mikelmao Posted August 6, 2008 Share Posted August 6, 2008 i dono why .. but when i save it wont go update the user :/.. <?php include 'connect.php'; if(isset($_SESSION['admin'])) { if($_SERVER['REQUEST_METHOD'] == 'POST') { mysql_query("UPDATE users SET `order`='". $_POST['ord'] ."' AND `admin`='". $_POST['admin'] ."' WHERE id='". $_POST['idz'] ."'") or die("Mysql Query Error: " . mysql_error()); echo "User: ". $_POST['unamez'] .". Please wait to be redirected."; echo "<meta http-equiv=Refresh content=3;url='info.php'>"; } else { $a = mysql_query("SELECT * FROM users WHERE id=". $_GET['user'] .""); while($r = mysql_fetch_array($a)) { echo "<form action='edit.php' method='post'> <input type='hidden' name='idz' value='". $_GET['user'] ."'> Username: <input type='text' name='unamez' value='". $r['uname'] ."' readonly><br> Order: <select name='ord'> <option value='0'>Pending</option> <option value='1'>Approve</option> <option value='2'>Decline</option> </select><br> Power: <select name='admin'> <option value='0'><font color='orange'>Normal User</font></option> <option value='1'><font color='green'>Admin</font></option> </select><br> <input type='submit' value='Update User'>"; } } } else { echo "You need to be admin to view this page."; } ?> Link to comment https://forums.phpfreaks.com/topic/118492-solved-wont-go-in-db-agein/ Share on other sites More sharing options...
Johntron Posted August 6, 2008 Share Posted August 6, 2008 I bet mysql_error() has something for you to read http://www.php.net/manual/en/function.mysql-error.php Also, don't insert data from the user without sanitizing it first. The way you've written your code makes it pretty easy to view your users table using a very simple SQL injection. Link to comment https://forums.phpfreaks.com/topic/118492-solved-wont-go-in-db-agein/#findComment-610030 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.