codingdreamer

Hi all, Here's my coding issue: I have a transaction script that is supposed to insert into a sold_items and then update the products table--this works perfectly. However, I want to introduce a third query that will execute the transaction ONLY if there is an existing employee number. The problem is I keep getting the else statement: "Employee ID is invalid". For some reason, the query doesn't allow the other blocks of code to be excuted. Any insight ya'll could provide would be greatly appreciated. <?php require ('connect.php'); //connect $connection =mysqli_connect($db_host, $db_user, $db_pass); if(!$connection){ die ("Could not connect to database: <br />".mysql_error()); } //select database $db_select = mysqli_select_db($connection, $db_database); if (!$db_select){ die ("Could not select to database: <br />". mysql_error()); } if ( isset($_POST['sellbtn']) ) { // Get values from form $emp_id =mysql_real_escape_string(htmlentities($_POST['emp_id'])); $item_id =mysql_real_escape_string(htmlentities($_POST['item_id'])); $qnty =mysql_real_escape_string(htmlentities($_POST['qnty'])); //Cancel auto commit option in the database mysqli_autocommit($connection, FALSE); //check to see if there is an existing employee $query = mysql_query("SELECT * FROM employees WHERE emp_id='$emp_id' AND comp_id='$comp_id'"); if (mysql_query($query) == TRUE) { //query to update products table--this part works when I take out the first query //query to add sold_table--this part works when I take out the first query $success = true; foreach( $results as $result) { if(!$result) { $success = false; } } if(!$success) { echo "Error. Please make sure all fields have been entered correctly."; mysqli_rollback($connection); } else { echo "Sold!"; mysqli_commit($connection); } } else echo "<center><p><font color ='red'>Employee ID is invalid.</font></p></center>"; mysqli_close($connection); } ?>

Genius. Pure Genius. Thanks!

Hi All, I'm trying to establish a change password script but the SHA256 hash is giving me issues. I get "An error has occured and your password was not reset."; however, when I go to check the DB, I've notice the password hash has been changed along with the old password. So both the new/old password is no good, forcing me to delete the username. Any way I can correct this? Thanks, <?php if ($username && $userid) { if($_POST['resetpass']){ //get the form data $pass = mysql_real_escape_string(htmlentities($_POST['pass'])); $newpass = mysql_real_escape_string(htmlentities($_POST['newpass'])); $confirmpass = mysql_real_escape_string(htmlentities($_POST['confirmpass'])); //make sure all data was entered if ($pass){ if ($newpass){ if ($confirmpass){ if ($newpass === $confirmpass) { $password = hash("sha256",$password); //include login info include ('connect.php'); //connect $connection =mysql_connect($db_host, $db_user, $db_pass); if(!$connection){ die ("Could not connect to database: <br />".mysql_error()); } //select database $db_select = mysql_select_db($db_database); if (!$db_select){ die ("Could not select to database: <br />". mysql_error()); } //make sure the current password is correct $query = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'"); $numrows = mysql_num_rows($query); if ($numrows == 1){ //encrypt new pass $newpassword = hash("sha256",$password); //update db with new pass mysql_query("UPDATE users SET password='$newpassword' WHERE username='$username'"); //make sure password was changed $query = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$newpassword'"); $numrows = mysql_num_rows($query); if (numrows == 1){ echo "Your password has been reset."; } else echo "An error has occured and your password was not reset."; } else echo "Your current password is incorrect."; mysql_close(); } else echo "Your new password did not match."; } else echo "You must confirm your new password."; } else echo "You must enter your new password."; } else echo "You must enter your current password."; } echo "<form action='./resetpass.php' method='post'> <table> <tr> <td>Current Password:</td> <td><input type='text' name='pass' /></td> </tr> <tr> <td>New Password:</td> <td><input type='password' name='newpass' /></td> </tr> <tr> <td>Confirm Password:</td> <td><input type='password' name='confirmpass' /></td> </tr> <tr> <td></td> <td><input type='submit' name='resetpass' value='Reset Password' /></td> </tr> </table> </form>"; } else echo "Please login to access this page. <a href='./login.php' Login here</a>"; ?>

ahhh...It works! Thank you both for your help.

Hi Doddsey_65, not necessarily--it's the name of the table cell and does not have to be surrounded by quotations. Thanks.

Hello All, I'm having difficulty figuring out why my activation page isn't responding correctly. When I click on a link to activate my test account, the function takes me to the site with the right information populated in the text box; however, when I go to submit, it triggers an else function instead of the if function (to activate the account). I've tried changing $getuser = $_GET['user'] to $_POST but no luck thus far. Any help/insights would be greatly appreciated! Thanks. When I click on the link to activate I get this (example screenshot): Username: test Code: afcadjijckack [Activate button] Upon clicking on the 'Activate' button, I get this (example screenshot): You must enter your code Username: afcadjijckack Code: (blank) [Activate button] Here's my code: <?php error_reporting (E_ALL^E_NOTICE); session_start(); $userid = $_SESSION['userid']; $username = $_SESSION['username']; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Activate Your Account</title> </head> <body> <?php $getuser = $_GET['user']; $getcode = $_GET['code']; if ( $_POST['activatebtn'] ) { $getuser = $_POST['user']; $getcode = $_POST['code']; if ($getuser){ if ($getcode){ require("./connect.php"); $query = mysql_query("SELECT * FROM users WHERE username='$getuser'"); $numrows = mysql_num_rows($query); if ($numrows == 1){ $row = mysql_fetch_assoc($query); $dbcode = $row['code']; $dbactive = $row['active']; if($dbactive == 0){ if($dbcode == $getcode) { mysql_query("UPDATE users SET active='1' WHERE username='$getuser'" ); $query = mysql_query("SELECT * FROM users WHERE username='$getuser' AND active='1' "); $numrows = mysql_num_rows($query); if($numrows == 1) { $errormsg = "Your account has been activated. You may now login."; $getuser = ""; $getcode = ""; } else $errormsg = "An error has occured. Your account was not activated."; } else $errormsg = "your code is incorrect."; } else $errormsg = "This account is already active."; } else $errormsg = "The username you entered was not found."; mysql_close(); } else $errormsg = "You must enter your code."; } else $errormsg = "You must enter your username."; } else $errormsg= ""; echo "<form action='./activate.php' method='post'> <table> <tr> <td>$errormsg</td> </tr> <tr> <td>Username:</td> <td><input type='text' name='user' value='$getuser' /></td> </tr> <tr> <td>Code:</td> <td><input type='text' name='user' value='$getcode' /></td> </tr> <tr> <td></td> <td><input type='submit' name='activatebtn' value='Activate' /></td> </tr> </table> </form>"; ?> </body> </html>