Jump to content

Archived

This topic is now archived and is closed to further replies.

gfX

PHP Deleting Records

Recommended Posts

I have an image hosting script here - and this is in the admin.php file. It will list all the registered users and then I click "Edit Details" and here is the script for that:

[code]
<fieldset class="fi">
    <legend>Basic Details</legend>
        <?php
            if($_POST['basic']) {
                if($_POST['password'] !== "")
                    $pass = md5($_POST['password']);
                }else{
                    $pass = $_POST['password'];
                @mysql_query("UPDATE users SET nickname='$_POST[nickname]', password='$pass', email='$_POST[email]' WHERE nickname='$_GET[user]'");
                echo "<h2>Updated</h2>";
            }
        ?>
        <form name="basic" action="admin.php?request=users&user=<?=$var['nickname']; ?>&act=do" method="post">
        <b>Username</b>: <input class="text" name="nickname" size="40" value="<?=$var['nickname']; ?>"><br />
        <b>Edit Password</b>: <input class="text" name="password" size="40" value=""><br />
        <b>Email</b>: <input class="text" name="email" size="40" value="<?=$var['email']; ?>">
        <input type="submit" name="basic">
        </form>
</fieldset>    
[/code]

But that script keeps messing up. When I click Edit details - It goes to that page but it already has the heading "Updated" and the values are there - and then when I click submit it updates the record in the database to nothing. Blank.
So when I go to edit the user, it wont let me because all the values and username are ""
and I have to keep restoring in the database.

So I don't get to edit anything, whenever I click Edit Details for the user - it updates just when I go to the page and it won't let me update.

Anyone see anything wrong with teh code?

Thanks

Share this post


Link to post
Share on other sites
look at your if statement. "if the posted password does not equal "" encrypt it. Otherwise, update the database." Does that make sense to you? Your if statement should be something like this: "if the posted password does not equal "", encrypt it and update the database. Otherwise, spit out a "no password given error".

But what would be even better, would be to check to make sure that a) password is also set, not just not equal to "", and also check to make sure nickname and email is also set.

[code]
      <?php
            if($_POST['basic']) {
                if($_POST['password'] !== "")
                    $pass = md5($_POST['password']);
                }else{
                    $pass = $_POST['password'];
                @mysql_query("UPDATE users SET nickname='$_POST[nickname]', password='$pass', email='$_POST[email]' WHERE nickname='$_GET[user]'");
                echo "<h2>Updated</h2>";
            }
        ?>
[/code]

Share this post


Link to post
Share on other sites
Well if they didn't put a password - it would still be the old one. Because this is for admins, and what if they just want to update the users e-mail address.

And even if I edit that stuff, The page still messes up. It says "UPDATED" just when I go to that page and clears that record in the database with blanks.

Share this post


Link to post
Share on other sites
you aren't listening. look at your if statements. verbally say them. the only way your query is going to run is if $_POST['password'] equals "" in other words, nothing. The only thing your if statemend DOES do is if someone enters something in the password field, it encrypts it. Nothing else. No query update, no nothing.

Share this post


Link to post
Share on other sites
Alright, I understand. So can you give me the correct code for this script to work? I tryed and it still did the same thing for me. Weird


Thankss.

Share this post


Link to post
Share on other sites
i told you how to write it in my previous post.
[code]
$password = $_POST['password'];
//if the user entered in a password...
if (isset($password) && trim($password) != '') {
  $password = md5($password);
  //update query here
} else {
  //if they did not enter in a password, do this...
  //or don't have an else, if you don't want it
  //to do anything if they did not enter a pw in
}
[/code]

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.