mjnmixael Posted November 20, 2009 Share Posted November 20, 2009 Here is my code: // Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Set values $newpassword1=0; $firstname=0; $lastname=0; $email=0; $complete=0; // Get values from form $password=$_POST['password']; $newpassword1=$_POST['newpassword']; $newpassword2=$_POST['newpassword2']; $firstname=$_POST['firstname']; $lasname=$_POST['lastname']; $email=$_POST['email']; $secpassword=md5($_POST['newpassword']); // Check password confirmation if($newpassword1 > $newpassword2){ $nomatch = 'nomatch'; setcookie("regerrorp", $nomatch, 0, "/", '.timingishstudios.com'); unset($newpassword); unset($newpassword2); header("location:http://www.timingishstudios.com/subscribers/changepassword.php"); exit(); } // Authenticate $sql="SELECT * FROM $tbl_name WHERE user_pass='$secpassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Make changes $sql="SELECT ID FROM $tbl_name WHERE user_pass='$secpassword'"; $result=mysql_query($sql); $row = mysql_fetch_assoc($result); $userid=$row['ID']; if ($newpassword1 !== 0){ $sql="UPDATE $tbl_name SET user_pass = '$secpassword' WHERE ID='$userid'"; $result=mysql_query($sql); } if($result){ $complete = ($complete + 1); } else { header("location:error.php"); } if ($email !== 0){ $sql="UPDATE $tbl_name SET user_email = '$email' WHERE ID='$userid'"; $result=mysql_query($sql); } if($result){ $complete = ($complete + 1); } else { header("location:error.php"); } if ($firstname !== 0){ $sql="UPDATE $tbl_name2 SET meta_value = '$firstname' WHERE user_id='$userid' AND meta_key='first_name'"; $result=mysql_query($sql); $sql="UPDATE $tbl_name2 SET meta_value = '$firstname' WHERE user_id='$userid' AND meta_key='nickname'"; $result=mysql_query($sql); } if($result){ $complete = ($complete + 1); } else { header("location:error.php"); } if ($lastname !== 0){ $sql="UPDATE $tbl_name2 SET meta_value = '$lastname' WHERE user_id='$userid' AND meta_key='last_name'"; $result=mysql_query($sql); } if($result){ $complete = ($complete + 1); } else { header("location:error.php"); } } // If sucsessful.. if($complete > 0){ $sql="SELECT user_email FROM $tbl_name WHERE ID='$userid'"; $result=mysql_query($sql); $row = mysql_fetch_assoc($result); $email=$row['user_email']; $sql="SELECT user_login FROM $tbl_name WHERE ID='$userid'"; $result=mysql_query($sql); $row = mysql_fetch_assoc($result); $username=$row['user_login']; $sql="SELECT meta_value FROM $tbl_name2 WHERE user_id='$userid' AND meta_key='first_name'"; $result=mysql_query($sql); $row = mysql_fetch_assoc($result); $firstname=$row['meta_value']; $sql="SELECT meta_value FROM $tbl_name2 WHERE user_id='$userid' AND meta_key='last_name'"; $result=mysql_query($sql); $row = mysql_fetch_assoc($result); $lastname=$row['meta_value']; // send e-mail to ... $to="$email"; // Your subject $subject="Timingishstudios.com Account Info Changed"; // From $header="from: Timingishstudios.com <donotreply>"; // Your message $messages= "Your account information has been changed. \r\n"; $messages.="Email: $email \r\n"; $messages.="Username: $username \r\n"; $messages.="Password: $newpassword1 \r\n"; $messages.="First Name: $firstname \r\n"; $messages.="Last Name: $lastname \r\n"; $messages.="The TiS Team. \r\n"; // send email $sentmail = mail($to,$subject,$messages,$header); // Redirect header("location:changed.php"); } else { header("location:error.php"); } // close connection mysql_close(); ?> The script runs fine, it just will not update my values as defined from the form. Any help? Link to comment https://forums.phpfreaks.com/topic/182313-wont-update-values/ Share on other sites More sharing options...
cags Posted November 20, 2009 Share Posted November 20, 2009 Any more details? Does the update statement fail or does it not run? Do you get redirected to error.php? On a side note... if($newpassword1 > $newpassword2){ Why check if it's greater than? Is that supposed to be != (not equal)? Link to comment https://forums.phpfreaks.com/topic/182313-wont-update-values/#findComment-962045 Share on other sites More sharing options...
mrMarcus Posted November 20, 2009 Share Posted November 20, 2009 try adding some: or trigger_error (mysql_error()); to your queries: // Authenticate $sql="SELECT * FROM $tbl_name WHERE user_pass='$secpassword'"; $result=mysql_query($sql) or trigger_error (mysql_error()); so you can see if the queries are ok. also, look into mysql_real_escape_string() for your $_POST variables: $firstname=mysql_real_escape_string ($_POST['firstname']); and so on for you variables that are going to a query. this helps prevent SQL injection. Link to comment https://forums.phpfreaks.com/topic/182313-wont-update-values/#findComment-962048 Share on other sites More sharing options...
mjnmixael Posted November 20, 2009 Author Share Posted November 20, 2009 I've got it working so far. Now the problem is that it only works when all the form values are filled in. If any are left blank, I get an internal server error. // Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Get values from form $password=$_POST['password']; $newpassword1=$_POST['newpassword']; $newpassword2=$_POST['newpassword2']; $firstname=$_POST['firstname']; $lastname=$_POST['lastname']; $email=$_POST['email']; $secpassword=md5($_POST['newpassword']); $compare=($_POST['compare']); // Check password confirmation if($newpassword1 > $newpassword2){ $nomatch = 'nomatch'; setcookie("regerrorp", $nomatch, 0, "/", '.timingishstudios.com'); unset($newpassword); unset($newpassword2); header("location:http://www.timingishstudios.com/subscribers/changepassword.php"); exit(); } // Authenticate $sql="SELECT * FROM $tbl_name WHERE user_pass='$secpassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count<1){ header("location:http://www.timingishstudios.com/subscribers/changepassword.php"); } // Make changes $sql="SELECT ID FROM $tbl_name WHERE user_pass='$secpassword'"; $result=mysql_query($sql); $row = mysql_fetch_assoc($result); $userid=$row['ID']; if ($newpassword1 != $compare){ $sql="UPDATE $tbl_name SET user_pass = '$secpassword' WHERE ID='$userid'"; $result=mysql_query($sql); if($result){ $complete = ($complete + 1); } else { $nomatchp = 'nomatchp'; setcookie("uerrorp", $nomatch, 0, "/", '.timingishstudios.com'); unset($newpassword); unset($newpassword2); header("location:http://www.timingishstudios.com/subscribers/changepassword.php"); exit(); } } if ($email != $compare){ $sql="UPDATE $tbl_name SET user_email = '$email' WHERE ID='$userid'"; $result=mysql_query($sql); if($result){ $complete = ($complete + 1); } else { $nomatche = 'nomatche'; setcookie("uerrore", $nomatch, 0, "/", '.timingishstudios.com'); unset($email); header("location:http://www.timingishstudios.com/subscribers/changepassword.php"); exit(); } } if ($firstname != $compare){ $sql="UPDATE $tbl_name2 SET meta_value = '$firstname' WHERE user_id='$userid' AND meta_key='first_name'"; $result=mysql_query($sql); $sql="UPDATE $tbl_name2 SET meta_value = '$firstname' WHERE user_id='$userid' AND meta_key='nickname'"; $result=mysql_query($sql); if($result){ $complete = ($complete + 1); } else { $nomatchf = 'nomatchf'; setcookie("uerrorf", $nomatch, 0, "/", '.timingishstudios.com'); unset($firstname); header("location:http://www.timingishstudios.com/subscribers/changepassword.php"); exit(); } } if ($lastname != $compare){ $sql="UPDATE $tbl_name2 SET meta_value = '$lastname' WHERE user_id='$userid' AND meta_key='last_name'"; $result=mysql_query($sql); if($result){ $complete = ($complete + 1); } else { $nomatchl = 'nomatchl'; setcookie("uerrorl", $nomatch, 0, "/", '.timingishstudios.com'); unset($lastname); header("location:http://www.timingishstudios.com/subscribers/changepassword.php"); exit(); } } // If sucsessful.. if($complete > 0){ $sql="SELECT user_email FROM $tbl_name WHERE ID='$userid'"; $result=mysql_query($sql); $row = mysql_fetch_assoc($result); $email=$row['user_email']; $sql="SELECT user_login FROM $tbl_name WHERE ID='$userid'"; $result=mysql_query($sql); $row = mysql_fetch_assoc($result); $username=$row['user_login']; $sql="SELECT meta_value FROM $tbl_name2 WHERE user_id='$userid' AND meta_key='first_name'"; $result=mysql_query($sql); $row = mysql_fetch_assoc($result); $firstname=$row['meta_value']; $sql="SELECT meta_value FROM $tbl_name2 WHERE user_id='$userid' AND meta_key='last_name'"; $result=mysql_query($sql); $row = mysql_fetch_assoc($result); $lastname=$row['meta_value']; // send e-mail to ... $to="$email"; // Your subject $subject="Timingishstudios.com Account Info Changed"; // From $header="from: Timingishstudios.com <donotreply>"; // Your message $messages= "Your account information has been changed. \r\n"; $messages.="Email: $email \r\n"; $messages.="Username: $username \r\n"; $messages.="Password: $newpassword1 \r\n"; $messages.="First Name: $firstname \r\n"; $messages.="Last Name: $lastname \r\n"; $messages.="The TiS Team. \r\n"; // send email $sentmail = mail($to,$subject,$messages,$header); // Redirect header("location:changed.php"); } else{ header("location:changepassword.php"); } // close connection mysql_close(); ?> The problem seems to be the the newpassword data. If that data is not filled in, then the script fails to an internal server error. Link to comment https://forums.phpfreaks.com/topic/182313-wont-update-values/#findComment-962150 Share on other sites More sharing options...
mrMarcus Posted November 20, 2009 Share Posted November 20, 2009 going back to what cags wrote, what is going on with: if($newpassword1 > $newpassword2) concerning the 500 error .. are you using .htaccess file(s) at all? are you being redirected to here: http://www.timingishstudios.com/subscribers/changepassword.php when the server error shows up? Internal Server errors are not very common, so some more specific details are required. need to know what chunk of code is being executed at the time of this error. do you have an .htaccess file in the "subscribers" folder, and a restriction is not being met? who knows. Link to comment https://forums.phpfreaks.com/topic/182313-wont-update-values/#findComment-962177 Share on other sites More sharing options...
mjnmixael Posted November 20, 2009 Author Share Posted November 20, 2009 Yeah... I forgot I posted this. I just kept working and working on it until it worked out. A lot has changed, and sadly, I don't remember exactly what fixed the problem. I changed the > to a != Thanks for your help though. Link to comment https://forums.phpfreaks.com/topic/182313-wont-update-values/#findComment-962221 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.