Judging from your script, you are updating in the database, but not updating the session. It would help you to assign names to the key to help it be readable. You should also use an if
clause when relying on a $_POST
or $_GET
. Note, since you are dealing with user-sent data, you should bind parameters on your exploded values (I have not done this in my example, but have supplied link above):
<?php
# Start session
session_start();
# Include database
include_once('connect.php');
# Assign current values
$currID = $_SESSION['user_id'][0];
$sfName = $_SESSION['user_id'][1];
$smName = $_SESSION['user_id'][2];
$slName = $_SESSION['user_id'][3];
# Add an if here, this is not always guaranteed
if(!empty($_POST['fullName'])) {
$fullName = $_POST['fullName'];
# This explode seems strange, the input sounds like it could be reworked...
list($vfName, $vmName, $lvName) = explode('|', $fullName);
# Sql statement, this should have parameters that are bound since you are
# receiving them from $_POST, which can seriously mess up your database via injection
$qEditName = "UPDATE userzavier SET fname='$vfName', mdname='$vmName', lname='$lvName' where ID='$currID'";
# Create query
if (mysqli_query($con, $qEditName)) {
# Here is where you need to fix your script
# Assign the session, not just variable (you really
# should make the key associative, not numeric. It is
# easier to read and use if it was $_SESSION['user_id']['first_name'] or similar)
$_SESSION['user_id'][1] =
$sfName = $vfName;
$_SESSION['user_id'][2] =
$smName = $vmName;
$_SESSION['user_id'][3] =
$slName = $lvName;
echo $sfName . ' ' . $smName . ' ' . $slName;
} else {
#Display Error
echo "Error updating record: " . mysqli_error($con);
}
# Close connection
mysqli_close($con);
}