate(substr(tep_date_raw($dob), 4, 2), substr(tep_date_raw($dob), 6, 2), substr(tep_date_raw($dob), 0, 4))) {
       $error = true;

       $messageStack->add('account_edit', ENTRY_DATE_OF_BIRTH_ERROR);
     }
   }

   if (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
     $error = true;

     $messageStack->add('account_edit', ENTRY_EMAIL_ADDRESS_ERROR);
   }

   if (!tep_validate_email($email_address)) {
     $error = true;

     $messageStack->add('account_edit', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
   }

   $check_email_query = tep_db_query("select count(*) as total from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "' and customers_id != '" . (int)$customer_id . "'");
   $check_email = tep_db_fetch_array($check_email_query);
   if ($check_email['total'] > 0) {
     $error = true;

     $messageStack->add('account_edit', ENTRY_EMAIL_ADDRESS_ERROR_EXISTS);
   }

   if (strlen($telephone) < ENTRY_TELEPHONE_MIN_LENGTH) {
     $error = true;

     $messageStack->add('account_edit', ENTRY_TELEPHONE_NUMBER_ERROR);
   }
// BOF Anti Robotic Registration v2.5
   if (ACCOUNT_VALIDATION == 'true' && ACCOUNT_EDIT_VALIDATION == 'true') {
     $sql = "SELECT * FROM " . TABLE_ANTI_ROBOT_REGISTRATION . " WHERE session_id = '" . tep_session_id() . "' LIMIT 1";
     if( !$result = tep_db_query($sql) ) {
       $error = true;
       $entry_antirobotreg_error = true;
       $text_antirobotreg_error = ERROR_VALIDATION_1;
     } else {
       $entry_antirobotreg_error = false;
       $anti_robot_row = tep_db_fetch_array($result);
       if (( strtoupper($HTTP_POST_VARS['antirobotreg']) != $anti_robot_row['reg_key'] ) || ($anti_robot_row['reg_key'] == '') || (strlen($antirobotreg) != ENTRY_VALIDATION_LENGTH)) {
         $error = true;
         $entry_antirobotreg_error = true;
         $text_antirobotreg_error = ERROR_VALIDATION_2;
       } else {
         $sql = "DELETE FROM " . TABLE_ANTI_ROBOT_REGISTRATION . " WHERE session_id = '" . tep_session_id() . "'";
         if( !$result = tep_db_query($sql) ) {
           $error = true;
           $entry_antirobotreg_error = true;
           $text_antirobotreg_error = ERROR_VALIDATION_3;
         } else {
           $sql = "OPTIMIZE TABLE " . TABLE_ANTI_ROBOT_REGISTRATION . "";
           if( !$result = tep_db_query($sql) ) {
             $error = true;
             $entry_antirobotreg_error = true;
             $text_antirobotreg_error = ERROR_VALIDATION_4;
           } else {
             $entry_antirobotreg_error = false;
           }
         }
       }
     }
   if ($entry_antirobotreg_error == true) $messageStack->add('account_edit', $text_antirobotreg_error);
   }
// EOF Anti Robotic Registration v2.5
   if ($error == false) {
     $sql_data_array = array('customers_firstname' => $firstname,
                             'customers_lastname' => $lastname,
                             'customers_email_address' => $email_address,
                             'customers_telephone' => $telephone,
                             'customers_fax' => $fax);

     if (ACCOUNT_GENDER == 'true') $sql_data_array['customers_gender'] = $gender;
     if (ACCOUNT_DOB == 'true') $sql_data_array['customers_dob'] = tep_date_raw($dob);

     tep_db_perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id = '" . (int)$customer_id . "'");

     tep_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_account_last_modified = now() where customers_info_id = '" . (int)$customer_id . "'");

     $sql_data_array = array('entry_firstname' => $firstname,
                             'entry_lastname' => $lastname);

     tep_db_perform(TABLE_ADDRESS_BOOK, $sql_data_array, 'update', "customers_id = '" . (int)$customer_id . "' and address_book_id = '" . (int)$customer_default_address_id . "'");

// reset the session variables
     $customer_first_name = $firstname;

     $messageStack->add_session('account', SUCCESS_ACCOUNT_UPDATED, 'success');

     tep_redirect(tep_href_link(FILENAME_ACCOUNT, '', 'SSL'));
   }
 }

 $account_query = tep_db_query("select customers_gender, customers_firstname, customers_lastname, customers_dob, customers_email_address, customers_telephone, customers_fax from " . TABLE_CUSTOMERS . " where customers_id = '" . (int)$customer_id . "'");
 $account = tep_db_fetch_array($account_query);

 $breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_ACCOUNT, '', 'SSL'));
 $breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_ACCOUNT_EDIT, '', 'SSL'));
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<title><?php echo TITLE; ?></title>
<base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>">
<link rel="stylesheet" type="text/css" href="stylesheet.css">
<?php require('includes/form_check.js.php'); ?>
</head>
<body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0">
<!-- header //-->
<?php require(DIR_WS_INCLUDES . 'header.php'); ?>
<!-- header_eof //-->

<!-- body //-->
<table border="0" width="100%" cellspacing="0" cellpadding="0">
 <tr>
<!-- body_text //-->
   <td width="100%" valign="top"><?php echo tep_draw_form('account_edit', tep_href_link(FILENAME_ACCOUNT_EDIT, '', 'SSL'), 'post', 'onSubmit="return check_form(account_edit);"') . tep_draw_hidden_field('action', 'process'); ?><table border="0" width="100%" cellspacing="0" cellpadding="0">
     <tr>
       <td><table border="0" width="100%" cellspacing="0" cellpadding="0">
         <tr>
           <td class="pageHeading"><?php echo HEADING_TITLE; ?></td>
         </tr>
       </table></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
     </tr>
<?php
 if ($messageStack->size('account_edit') > 0) {
?>
     <tr>
       <td><?php echo $messageStack->output('account_edit'); ?></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
     </tr>
<?php
 }
?>
     <tr>
       <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
         <tr>
           <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
             <tr>
               <td class="main"><b><?php echo MY_ACCOUNT_TITLE; ?></b></td>
               <td class="inputRequirement" align="right"><?php echo FORM_REQUIRED_INFORMATION; ?></td>
             </tr>
           </table></td>
         </tr>
         <tr>
           <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
             <tr class="infoBoxContents">
               <td><table border="0" cellspacing="2" cellpadding="2">
<?php
 if (ACCOUNT_GENDER == 'true') {
   if (isset($gender)) {
     $male = ($gender == 'm') ? true : false;
   } else {
     $male = ($account['customers_gender'] == 'm') ? true : false;
   }
   $female = !$male;
?>
                 <tr>
                   <td class="main"><?php echo ENTRY_GENDER; ?></td>
                   <td class="main"><?php echo tep_draw_radio_field('gender', 'm', $male) . '  ' . MALE . '  ' . tep_draw_radio_field('gender', 'f', $female) . '  ' . FEMALE . ' ' . (tep_not_null(ENTRY_GENDER_TEXT) ? '<span class="inputRequirement">' . ENTRY_GENDER_TEXT . '</span>': ''); ?></td>
                 </tr>
<?php
 }
?>
                 <tr>
                   <td class="main"><?php echo ENTRY_FIRST_NAME; ?></td>
                   <td class="main"><?php echo tep_draw_input_field('firstname', $account['customers_firstname']) . ' ' . (tep_not_null(ENTRY_FIRST_NAME_TEXT) ? '<span class="inputRequirement">' . ENTRY_FIRST_NAME_TEXT . '</span>': ''); ?></td>
                 </tr>
                 <tr>
                   <td class="main"><?php echo ENTRY_LAST_NAME; ?></td>
                   <td class="main"><?php echo tep_draw_input_field('lastname', $account['customers_lastname']) . ' ' . (tep_not_null(ENTRY_LAST_NAME_TEXT) ? '<span class="inputRequirement">' . ENTRY_LAST_NAME_TEXT . '</span>': ''); ?></td>
                 </tr>
<?php
 if (ACCOUNT_DOB == 'true') {
?>
                 <tr>
                   <td class="main"><?php echo ENTRY_DATE_OF_BIRTH; ?></td>
                   <td class="main"><?php echo tep_draw_input_field('dob', tep_date_short($account['customers_dob'])) . ' ' . (tep_not_null(ENTRY_DATE_OF_BIRTH_TEXT) ? '<span class="inputRequirement">' . ENTRY_DATE_OF_BIRTH_TEXT . '</span>': ''); ?></td>
                 </tr>
<?php
 }
?>
                 <tr>
                   <td class="main"><?php echo ENTRY_EMAIL_ADDRESS; ?></td>
                   <td class="main"><?php echo tep_draw_input_field('email_address', $account['customers_email_address']) . ' ' . (tep_not_null(ENTRY_EMAIL_ADDRESS_TEXT) ? '<span class="inputRequirement">' . ENTRY_EMAIL_ADDRESS_TEXT . '</span>': ''); ?></td>
                 </tr>
                 <tr>
                   <td class="main"><?php echo ENTRY_TELEPHONE_NUMBER; ?></td>
                   <td class="main"><?php echo tep_draw_input_field('telephone', $account['customers_telephone']) . ' ' . (tep_not_null(ENTRY_TELEPHONE_NUMBER_TEXT) ? '<span class="inputRequirement">' . ENTRY_TELEPHONE_NUMBER_TEXT . '</span>': ''); ?></td>
                 </tr>
                 <tr>
                   <td class="main"><?php echo ENTRY_FAX_NUMBER; ?></td>
                   <td class="main"><?php echo tep_draw_input_field('fax', $account['customers_fax']) . ' ' . (tep_not_null(ENTRY_FAX_NUMBER_TEXT) ? '<span class="inputRequirement">' . ENTRY_FAX_NUMBER_TEXT . '</span>': ''); ?></td>
                 </tr>
               </table></td>
             </tr>
           </table></td>
         </tr>
       </table></td>
     </tr>
     <tr>
       <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
     </tr>
     <!-- // BOF Anti Robot Registration v2.5-->
<?php
 if (ACCOUNT_VALIDATION == 'true' && strstr($PHP_SELF,'account_edit') &&  ACCOUNT_EDIT_VALIDATION == 'true') {
?>
     <tr>
       <td class="main"><b><?php echo CATEGORY_ANTIROBOTREG; ?></b></td>
     </tr>
     <tr>
       <td><table border="0" width="100%" cellspacing="1" cellpadding="2">
         <tr>
           <td><table border="0" cellspacing="2" cellpadding="2">
             <tr>
<?php
   if (ACCOUNT_VALIDATION == 'true' && strstr($PHP_SELF,'account_edit') &&  ACCOUNT_EDIT_VALIDATION == 'true') {
     if ($is_read_only == false || (strstr($PHP_SELF,'account_edit')) ) {
       $sql = "DELETE FROM " . TABLE_ANTI_ROBOT_REGISTRATION . " WHERE timestamp < '" . (time() - 3600) . "' OR session_id = '" . tep_session_id() . "'";
       if( !$result = tep_db_query($sql) ) { die('Could not delete validation key'); }
       $reg_key = gen_reg_key();
       $sql = "INSERT INTO ". TABLE_ANTI_ROBOT_REGISTRATION . " VALUES ('" . tep_session_id() . "', '" . $reg_key . "', '" . time() . "')";
       if( !$result = tep_db_query($sql) ) { die('Could not check registration information'); }
?>
             <tr>
               <td class="main"><table border="0" width="100%" cellspacing="0" cellpadding="2">
                 <tr>
                   <td class="main"><table border="0" cellspacing="0" cellpadding="2">
                     <tr>
                       <td class="main" width="100%" NOWRAP><span class="main"> <?php echo ENTRY_ANTIROBOTREG; ?></span></td>
                     </tr>
                     <tr>
                       <td class="main" width="100%">
<?php
         $check_anti_robotreg_query = tep_db_query("select session_id, reg_key, timestamp from anti_robotreg where session_id = '" . tep_session_id() . "'");
         $new_guery_anti_robotreg = tep_db_fetch_array($check_anti_robotreg_query);
         $validation_images = tep_image('validation_png.php?rsid=' . $new_guery_anti_robotreg['session_id']);
         if ($entry_antirobotreg_error == true) {
?>
<span>
<?php
         echo $validation_images . ' <br> ';
         echo '<input type="text" name="antirobotreg" id="antirobotreg" <br><b><font color="red">' . ERROR_VALIDATION . '<br></b>' . $text_antirobotreg_error . '</b></font>';
       } else {
?>
<span>
<?php      
         echo $validation_images . ' <br> ';
         echo '<input type="text" name="antirobotreg" id="antirobotreg" />' . '' . ENTRY_ANTIROBOTREG_TEXT;
         }
       }
     }
?>
</span>
                       </td>
                     </tr>
                   </table></td>
                 </tr>
               </table></td>
             </tr>
           </tr>
         </table></td>
       </tr>
     </table></td>
   </tr>
   <tr>
     <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td>
   </tr>
<?php
   }
?>

<!-- // EOF Anti Robot Registration v2.5-->
     <tr>
       <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">
         <tr class="infoBoxContents">
           <td><table border="0" width="100%" cellspacing="0" cellpadding="2">
             <tr>
               <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
               <td><?php echo '<a href="' . tep_href_link(FILENAME_ACCOUNT, '', 'SSL') . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td>
               <td align="right"><?php echo tep_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE); ?></td>
               <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>
             </tr>
           </table></td>
         </tr>
       </table></td>
     </tr>
   </table></form></td>
<!-- body_text_eof //-->
 </tr>
</table>
<!-- body_eof //-->

<!-- footer //-->
<?php require(DIR_WS_INCLUDES . 'footer.php'); ?>
<!-- footer_eof //-->
</body>
</html>
<?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>

 

Thanks in advance for any insight!

 

Regards,

 

Nate

Posted

Let's make sure the query is working okay. Insert the following code:

 

echo "<pre>\n";
print_r($account);
echo "\n</pre>\n";

right after this line:

 

$account = tep_db_fetch_array($account_query);

so that it looks like this:

 

$account = tep_db_fetch_array($account_query);
echo "<pre>\n";
print_r($account);
echo "\n</pre>\n";

This will print the contents of $account at the top of the page.

 

.

Check out Chad's News.

Posted

Chad,

 

Seems like the query is working.

 

Array

(

[customers_gender] =>

[customers_firstname] => Test

[customers_lastname] => Account

[customers_dob] => 2010-08-06 00:00:00

[customers_email_address] => [email protected]

[customers_telephone] => 555-555-5555

[customers_fax] =>

)

Posted

Okay, let's try something else. Take out the code I asked you to insert and move it to a new location. In the existing code:

 

<?php
 }
?>
<tr>
 <td class="main"><?php echo ENTRY_FIRST_NAME; ?></td>

insert the code after the "}" and before the "?>", like so:

 

<?php
 }
echo "<pre>\n";
print_r($account);
echo "\n</pre>\n";
?>
<tr>
 <td class="main"><?php echo ENTRY_FIRST_NAME; ?></td>

 

.

Check out Chad's News.

Posted

Solved!

 

I was able to get things working by renaming ALL of the "$account" to "$account2" - everything is now working perfect.

 

Thanks Chad for helping me realize the issue!

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...