Code: Select all
$insert = "UPDATE user SET username = $mod_userName, pass = $mod_myPass
WHERE email = $myEmail";
$changePassWord = mysql_query($insert);
echo "successfully updated";
exit;Moderator: General Moderators
Code: Select all
$insert = "UPDATE user SET username = $mod_userName, pass = $mod_myPass
WHERE email = $myEmail";
$changePassWord = mysql_query($insert);
echo "successfully updated";
exit;Code: Select all
$insert = "UPDATE user SET 'username' = '$mod_userName', 'pass' = '$mod_myPass'
WHERE 'email' = '$myEmail'";
$changePassWord = mysql_query('$insert');
echo "successfully updated";
exit;Code: Select all
$userName = generatePassword (6, 5);
$myPass = generatePassword (6, 5);
$mod_myPass = md5($myPass);
$mod_userName = quote($userName);
$mod_myPass = quote($mod_myPass);
unset($_SESSION['SES_loginErr']);
$userName = mysql_real_escape_string($userName);
$myPass = mysql_real_escape_string($myPass);
$insert = "UPDATE user SET username = '$mod_userName', pass = '$mod_myPass'
WHERE email = '$myEmail'";
$changePassWord = mysql_query($insert);
echo mysql_error();
echo "successfully updated";
exit;Code: Select all
my quote function:
function quote($value)
{
// Stripslashes
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}
// Quote if not a number or a numeric string
if (!is_numeric($value)) {
$value = "'" . mysql_real_escape_string($value) . "'";
}
return $value;
}
// mysql_real_escape_string() is called in the quote() function
$mod_userName = quote($userName);
$mod_myPass = quote($mod_myPass);
unset($_SESSION['SES_loginErr']);
$insert = "UPDATE user SET username = \"$mod_userName\", password = \"$mod_myPass\"
WHERE email = \"$myEmail\"";
$changePassWord = mysql_query($insert);
echo mysql_error();
echo "successfully updated";
exit;Code: Select all
$insert = "UPDATE `user` SET `username` = $mod_userName, `password` = $mod_myPass WHERE `email` = $myEmail";Code: Select all
$insert = "UPDATE user SET username = \"$mod_userName\", password = \"$mod_myPass\"
WHERE email = \"$myEmail\"";
$changePassWord = mysql_query($insert);
echo mysql_error();
echo "successfully updated";