Hmm... You might be right, fractal, but he says that ALL user names get promoted, which means there is some sort of transfer of information going on here.
I notice that you don't have $promote adequately defined in the code. Any programmer here will surely give you this advice... always remember to properly call your variables. In this case, this is the way to go:
I don't know what the rest of your code looks like, but I assume you're using a loop with mysql_fetch_(array or assoc) to get your user information from the database.
If this is the case, chances are all the information that comes up in that loop is being put in to this code. That would explain all of your users being updated at once.
I also don't see your users being specified in the form you've created. All I see is a submit action. You need to separate the usernames using some method. This is how I do things like this. Just an example, not the only way to do it. I use query strings
Here's my exemplo:
Code: Select all
//All code below is assuming you're already connected to the database
//Select usernames and current ranks from db
$sql = "select user, rank, from user_table";
$act = mysql_query($sql);
while ($info = mysql_fetch_array($act)) {
$user = $info['user'];
$rank = $info['rank'];
echo "<b>$user</b> "; //This prints the user name in bold
echo "<a href='whateverpage.php?action=promote&user=$user&rank=$rank'> Promote </a> "; //Clicking this link will promote the user
echo "<a href='whateverpage.php?action=demote&user=$user&rank=$rank'> Demote </a>"; //Clicking this link will demote the user
}
Then I'd get the proper variables, and start the rest of the process.
Code: Select all
$action = $_GET['action']; //This is either the promote or demote action
$rank = $_GET['rank'];
$user = $_GET['user'];
if ($action == 'promote') {
$newrank = $rank + 1;
$sql = "update user_table set rank = '$newrank' where user = '$user'";
$act = mysql_query($sql);
}
if ($action == 'demote') {
$newrank = $rank - 1;
$sql = "update user_table set rank = '$newrank' where user = '$user'";
$act = mysql_query($sql);
}
Just my two cents though.

Hope it gives you some ideas!