Help updating sql

[Chris_Mc_1985]

can ayone tell me why this doesnt work.

 

the error i get is: Notice: Undefined index: 1

Query failed

 

$qry = "UPDATE members SET(firstname='$fname',lastname='$lname',passwd=".md5($_POST['password']).")WHERE(member_id=".($_POST[$_SESSION['SESS_MEMBER_ID']]).")";

$result = @mysql_query($qry);

if($result) {

header("location: success.php");

exit();

}else {

die("Query failed");

}

?>

[cags]

A notice isn't technically an error. However in this case you have come across the reason notices exist. The thing it is notifying you about is actually leading to an error. It's saying that there isn't an item in the $_POST array with the key of password (or possibly with a key of $_SESSION['SESS_MEMBER_ID'].

[Chris_Mc_1985]

OK, when I thought all was well its not so good. managed to fix the above problem. now it takes me to the update success page when nothing has been updated.no so sure whats going on with it.

 

Here is the code for the full page.

 

<?php

 

require_once('config.php');

 

$errmsg_arr = array();

 

$errflag = false;

 

$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);

 

if(!$link) {

 

die('Failed to connect to server: ' . mysql_error());

 

}

 

$db = mysql_select_db(DB_DATABASE);

 

if(!$db) {

 

die("Unable to select database");

 

}

 

function clean($str) {

 

$str = @trim($str);

 

if(get_magic_quotes_gpc()) {

 

$str = stripslashes($str);

 

}

 

return mysql_real_escape_string($str);

 

}

 

$fname = mysql_real_escape_string(clean($_POST['fname']));

 

$lname = mysql_real_escape_string(clean($_POST['lname']));

 

$email = mysql_real_escape_string(clean($_POST['email']));

 

$password = mysql_real_escape_string(clean($_POST['password']));

 

$cpassword = mysql_real_escape_string(clean($_POST['cpassword']));

 

if($fname == '') {

 

$errmsg_arr[] = 'First name missing';

 

$errflag = true;

 

}

 

if($lname == '') {

 

$errmsg_arr[] = 'Last name missing';

 

$errflag = true;

 

}

 

if($email == '') {

 

$errmsg_arr[] = 'Email address missing';

 

$errflag = true;

 

}

 

if($password == '') {

 

$errmsg_arr[] = 'Password missing';

 

$errflag = true;

 

}

 

if($cpassword == '') {

 

$errmsg_arr[] = 'Confirm password missing';

 

$errflag = true;

 

}

 

if( strcmp($password, $cpassword) != 0 ) {

 

$errmsg_arr[] = 'Passwords do not match';

 

$errflag = true;

 

}

 

if($errflag) {

 

$_SESSION['ERRMSG_ARR'] = $errmsg_arr;

 

session_write_close();

 

header("location: member-profile.php");

 

exit();

 

}

$qry = "UPDATE members SET firstname='$fname', lastname='$lname', passwd='" .md5($_POST['password']). "', emailadd='&email' WHERE member_id='$member_id'";

$result = @mysql_query($qry);

 

if($result) {

session_regenerate_id();

 

$member = mysql_fetch_assoc($result);

$_SESSION['SESS_MEMBER_ID'] = $member['member_id'];

 

$_SESSION['SESS_MEMBER_LOGIN'] = $member['login'];

 

$_SESSION['SESS_FIRST_NAME'] = $member['firstname'];

 

$_SESSION['SESS_LAST_NAME'] = $member['lastname'];

 

session_write_close();

header("location: member-profile-update-success.php");

 

exit();

 

}else {

 

die("Query failed");

 

}

 

?>