PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
$newpassword = md5($_POST['newpassword']);
mysql_query("UPDATE members SET password='$newpassword' WHERE email='$email'")
or die("could not execute command");
The code executes, but when I check the relevant entry in MySQL the old password remains unchanged.
Can anyone help?
Best
ianao
Last edited by Benjamin on Fri May 22, 2009 9:51 am, edited 1 time in total.
Reason:Added [code=php] tags.
$newpassword = md5($_POST['newpassword']);
$query = "UPDATE members SET password='$newpassword' WHERE email='$email'";
$result = mysql_query($query) or die("could not execute command: " . mysql_error());
echo $query;
See what's coming back: maybe some of your variables aren't defined like you think they are.
I can see how that would be very useful if it were producing an error, but frustratingly it's not doing that. It simply will not update the password field.
I can see how that would be very useful if it were producing an error, but frustratingly it's not doing that. It simply will not update the password field.
Best
ianao
It is producing an error, or at least, it's not doing what you expect. Echo out your query and double check that it's doing what you think it is doing.
Ya, $email isn't evaluating to your actual email address. When you run that query on the database, it probably says "Query OK, 0 rows affected" right? That'll mean your WHERE clause isn't matching anything.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
Sounds stupid, but did you define $email anywhere? Your other variable comes from $_POST so maybe you meant to write something like $email = $_POST['email']; somewhere?
Also: do some reading on SQL injection before you insert raw $_POST data into your database.
Not stupid at all. The email address came about from a posting from another file, and the error was in there. All sorted now, so thanks again for the help.