updating database with password

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

franknu
Forum Contributor
Posts: 146
Joined: Sun May 28, 2006 9:29 am

Post by franknu »

Made changes same results

Code: Select all

<?
         
 $host = "localhost";
$username = "localhost";
$password = "abc123";
$database = "contacts";




 
$db = mysql_connect($host, $username, $password); 
mysql_select_db($database); 
$BusinessName = (isset($_POST['BusinessName']) ? $_POST['BusinessName'] : ''); 
 $Slogan = (isset($_POST['Slogan']) ? $_POST['Slogan']:'');
 $Business_Address = (isset($_POST['Business_Address']) ? $_POST['Business_Address']:'');
 $Tel = (isset($_POST['Tel']) ? $_POST['Tel']:'');
 $Website = (isset($_POST['Website']) ? $_POST['Website']:'');
 $Email = (isset($_POST['Email']) ? $_POST['Email']:'');
 $Member_Status = (isset($_POST['Member_Status']) ? $_POST['Member_Status']:'');
 $Fax =(isset($_POST['Fax']) ? $_POST['Fax']:'');
 $type = (isset($_POST['type']) ? $_POST['type']:'');
 $make = (isset($_POST['make']) ? $_POST['make']:'');
 $Categories = (isset($_POST['Categories']) ? $_POST['Categories']:'');
 $Keyword = (isset($_POST['Keyword']) ? $_POST['Keyword']:'');
 $Picture1 =  (isset($_POST['Picture1']) ? $_POST['Picture1']:'');
 $Headline =  (isset($_POST['Headline']) ? $_POST['Headline']:'');
 $Slogan2 = (isset($_POST['Slogan2']) ? $_POST['Slogan2']:'');
 $Description1 = (isset($_POST['Description1']) ? $_POST['Description1']:'');
 $Description2 = (isset($_POST['Description2']) ? $_POST['Description2']:'');
 $Description3= (isset($_POST['Description3']) ? $_POST['Description3']:'');
 $Contact2 = (isset($_POST['Contact2']) ? $_POST['Contact2']:'');
 $Picture2 =  (isset($_POST['Picture2']) ? $_POST['Picture2']:'');
 $Picture3 = (isset($_POST['Picture3']) ? $_POST['Picture3']:'');
 $Picture4 =  (isset($_POST['Picture4']) ? $_POST['Picture4']:'');
 $User_Name = (isset($_POST['User_Name']) ? $_POST['User_Name']:'');
 $Password = (isset($_POST['Password']) ? $_POST['Password']: '');



$checkp = mysql_query("SELECT `Password` FROM `business_info` WHERE `User_Name` = '"
. mysql_real_escape_string($User_Name)."'");


$Password1 = mysql_fetch_row($checkp);
$Password2 = $Password1['Password'];




if($Password === $Password2) 

{

$query = "UPDATE  business_info SET 
`BusinessName`= '$BusinessName',
 `Slogan`='$Slogan', 
 `Business_Address`='$Business_Address', 
 `Tel`='$Tel',
 `Website`='$Website', 
 `Email`='$Email',
 `Member_Status`='$Member_Status', 
`Fax`='$Fax', 
`type`='$type', 
`make`='$make', 
`Categories`='$Categories', 
`Keyword`='$Keyword', 
`Picture1`='$Picture1',
 `Headline`='$Headline', 
 `Slogan2`='$Slogan2', 
 `Description1`='$Description1', 
`Description2`='$Description2', 
`Description3`= '$Description3',
 `Contact2`='$Contact2', 
 `Picture2`='$Picture2',
 `Picture3`='$Picture3',
  `User_Name` ='User_Name',
 `Password`='$Password' WHERE `User_Name`='$User_Name'";

 $result = mysql_query($query) or die (mysql_error());


  } 


    else 

    { 
     
  echo "Incorrect Password or User Name Try again "; 
  exit; 
} 




?>
i am dying here trying to get this to work
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

Two things:

Make sure your query is executing fine by adding a or die(mysql_error()) call to the query, like so:

Code: Select all

$checkp = mysql_query("SELECT `Password` FROM `business_info` WHERE `User_Name` = '". mysql_real_escape_string($User_Name)."'") or die(mysql_error());
Secondly, try adding some debugging code to see what is actually going on. Try adding this after the line containing $Password2 = $Password1['Password'];

Code: Select all

echo 'Num Rows Returned: '. mysql_num_rows($checkp) .'<br />';
echo '<pre>';
var_dump($Password);
var_dump($Password2);
exit();
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Run this and see what it tells you...

Code: Select all

<?php
// Add a debug param for checking some things
// Change this to false to turn it off
$debug = true;
// DB connection params
$host = "localhost";
$username = "localhost";
$password = "abc123";
$database = "contacts";

// Lets hit the server 
if (!$db = mysql_connect($host, $username, $password))
{
	die('Could not connect to the server: ' . mysql_error());
}

// Lets fetch our database now
if (!mysql_select_db($database))
{
	die('Could not select the database: ' . mysql_error());
}

// Handle form inputs
$BusinessName = (isset($_POST['BusinessName']) ? $_POST['BusinessName'] : '');
$Slogan = (isset($_POST['Slogan']) ? $_POST['Slogan']:'');
$Business_Address = (isset($_POST['Business_Address']) ? $_POST['Business_Address']:'');
$Tel = (isset($_POST['Tel']) ? $_POST['Tel']:'');
$Website = (isset($_POST['Website']) ? $_POST['Website']:'');
$Email = (isset($_POST['Email']) ? $_POST['Email']:'');
$Member_Status = (isset($_POST['Member_Status']) ? $_POST['Member_Status']:'');
$Fax =(isset($_POST['Fax']) ? $_POST['Fax']:'');
$type = (isset($_POST['type']) ? $_POST['type']:'');
$make = (isset($_POST['make']) ? $_POST['make']:'');
$Categories = (isset($_POST['Categories']) ? $_POST['Categories']:'');
$Keyword = (isset($_POST['Keyword']) ? $_POST['Keyword']:'');
$Picture1 =  (isset($_POST['Picture1']) ? $_POST['Picture1']:'');
$Headline =  (isset($_POST['Headline']) ? $_POST['Headline']:'');
$Slogan2 = (isset($_POST['Slogan2']) ? $_POST['Slogan2']:'');
$Description1 = (isset($_POST['Description1']) ? $_POST['Description1']:'');
$Description2 = (isset($_POST['Description2']) ? $_POST['Description2']:'');
$Description3= (isset($_POST['Description3']) ? $_POST['Description3']:'');
$Contact2 = (isset($_POST['Contact2']) ? $_POST['Contact2']:'');
$Picture2 =  (isset($_POST['Picture2']) ? $_POST['Picture2']:'');
$Picture3 = (isset($_POST['Picture3']) ? $_POST['Picture3']:'');
$Picture4 =  (isset($_POST['Picture4']) ? $_POST['Picture4']:'');
$User_Name = (isset($_POST['User_Name']) ? $_POST['User_Name']:'');
$Password = (isset($_POST['Password']) ? $_POST['Password']: '');

if ($debug)
{
	echo '<br />So far we know the passed password is: ' . $Password;
}

// Run a query that gets a password that is already in the database
$sql = "SELECT `Password` FROM `business_info` WHERE `User_Name` = '". mysql_real_escape_string($User_Name) . "'");
if (!$result = mysql_query($sql))
{
	die('Could not execute data fetch: ' . mysql_error());
}
$row = mysql_fetch_array($result);
$Password2 = $row['Password'];

if ($debug)
{
	echo '<br />We also know that the password in the DB is ' . $Password2;
}

if ($Password == $Password2)
{
	// The passed password is the same as what is in the database
	$sql = "UPDATE `business_info` SET 
			`BusinessName`= '$BusinessName',
			`Slogan`='$Slogan',
			`Business_Address`='$Business_Address',
			`Tel`='$Tel',
			`Website`='$Website',
			`Email`='$Email',
			`Member_Status`='$Member_Status',
			`Fax`='$Fax',
			`type`='$type',
			`make`='$make',
			`Categories`='$Categories',
			`Keyword`='$Keyword',
			`Picture1`='$Picture1',
			`Headline`='$Headline',
			`Slogan2`='$Slogan2',
			`Description1`='$Description1',
			`Description2`='$Description2',
			`Description3`= '$Description3',
			`Contact2`='$Contact2',
			`Picture2`='$Picture2',
			`Picture3`='$Picture3',
			# Without a dollar sign, this users name will now be User_Name
			`User_Name` ='User_Name',
			`Password`='$Password' WHERE `User_Name`='$User_Name'";

	if (!$result = mysql_query($sql))
	{
		die('Could not update the information for ' . $User_Name . ': ' . mysql_error());
	}
}
else
{
	// The passed password is not the same as what is in the database
	echo "Incorrect Password or User Name Try again ";
	if ($debug)
	{
		echo '<br />Password passed was: ' . $Password . ' ...<br />Password stored was ' . $Password2 . ' ...';
	}
}
?>
Post Reply