Untitled

<?php
//connect to database
@ $db= new mysqli('localhost','root','','assignment1');
	if (mysqli_connect_error())
	{//display the details of any connection errors
	echo 'Error connecting to database:<br/>'.mysqli_connect_error();
	exit;
	}
	session_start();
		if ( !isset( $_SESSION['volunteermail'] ))
		{
			header('Location: login.php');
			exit;
		}
	//process submitted form
	if (isset($_POST['Address1']))
	{
		//create short variable names from the data received from the form
	$Address1 = $_POST['Address1'];
	$Address2 = $_POST['Address2'];
	$Suburb = $_POST['Suburb'];
	$Postcode = $_POST['Postcode'];
	$PhoneNo = $_POST['PhoneNo'];
	$password = $_POST['password'];
	$confirmPassword = $_POST['confirmPassword'];

	//we create this variable and set it to an empty string... if it remains empty by the end
	//of our validation code, then there was no error found
	$error_message='';
	//first we'll check if any of our required fields are empty all at once
	if	 (empty($Address1)||empty($Address2)||empty($Suburb)||empty($Postcode)||empty($PhoneNo)||empty($password)||empty($confirmPassword))
	{
		$error_message='One of the required values was blank.';
	}
	//check postcode must have 4 digit only
	elseif (strlen($Postcode)!=4)
	{
		$error_message='Your postcode must have 4 digit';
	}
	//now we'll check if the phone number is not numberic
	elseif (!is_numeric($PhoneNo))
	{
		$error_message='Your phone n0 is not numberic.';
	}
	//check the phone number must have 11 digit only based on the australia phoneNo standard
	elseif (strlen($PhoneNo)>10)
	{
		$error_message='Your Phone Number must have 10 digit or below';
	}
	//now we'll check if the password is long enough
	elseif (strlen($password)<5)
	{
		$error_message='your password is not long enough, must be 5 and above';
	}
	//check confirmPassword are matching with the origin password or not
	elseif ($password != $confirmPassword)
	{
		$error_message='your password do not match.';
	}

	//now we'll check if the email address already exists in the database
	//$email_query= "SELECT email FROM volunteers WHERE email='".$emailaddress."' AND vol_time_id !=" .$_GET['edit_mailid'];
	//$email_results=$db->query($email_query);

	//if	($email_results-> num_rows > 0)
	//{
	//	$error_message='Your email address already exist, choose another.';

	//}


	//if the error message variable is not empty(i.e. an error has been found)
	if($error_message!='')
	{
		//we'll just provide the user with the error message and a back link if there is an error
		//the exit command tells the server/PHP to stop processing the script at that point
		echo 'error:'.$error_message.'<a href="javascript: history.back();">go back</a>.';
		echo '</body></html>';
		exit;
	}
	else
	{
		 $query = "UPDATE volunteers SET Address1='".$Address1."', Address2='".$Address2."', Suburb='".$Suburb."',Postcode='".$Postcode."',
		 PhoneNo='".$PhoneNo."',password='".$password."',confirmPassword='".$confirmPassword."'";


		 $result= $db->query($query);

		 if ($result)
		 {
			echo'<p>User details inserted into database!</p>';
		 }
		 else
		 {
			echo'<p>Error updating details. Error message:</p>';
			echo '<p>'.$db->error.'</p>';
		 }

	}
}

		//fetch the user's details and store them in $rows
		$query= 'SELECT * FROM volunteers WHERE email= "'. $_SESSION['volunteermail'].'"' ;
		$result = $db->query($query);
		$row=$result->fetch_assoc();


?>
<!DOCTYPE html>
<html>
<head>
  <title>Edit User Form</title>
 </head>

<body>
<h2><strong>User Details</strong></h2>
<form name="EditUserForm" method="post" action="editUsers.php">
  <table style="width: 500px; border: 0px;" cellspacing="1" cellpadding="1">
    <tr>
      <td colspan="2"><strong>Personal Details</strong></td>
    </tr>
    <tr style="background-color: #FFFFFF;">
      <td>Address1</td>
      <td>

        <textarea name="Address1" cols="30" rows="3">

		<?php echo $row['address_In_1'] ?>
		</textarea>*</td>
    </tr>
	<tr style="background-color: #FFFFFF;">
      <td>Address2</td>
      <td>
        <textarea name="Address2" cols="30" rows="3">

		<?php echo $row['address_In_2'] ?>
		</textarea>


		</td>
    </tr>
	<tr style="background-color: #FFFFFF;">
      <td>Suburb</td>
      <td>
		<input value = <?php echo $row['suburb'] ?> name="Suburb" type="text" style="width: 200px;" maxlength="100" />*</td>
    </tr><tr style="background-color: #FFFFFF;">
      <td>Postcode</td>
      <td>
		<input value = <?php echo $row['postcode'] ?> name="Postcode" type="text" style="width: 200px;" maxlength="100" />*</td>
    </tr>
    <tr style="background-color: #FFFFFF;">
      <td>PhoneNo</td>
      <td>
        <input value = <?php echo $row['PhoneNo'] ?>  name="PhoneNo" type="text" style="width: 150px;" maxlength="15" />*</td>
    </tr>
    <tr>
      <td colspan="2">&nbsp;</td>
    </tr>
    <tr style="background-color: #FFFFFF;">
      <td>Password</td>
      <td>
        <input value = <?php echo $row['Password'] ?>   name="password" type="password" style="width: 200px;" maxlength="20" />*</td>
    </tr>
    <tr style="background-color: #FFFFFF;">
      <td>Confirm Password</td>
      <td>
        <input value = <?php echo $row['Confirm_password'] ?> name="confirmPassword" type="password" style="width: 200px;" maxlength="20" />*</td>
    </tr>
    <tr>
      <td colspan="2">&nbsp;</td>
    </tr>
    <tr style="background-color: #FFFFFF;">
      <td>
        <input type="reset" name="reset" value="Reset" />
		<input type="submit" name="submit" value="Submit" /></td>
      <td>
        <div align="right">* indicates required field</div></td>
    </tr>
  </table>
</form>
</body>
</html>