PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
$query = "UPDATE user_info SET username = '$username', email = '$email', password = '$password', password_decrypted = '$password_decrypted', level = '$level', active = '$active' WHERE id = '$id' "; $sql = mysql_query($query) or die("ERROR");
I commented that out and echoed it in order to check it. It gave me everything correctly. I then queried it against the database in PHPMyAdmin and it worked correctly. So why would the form not work?
What does echo $query; output exactly ? Also might want to do or die(mysql_error()); whilst testing so if there was to be an error then you'll see what it is.
If the query is correct, and there's no error what makes you think it isn't working?
I mean is your PHP code suggesting it isn't working? Or are you checking the database row via phpMyAdmin/whatever immediately after running to query to check if the update happened?
<?php
//session_start();
include '../executions/connection_db.php';
// Define post fields into simple variables. These are called CONSTANTS.
$username = $_POST['username'];
$oldusername = $_POST['oldusername'];
$email = $_POST['email'];
$level = $_POST['level'];
$password_decrypted = $_POST['password'];
$password = md5($password_decrypted);
$active = $_POST['active'];
$id = $_POST['id'];
/* Lets strip some slashes in case the user entered
any escaped characters. */
$username = stripslashes($username);
$email = stripslashes($email);
$level = stripslashes($level);
$active = stripslashes($active);
/* Do some error checking on the form posted fields to make sure they are completed */
if((!$username) || (!$email)){
include 'update.php'; // Show the form again!
/* End the error checking and if everything is ok, we'll move on to
creating the user account */
exit(); // if the error checking has failed, we'll exit the script!
}
/* Let's do some checking and ensure that the user's email address or username or driver's license
does not exist in the database */
$sql_username_check = mysql_query("SELECT username FROM user_info WHERE username='$username' AND domain='$domain'");
// if check username
if ($username == $oldusername) {
$username_check = 0;
} else {
$username_check = mysql_num_rows($sql_username_check);
} // end if check username
if($username_check > 0){
echo "Error1"; //include '_alert_users.php';
if($username_check > 0){
echo "Error2"; //include '_alert_users.php';
unset($username);
}
echo "Error3";
exit(); // exit the script so that we do not create this account!
}
/* Everything has passed both error checks that we have done.
It's time to create the account! */
// Enter info into the Database.
//echo "UPDATE user_info SET username = '$username', email = '$email', password = '$password', password_decrypted = '$password_decrypted', level = '$level', active = '$active' WHERE id = '$id' "; $sql = mysql_query($query) or die("ERROR DUDE");
//exit();
$query = "UPDATE user_info SET username = '$username', email = '$email', password = '$password', password_decrypted = '$password_decrypted', level = '$level', active = '$active' WHERE id = '$id' "; $sql = mysql_query($query) or die(mysql_error());
if(!$sql){
echo "There has been an error updating your account. Please contact the webmaster.";
} else {
// update completed, go to userindex.
header('Location: index.php');
}
?>
Weird. Might be worth creating a simple test script that ONLY runs that hardcoded query update, then check the database. If that works then maybe the problem is elsewhere in the code *shrug*
Good idea... I did that and BANG, it worked. I guess that means.... what DOES that mean?
I echoed both the manual query and the variable query and it turned out identical, except that the id was bold on the variable query. It looked like this:
UPDATE user_info SET username = 'rgraph1', email = 'jabshire@resonantgraphics.com', password = '5fcfd41e547a12215b173ff47fdd3739', password_decrypted = 'trustno1', level = '2', active = 'Y' WHERE id = '1'
UPDATE user_info SET username = 'rgraph1', email = 'jabshire@resonantgraphics.com', password = '5fcfd41e547a12215b173ff47fdd3739', password_decrypted = 'trustno1', level = '2', active = 'N' WHERE id = '1'
So, another check. On your original code/script put an exit(); right after doing:
mysql_query($query) or die(mysql_error()); and go and check the database to see if the update worked ok.
this is probably a good time to add sanitizing code for the $_POST variables you are adding.. since you say the variable version showed up as bold'd id, maybe your submitting some slightly mangled data?
Hmm..even weired. So the final test would be to use the hardcoded update query in your original script, i.e comment out the variable one and put the hardcoded one in. If that works then the query must be at fault, otherwise i have no idea as it makes no sense (to me anyway)
echo "UPDATE user_info SET username = '$_POST['username']', email = '$_POST['email']', password = '$_POST['password']', password_decrypted = '$_POST['password']', level = '$_POST['level']', active = '$_POST['active']' WHERE id = '$_POST['id']' ";
exit();
I got this error:
Parse error: parse error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in c:\domains\resonanthosting.com\wwwroot\econtrol\users\_update_user.php on line 58