PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
<?php
//session_start();
include '../executions/connection_db.php';
// Define post fields into simple variables. These are called CONSTANTS.
$username = $_POST['username'];
$oldusername = $_POST['oldusername'];
$email = $_POST['email'];
$level = $_POST['level'];
$password_decrypted = $_POST['password'];
$password = md5($password_decrypted);
$active = $_POST['active'];
$id = $_POST['id'];
/* Lets strip some slashes in case the user entered
any escaped characters. */
$username = stripslashes($username);
$email = stripslashes($email);
$level = stripslashes($level);
$active = stripslashes($active);
/* Do some error checking on the form posted fields to make sure they are completed */
if((!$username) || (!$email)){
include 'update.php'; // Show the form again!
/* End the error checking and if everything is ok, we'll move on to
creating the user account */
exit(); // if the error checking has failed, we'll exit the script!
}
/* Let's do some checking and ensure that the user's email address or username or driver's license
does not exist in the database */
$sql_username_check = mysql_query("SELECT username FROM user_info WHERE username='$username' AND domain='$domain'");
// if check username
if ($username == $oldusername) {
$username_check = 0;
} else {
$username_check = mysql_num_rows($sql_username_check);
} // end if check username
if($username_check > 0){
echo "Error1"; //include '_alert_users.php';
if($username_check > 0){
echo "Error2"; //include '_alert_users.php';
unset($username);
}
echo "Error3";
exit(); // exit the script so that we do not create this account!
}
/* Everything has passed both error checks that we have done.
It's time to create the account! */
// Enter info into the Database.
//$query = "UPDATE user_info SET username = '$username', email = '$email', password = '$password', password_decrypted = '$password_decrypted', level = '$level', active = '$active' WHERE id = '$id' "; $sql = mysql_query($query) or die(mysql_error());
//echo "UPDATE user_info SET username = $_POST['username'], email = $_POST['email'], password = $_POST['password'], password_decrypted = $_POST['password'], level = $_POST['level'], active = $_POST['active'] WHERE id = $_POST['id'] ";
//exit();
//$query = "UPDATE user_info SET username = '$_POST['username']', email = '$_POST['email']', password = '$_POST['password']', password_decrypted = '$_POST['password'];', level = '$_POST['level'];', active = '$_POST['active'];' WHERE id = '$_POST['id'];' "; $sql = mysql_query($query) or die(mysql_error());
if(!$sql){
echo "There has been an error updating your account. Please contact the webmaster.";
} else {
// update completed, go to userindex.
header('Location: index.php');
}
?>
<?php
//session_start();
include '../executions/connection_db.php';
// Define post fields into simple variables. These are called CONSTANTS.
$username = $_POST['username'];
$oldusername = $_POST['oldusername'];
$email = $_POST['email'];
$level = $_POST['level'];
$password_decrypted = $_POST['password'];
$password = md5($password_decrypted);
$active = $_POST['active'];
$id = $_POST['id'];
/* Lets strip some slashes in case the user entered
any escaped characters. */
$username = stripslashes($username);
$email = stripslashes($email);
$level = stripslashes($level);
$active = stripslashes($active);
/* Do some error checking on the form posted fields to make sure they are completed */
if((!$username) || (!$email)){
include 'update.php'; // Show the form again!
/* End the error checking and if everything is ok, we'll move on to
creating the user account */
exit(); // if the error checking has failed, we'll exit the script!
}
/* Let's do some checking and ensure that the user's email address or username or driver's license
does not exist in the database */
$sql_username_check = mysql_query("SELECT username FROM user_info WHERE username='$username' AND domain='$domain'");
// if check username
if ($username == $oldusername) {
$username_check = 0;
} else {
$username_check = mysql_num_rows($sql_username_check);
} // end if check username
if($username_check > 0){
echo "Error1"; //include '_alert_users.php';
if($username_check > 0){
echo "Error2"; //include '_alert_users.php';
unset($username);
}
echo "Error3";
exit(); // exit the script so that we do not create this account!
}
/* Everything has passed both error checks that we have done.
It's time to create the account! */
// Enter info into the Database.
//$query = "UPDATE user_info SET username = '$username', email = '$email', password = '$password', password_decrypted = '$password_decrypted', level = '$level', active = '$active' WHERE id = '$id' "; $sql = mysql_query($query) or die(mysql_error());
echo "UPDATE user_info SET username = $_POST['username'], email = $_POST['email'], password = $_POST['password'], password_decrypted = $_POST['password'], level = $_POST['level'], active = $_POST['active'] WHERE id = $_POST['id'] ";
exit();
//$query = "UPDATE user_info SET username = '$_POST['username']', email = '$_POST['email']', password = '$_POST['password']', password_decrypted = '$_POST['password'];', level = '$_POST['level'];', active = '$_POST['active'];' WHERE id = '$_POST['id'];' "; $sql = mysql_query($query) or die(mysql_error());
if(!$sql){
echo "There has been an error updating your account. Please contact the webmaster.";
} else {
// update completed, go to userindex.
header('Location: index.php');
}
?>
Ah crap... I'm sorry. I made the change as you said and it returned everything correctly. BUT, the id in the WHERE clause is bold again. Is that trying to tell me something?
Well, i dunno why it's outputting it in bold, but string(18) for a single integer doesn't appear right.
If you replace {$_POST['id']} with a hard coded '1' does it work ok then, if so ,then the bolded 1 is a/the problem.