neex1233 Posted May 31, 2009 Share Posted May 31, 2009 Hi, I would like to fix this admin control panel script. Here it is: <?php $con = mysql_connect("localhost","username","password"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("DB_Name", $con); $sql = "UPDATE users (username, password, userlevel); VALUES '$_POST[username]','$_POST[password]','$_POST[userlevel]'"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "User Updated!"; mysql_close($con) ?> Whenever I use it I get this error: Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '(username, password, userlevel); VALUES '','',''' at line 1 (The quotes would be filled in when I use it, I just didn't enter anything for this example) How would I fix this? Also, how would I select what user I am editing? Thanks! Quote Link to comment Share on other sites More sharing options...
BK87 Posted May 31, 2009 Share Posted May 31, 2009 make sure your form is named properly. Quote Link to comment Share on other sites More sharing options...
neex1233 Posted May 31, 2009 Author Share Posted May 31, 2009 They are spelled right. Didn't you see the error? Quote Link to comment Share on other sites More sharing options...
lonewolf217 Posted May 31, 2009 Share Posted May 31, 2009 check your syntax. what is the semicolon doing here $sql = "UPDATE users (username, password, userlevel); Quote Link to comment Share on other sites More sharing options...
neex1233 Posted June 1, 2009 Author Share Posted June 1, 2009 That didn't help, it's a MySQL error, I did fix the stuff, though. Quote Link to comment Share on other sites More sharing options...
lonewolf217 Posted June 1, 2009 Share Posted June 1, 2009 okay, i actually read the whole thing this time and your syntax is completely wrong. read how to use the UPDATE command http://www.w3schools.com/Sql/sql_update.asp Quote Link to comment Share on other sites More sharing options...
bas_vdl Posted June 1, 2009 Share Posted June 1, 2009 <?php $sql = "UPDATE users (username, password, userlevel); VALUES '{$_POST['username']}','{$_POST['password']}','{$_POST['userlevel']}'"; ?> Quote Link to comment Share on other sites More sharing options...
neex1233 Posted June 1, 2009 Author Share Posted June 1, 2009 That code doesn't work, I think it's because it doesn't know what username to select. Quote Link to comment Share on other sites More sharing options...
BobcatM Posted June 1, 2009 Share Posted June 1, 2009 Post your updated code, so I can see what you have done. Quote Link to comment Share on other sites More sharing options...
cunoodle2 Posted June 1, 2009 Share Posted June 1, 2009 You need to add a "WHERE" clause to your statement. Like "Where userid =" or "Where username =" I can't write that code for you as only you know exactly what record it is that you are updating. It is going to be SOMETHING like this... <?php $sql = "UPDATE users SET username = '$_POST[username]', password = '$_POST[password]', userlevel = '$_POST[userlevel]' WHERE userid = 23 LIMIT 1;" ?> To me it looked more so you were doing something like an "INSERT" statement as apposed to an "UPDATE" statement. Please try looking into the manual or doing a google search so you can learn more about them. Quote Link to comment Share on other sites More sharing options...
neex1233 Posted June 1, 2009 Author Share Posted June 1, 2009 I put together this code: <?php $con = mysql_connect("localhost","My_Username","Password"); mysql_select_db("My_Database", $con); $sql = "UPDATE users SET username = '$_POST[username]', password = '$_POST[password]', userlevel = '$_POST[userlevel]' WHERE id = 23 LIMIT 1;" mysql_query($sql) mysql_close($con) ?> But, of course (I'm not very good at PHP), I get a PHP syntax error. What should I do!? Quote Link to comment Share on other sites More sharing options...
lonewolf217 Posted June 1, 2009 Share Posted June 1, 2009 you can start by using the CODE tags <?php <?php $con = mysql_connect("localhost","My_Username","Password"); mysql_select_db("My_Database", $con); $sql = "UPDATE users SET username = '{$_POST[username]}', password = '{$_POST[password]}', userlevel = '{$_POST[userlevel]}' WHERE id = 23 LIMIT 1"; $query = mysql_query($sql) or die (mysql_error()); mysql_close($con); ?> if that doesn't work, post what the output is Quote Link to comment Share on other sites More sharing options...
neex1233 Posted June 1, 2009 Author Share Posted June 1, 2009 It didn't work, when and it just took me to a blank page. Quote Link to comment Share on other sites More sharing options...
Dark-Hawk Posted June 1, 2009 Share Posted June 1, 2009 I'm assuming this is to update a user record in the admin control panel. I have something similar I do, here's the update part of the script: // edit $edit = $_GET['edit']; $edit_first = $_POST['edit_first']; $edit_last = $_POST['edit_last']; $edit_addr = $_POST['edit_addr']; $edit_city = $_POST['edit_city']; $edit_zip = $_POST['edit_zip']; $edit_phone = $_POST['edit_phone']; $edit_answer = $_POST['answer']; $edit_pw = md5($_POST['edit_pw']); $edit_level = $_POST['edit_level']; $edit_email = $_POST['edit_email']; if ($post == "edit") { $query = "UPDATE $tbl_name SET first_name='$edit_first', last_name='$edit_last', password='$edit_pw', address='$edit_addr', city='$edit_city', zip='$edit_zip', phone='$edit_phone', answer='$edit_answer', email='$edit_email', level='$edit_level' WHERE id='$edit_id'"; mysql_query($query); echo "<div align=center><b>Editied $edit_first $edit_last</b></div><br><br>"; } $query = "SELECT * FROM $tbl_name WHERE id='$edit'"; $result = mysql_query($query); if (mysql_num_rows($result) == 1) { $row = mysql_fetch_array($result); ?> <form method="post" action="<? echo $PHP_SELF; ?>"> <table cellpadding=3 cellspacing=0 border=0 width="100%"> <tr><td colspan=4><b>Edit User</b></td></tr> <tr><td class="dots" colspan=4></td></tr> <tr> <td><b>First Name:</b></td> <td><b>Last Name:</b></td> <td><b>Password:</b></td> <td><b>Admin:</b></td> <td><b>E-Mail:</b></td> </tr> <tr> <td><input type="text" name="edit_first" value="<? echo $row['first_name']; ?>" size=25></td> <td><input type="text" name="edit_last" value="<? echo $row['last_name']; ?>" size=25></td> <td><input type="text" name="edit_pw" value="<? echo $row['password']; ?>" size=25></td> <td><input checked="<? if ($row['level'] == 1) { echo "checked"; } else { echo ""; } ?>" name="level" type="checkbox" value="1" /></td> <td><input type="text" name="edit_email" value="<? echo $row['email']; ?>" size=25></td> </tr> <tr> <td colspan=4 align=right> <input type="hidden" value="<? echo $row['id']; ?>" name="edit_id"> <input type="hidden" value="edit" name="post"> <input type="submit" value="Edit User"> </td> </tr> </table> </form> <? } Connection is handled in the cfg file as: <? $server = "server"; $sqluser = "user"; $sqlpass = "pass"; $db = "db name"; $tbl_name = "table"; // Standard SQL connection $mysql_link = mysql_connect("$server", "$sqluser", "$sqlpass") or die("Unable to connect to MySQL server"); mysql_select_db("$db") or die( "It's connecting to the MySQL server, but unable to select database"); Quote Link to comment Share on other sites More sharing options...
lonewolf217 Posted June 1, 2009 Share Posted June 1, 2009 It didn't work, when and it just took me to a blank page. then turn on error reporting so you can see what error is generated Quote Link to comment Share on other sites More sharing options...
neex1233 Posted June 1, 2009 Author Share Posted June 1, 2009 It is on. Quote Link to comment Share on other sites More sharing options...
lonewolf217 Posted June 1, 2009 Share Posted June 1, 2009 i didn't notice before, i had duplicate <?php tags, did you remove one before trying it ? Also, put this at the top of your script right after the <?php tag error_reporting(E_ALL); ini_set("display_errors", "on"); post the full script again along with any output Quote Link to comment Share on other sites More sharing options...
neex1233 Posted June 1, 2009 Author Share Posted June 1, 2009 Yeah, I removed the double. Here's the errors: Notice: Use of undefined constant username - assumed 'username' in /home/myusername/public_html/m/admin/adm.php on line 6 Notice: Use of undefined constant password - assumed 'password' in /home/myusername/public_html/m/admin/adm.php on line 7 Notice: Use of undefined constant userlevel - assumed 'userlevel' in /home/myusername/public_html/m/admin/adm.php on line 8 Quote Link to comment Share on other sites More sharing options...
lonewolf217 Posted June 1, 2009 Share Posted June 1, 2009 ah, another error with your original string that I didn't catch. you need single quotes inside $_POST to provide the index. See if this works <?php $con = mysql_connect("localhost","My_Username","Password"); mysql_select_db("My_Database", $con); $sql = "UPDATE users SET username = '{$_POST['username']}', password = '{$_POST['password']}', userlevel = '{$_POST['userleve'l]}' WHERE id = 23 LIMIT 1"; $query = mysql_query($sql) or die (mysql_error()); mysql_close($con); ?> Quote Link to comment Share on other sites More sharing options...
neex1233 Posted June 1, 2009 Author Share Posted June 1, 2009 Got this error: Parse error: syntax error, unexpected T_STRING, expecting ']' in /home/thenicow/public_html/m/admin/adm.php on line 8 Also, it said userleve'l, which I fixed. Quote Link to comment Share on other sites More sharing options...
lonewolf217 Posted June 1, 2009 Share Posted June 1, 2009 if you fixed that can you post again what code you are using ? I dont see any more syntax errors Quote Link to comment Share on other sites More sharing options...
neex1233 Posted June 1, 2009 Author Share Posted June 1, 2009 Still doesn't work, and I have the error thing and it shows no error... Quote Link to comment Share on other sites More sharing options...
neex1233 Posted June 1, 2009 Author Share Posted June 1, 2009 <?php error_reporting(E_ALL); ini_set("display_errors", "on"); $con = mysql_connect("localhost","Username","Password"); mysql_select_db("DB_Name", $con); $sql = "UPDATE users SET username = '{$_POST['username']}', password = '{$_POST['password']}', userlevel = '{$_POST['userlevel']}' WHERE id = 23 LIMIT 1"; $query = mysql_query($sql) or die (mysql_error()); mysql_close($con); ?> Quote Link to comment Share on other sites More sharing options...
neex1233 Posted June 1, 2009 Author Share Posted June 1, 2009 Now I'm getting this error... Notice: Undefined index: username in /home/My_Username/public_html/m/admin/adm.php on line 6 Quote Link to comment Share on other sites More sharing options...
lonewolf217 Posted June 1, 2009 Share Posted June 1, 2009 okay, this is most likely because $_POST is not set. are you trying to run this snippet of code by itself, or is it being called from another page ? somewhere you need to be sending username, password and userlevel as part of a form, which would then be processed by this page Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.