insaynewrapper Posted June 13, 2006 Share Posted June 13, 2006 In the site I'm currently working on I'm having a reoccuring problem where for some reason a particular variable just likes to change itself to '0'. Here's one instance of the code..[code]if($_POST['submit'] == "Update"){ $realname = sanitize($_POST['realname']); if($realname) { if(strlen($realname) > 64) { doMessage('Your real name must be less than 64 characters.'); } } if(strlen($_SESSION['message']) == 0) { doQuery("UPDATE `members` SET `realname`='$realname' AND `gender`='$gender' AND `location`='$location' AND `birthday`='$birthday' AND `email`='$email' AND `about`='$about' AND `forumavatar`='$forumavatar' WHERE `username`='". $userInfo['username'] ."'"); }}[/code]The doQuery function is nothing but[code]function doQuery($query){ $query = mysql_query($query .';') or die($dieMessage . "\n<br />". mysql_errno() .': '. mysql_error() .'</p>'); return $query;}[/code]And the doMessage is just[code]function doMessage($messageStr, $class="error"){ if($_SESSION['message']) {$_SESSION['message'] .= "\n<br />";} $_SESSION['message'] .= '<span class="$class">'. $messageStr .'</span>';}[/code]Everything else will insert itself in the database fine, but for some reason 'realname' will change itself to 0. I cannot figure out why.I left out big chunks of code from the first part, but nothing I would think worth posting..If anybody can figure out what I'm doing wrong I would greatly appreciate it. I've exhausted myself for over a month now trying to figure out what the deal is.Thanks alot!Daniel Link to comment https://forums.phpfreaks.com/topic/11852-string-changing/ Share on other sites More sharing options...
coldkill Posted June 13, 2006 Share Posted June 13, 2006 What does the sanitize function do? If it is adding slashes or the sort you might want to use mysql_real_escape_string() which will also help stop injection attacks. Link to comment https://forums.phpfreaks.com/topic/11852-string-changing/#findComment-44940 Share on other sites More sharing options...
redarrow Posted June 13, 2006 Share Posted June 13, 2006 [!--quoteo(post=383184:date=Jun 13 2006, 10:12 AM:name=coldkill)--][div class=\'quotetop\']QUOTE(coldkill @ Jun 13 2006, 10:12 AM) [snapback]383184[/snapback][/div][div class=\'quotemain\'][!--quotec--]What does the sanitize function do? If it is adding slashes or the sort you might want to use mysql_real_escape_string() which will also help stop injection attacks.[/quote]sanitize? what that mean get rid of it lol.Wash a string according to google.Echo out the query then post the result ok. Link to comment https://forums.phpfreaks.com/topic/11852-string-changing/#findComment-44945 Share on other sites More sharing options...
insaynewrapper Posted June 16, 2006 Author Share Posted June 16, 2006 Well sanitize is supposed to add slashes and such, but right now it doesn't do anything. It just returns back the string. Link to comment https://forums.phpfreaks.com/topic/11852-string-changing/#findComment-46176 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.