Jump to content

Archived

This topic is now archived and is closed to further replies.

franknu

updating database with password

Recommended Posts

Ok, I want to update a database using a password that the user had already stored in his row

the problem is that it says:: Incorrect Password or User Name Try again

I really dont know why it is not working i think it should work perfectly

there is my code:
[code=php:0]


<?
       
$host = "localhost";
$username = "localhost";
$password = "abc123";
$database = "contacts";





$db = mysql_connect($host, $username, $password);
mysql_select_db($database);
$BusinessName = (isset($_POST['BusinessName']) ? $_POST['BusinessName'] : '');
$Slogan = (isset($_POST['Slogan']) ? $_POST['Slogan']:'');
$Business_Address = (isset($_POST['Business_Address']) ? $_POST['Business_Address']:'');
$Tel = (isset($_POST['Tel']) ? $_POST['Tel']:'');
$Website = (isset($_POST['Website']) ? $_POST['Website']:'');
$Email = (isset($_POST['Email']) ? $_POST['Email']:'');
$Member_Status = (isset($_POST['Member_Status']) ? $_POST['Member_Status']:'');
$Fax =(isset($_POST['Fax']) ? $_POST['Fax']:'');
$type = (isset($_POST['type']) ? $_POST['type']:'');
$make = (isset($_POST['make']) ? $_POST['make']:'');
$Categories = (isset($_POST['Categories']) ? $_POST['Categories']:'');
$Keyword = (isset($_POST['Keyword']) ? $_POST['Keyword']:'');
$Picture1 =  (isset($_POST['Picture1']) ? $_POST['Picture1']:'');
$Headline =  (isset($_POST['Headline']) ? $_POST['Headline']:'');
$Slogan2 = (isset($_POST['Slogan2']) ? $_POST['Slogan2']:'');
$Description1 = (isset($_POST['Description1']) ? $_POST['Description1']:'');
$Description2 = (isset($_POST['Description2']) ? $_POST['Description2']:'');
$Description3= (isset($_POST['Description3']) ? $_POST['Description3']:'');
$Contact2 = (isset($_POST['Contact2']) ? $_POST['Contact2']:'');
$Picture2 =  (isset($_POST['Picture2']) ? $_POST['Picture2']:'');
$Picture3 = (isset($_POST['Picture3']) ? $_POST['Picture3']:'');
$Picture4 =  (isset($_POST['Picture4']) ? $_POST['Picture4']:'');
$User_Name = (isset($_POST['User_Name']) ? $_POST['User_Name']:'');
$Password = (isset($_POST['Password']) ? $_POST['Password']: '');



$checkp = mysql_query("SELECT `Password` FROM `business_info` WHERE `User_Name` = '"
. mysql_real_escape_string($User_Name)."'");


$Password1 = mysql_fetch_row($checkp);
$Password2 = $Password1['Password'];




if($Password === $Password2)

{

$query = "UPDATE  business_info SET
`BusinessName`= '$BusinessName',
`Slogan`='$Slogan',
`Business_Address`='$Business_Address',
`Tel`='$Tel',
`Website`='$Website',
`Email`='$Email',
`Member_Status`='$Member_Status',
`Fax`='$Fax',
`type`='$type',
`make`='$make',
`Categories`='$Categories',
`Keyword`='$Keyword',
`Picture1`='$Picture1',
`Headline`='$Headline',
`Slogan2`='$Slogan2',
`Description1`='$Description1',
`Description2`='$Description2',
`Description3`= '$Description3',
`Contact2`='$Contact2',
`Picture2`='$Picture2',
`Picture3`='$Picture3',
  `User_Name` ='User_Name',
`Password`='$Password' WHERE `User_Name`='$User_Name'";

$result = mysql_query($query) or die (mysql_error());


  }


    else

    {
   
  echo "Incorrect Password or User Name Try again ";
  exit;
}




?>
[/code]

Share this post


Link to post
Share on other sites
are you using any sort of encryption on your password field in the database (MD5 or PASSWORD)?

i would recommend taking your checks to a new level, and for your error checking, figure out what stage you're erroring out on:

[code]
<?php
$user = trim($_POST['User_Name']);
$pass = trim($_POST['password']);
$sql = mysql_query("SELECT Password FROM business_info WHERE User_Name = '$user'");
if (mysql_num_rows($sql) == 1) {
  $confPass = mysql_result($sql, 0, 'Password');
  if ($pass == $confPass) {
    // passed checks. update your table
  } else {
    // wrong password
  }
} else {
  // user doesn't exist
}
?>
[/code]

check to make sure you're getting a record that you think you're getting in your username query, and see if that helps.

Share this post


Link to post
Share on other sites
i am not using any encryption, i want to keep it simple for now after i get it to work, i would add more complex tools too it but shouldn't it work just  the way it is

Share this post


Link to post
Share on other sites
seems like it should, but you need to make sure that you're actually connecting to your database and that your query is returning what you think it should. here is some error checking you can add:
[code]
<?php
$host = "localhost";
$username = "localhost";
$password = "abc123";
$database = "contacts";

$db = mysql_connect($host, $username, $password) or die(mysql_error());
mysql_select_db($database) or die(mysql_error());
?>
[/code]

that will kill your script if your username/password or any other connection information is inaccurate. also, put in the more specific error checking i posted above so you can see where your query is dying. you need to find out if you're even returning a row with your User_Name query before you try to match your password. i'm simply trying to help you pinpoint the exact location that the error is taking place. once you know that, trouble shooting will be much easier.

good luck

Share this post


Link to post
Share on other sites
it is connecting to the database but there is something it doesnt like about the way Password and User_Name is set up. i dont know why.. I made some changes but i still keep getting the error message from the codes

[code=php:0]

<?
       
$host = "localhost";
$username = "localhost";
$password = "abc123";
$database = "contacts";
$db = mysql_connect($host, $username, $password) or die(mysql_error());
mysql_select_db($database) or die(mysql_error());






$BusinessName = (isset($_POST['BusinessName']) ? $_POST['BusinessName'] : '');
$Slogan = (isset($_POST['Slogan']) ? $_POST['Slogan']:'');
$Business_Address = (isset($_POST['Business_Address']) ? $_POST['Business_Address']:'');
$Tel = (isset($_POST['Tel']) ? $_POST['Tel']:'');
$Website = (isset($_POST['Website']) ? $_POST['Website']:'');
$Email = (isset($_POST['Email']) ? $_POST['Email']:'');
$Member_Status = (isset($_POST['Member_Status']) ? $_POST['Member_Status']:'');
$Fax =(isset($_POST['Fax']) ? $_POST['Fax']:'');
$type = (isset($_POST['type']) ? $_POST['type']:'');
$make = (isset($_POST['make']) ? $_POST['make']:'');
$Categories = (isset($_POST['Categories']) ? $_POST['Categories']:'');
$Keyword = (isset($_POST['Keyword']) ? $_POST['Keyword']:'');
$Picture1 =  (isset($_POST['Picture1']) ? $_POST['Picture1']:'');
$Headline =  (isset($_POST['Headline']) ? $_POST['Headline']:'');
$Slogan2 = (isset($_POST['Slogan2']) ? $_POST['Slogan2']:'');
$Description1 = (isset($_POST['Description1']) ? $_POST['Description1']:'');
$Description2 = (isset($_POST['Description2']) ? $_POST['Description2']:'');
$Description3= (isset($_POST['Description3']) ? $_POST['Description3']:'');
$Contact2 = (isset($_POST['Contact2']) ? $_POST['Contact2']:'');
$Picture2 =  (isset($_POST['Picture2']) ? $_POST['Picture2']:'');
$Picture3 = (isset($_POST['Picture3']) ? $_POST['Picture3']:'');
$Picture4 =  (isset($_POST['Picture4']) ? $_POST['Picture4']:'');
$User_Name = (isset($_POST['User_Name']) ? $_POST['User_Name']:'');
$Password = (isset($_POST['Password']) ? $_POST['Password']: '');




$checkp = mysql_query("SELECT `Password` FROM `business_info` WHERE `User_Name` = '"
. mysql_real_escape_string($User_Name)."'");


$Password1 = mysql_fetch_row($checkp);
$Password2 = $Password1;


if($Password === $Password2)

{

$query = "UPDATE  business_info SET
`BusinessName`= '$BusinessName',
`Slogan`='$Slogan',
`Business_Address`='$Business_Address',
`Tel`='$Tel',
`Website`='$Website',
`Email`='$Email',
`Member_Status`='$Member_Status',
`Fax`='$Fax',
`type`='$type',
`make`='$make',
`Categories`='$Categories',
`Keyword`='$Keyword',
`Picture1`='$Picture1',
`Headline`='$Headline',
`Slogan2`='$Slogan2',
`Description1`='$Description1',
`Description2`='$Description2',
`Description3`= '$Description3',
`Contact2`='$Contact2',
`Picture2`='$Picture2',
`Picture3`='$Picture3',
  `User_Name` ='User_Name',
`Password`='$Password' WHERE `User_Name`='$User_Name'";

$result = mysql_query($query) or die (mysql_error());


  }


    else

    {
   
  echo "Incorrect Password or User Name Try again ";
  exit;
}




?>
[/code]

Share this post


Link to post
Share on other sites
like i posted above, you need to break down the query to see if you're even pulling a record:
[code]
<?php
$user = $_POST['User_Name'];
$q = "SELECT `Password` FROM business_info WHERE User_Name = '$user'";
$sql = mysql_query($q) or die(mysql_error() . "<br />$q");
if (mysql_num_rows($sql) == 1) {
  $pass = $_POST['Password'];
  $confPass = mysql_result($sql, 0, 'Password');
  if ($pass == $confPass) {
    // update
  } else {
    // Passwords don't match
    echo "$pass != $confPass";
  }
} else {
  // didn't get any records
  echo "No records for query: <b>$q</b>";
}
?>
[/code]

put those checks in and see [b]WHERE[/b] your script is dying... let us know the outcome

Share this post


Link to post
Share on other sites
i made  the changes but still error message: I think i quit. i cant find the problem i been doing for weeks..

Notice: Undefined variable: results in c:\program files\easyphp1-8\home\townsfinder\authorization\update_page.php on line 118
NULL Incorrect Password or User Name Try again

[code=php:0]


$host = "localhost";
$username = "localhost";
$password = "abc123";
$database = "contacts";
$db = mysql_connect($host, $username, $password) or die(mysql_error());
mysql_select_db($database) or die(mysql_error());


$BusinessName = (isset($_POST['BusinessName']) ? $_POST['BusinessName'] : '');
$Slogan = (isset($_POST['Slogan']) ? $_POST['Slogan']:'');
$Business_Address = (isset($_POST['Business_Address']) ? $_POST['Business_Address']:'');
$Tel = (isset($_POST['Tel']) ? $_POST['Tel']:'');
$Website = (isset($_POST['Website']) ? $_POST['Website']:'');
$Email = (isset($_POST['Email']) ? $_POST['Email']:'');
$Member_Status = (isset($_POST['Member_Status']) ? $_POST['Member_Status']:'');
$Fax =(isset($_POST['Fax']) ? $_POST['Fax']:'');
$type = (isset($_POST['type']) ? $_POST['type']:'');
$make = (isset($_POST['make']) ? $_POST['make']:'');
$Categories = (isset($_POST['Categories']) ? $_POST['Categories']:'');
$Keyword = (isset($_POST['Keyword']) ? $_POST['Keyword']:'');
$Picture1 =  (isset($_POST['Picture1']) ? $_POST['Picture1']:'');
$Headline =  (isset($_POST['Headline']) ? $_POST['Headline']:'');
$Slogan2 = (isset($_POST['Slogan2']) ? $_POST['Slogan2']:'');
$Description1 = (isset($_POST['Description1']) ? $_POST['Description1']:'');
$Description2 = (isset($_POST['Description2']) ? $_POST['Description2']:'');
$Description3= (isset($_POST['Description3']) ? $_POST['Description3']:'');
$Contact2 = (isset($_POST['Contact2']) ? $_POST['Contact2']:'');
$Picture2 =  (isset($_POST['Picture2']) ? $_POST['Picture2']:'');
$Picture3 = (isset($_POST['Picture3']) ? $_POST['Picture3']:'');
$Picture4 =  (isset($_POST['Picture4']) ? $_POST['Picture4']:'');
$User_Name = (isset($_POST['User_Name']) ? $_POST['User_Name']:'');
$Password = (isset($_POST['Password']) ? $_POST['Password']: '');
$user = (isset($_POST['User_Name']) ? $_POST['User_Name']:'');


$sql = "SELECT `Password` FROM business_info WHERE User_Name = '$user'";
$sql = mysql_query($sql) or die(mysql_error() . "<br />$sql");
if (mysql_num_rows($sql) == 1) {
  $pass = $_POST['Password'];
  $confPass = mysql_result($sql, 0, 'Password');
  if ($pass == $confPass) {
    // update
  } else {
    // Passwords don't match
    echo "$pass != $confPass";
  }
} else {
  // didn't get any records
  echo "No records for query: <b>$sql</b>";
}




$checkp = mysql_query("SELECT `Password` FROM `business_info` WHERE `User_Name` = '"
. mysql_real_escape_string($User_Name)."'");


$Password1 = mysql_fetch_row($checkp);
$Password2 = $Password1;


if($Password === $Password2)

{

$query = "UPDATE  business_info SET
`BusinessName`= '$BusinessName',
`Slogan`='$Slogan',
`Business_Address`='$Business_Address',
`Tel`='$Tel',
`Website`='$Website',
`Email`='$Email',
`Member_Status`='$Member_Status',
`Fax`='$Fax',
`type`='$type',
`make`='$make',
`Categories`='$Categories',
`Keyword`='$Keyword',
`Picture1`='$Picture1',
`Headline`='$Headline',
`Slogan2`='$Slogan2',
`Description1`='$Description1',
`Description2`='$Description2',
`Description3`= '$Description3',
`Contact2`='$Contact2',
`Picture2`='$Picture2',
`Picture3`='$Picture3',
  `User_Name` ='User_Name',
`Password`='$Password' WHERE `User_Name`='$User_Name'";

$result = mysql_query($query) or die (mysql_error());


  }


    else

    {
   
  var_dump($results['BusinessName']); 

  echo "Incorrect Password or User Name Try again ";
  exit;
}




?>
[/code]

i cant see the error.... ???

Share this post


Link to post
Share on other sites
ok, look closely at your error:
[b]Notice: Undefined variable: results in c:\program files\easyphp1-8\home\townsfinder\authorization\update_page.php on line 118[/b]

what is line 118? you are referencing a variable $results on that line that has not been set.

Share this post


Link to post
Share on other sites
this is what  i have on line 118. var_dump($results['BusinessName']); 

i can remove it, i just did it for testing

Share this post


Link to post
Share on other sites
ok, here's what's weird: if you have the above code, and the only warning you got was the line 118 error, that means that all my code was passed with no errors. that means you should study carefully any differences between my code and yours (in logic)... including the difference between "==" and "===".

Share this post


Link to post
Share on other sites
i has to do something with the Password or User_Name.. maybe i should remove that just to see and re-entered.. really at this point maybe re-write everything or look for some codes online that can do that

Share this post


Link to post
Share on other sites
ok, getting tired of pointing, so i'll try to spell it out, and see if we can get somewhere ;)
[code]
<?php
$host    = "localhost";
$username = "localhost";
$password = "abc123";
$database = "contacts";
$db = mysql_connect($host, $username, $password) or die(mysql_error());
mysql_select_db($database) or die(mysql_error());

// has the form been submitted?
if (isset($_POST['submit'])) {
  // sets your variables
  foreach ($_POST as $key => $val) {
    $$key = mysql_real_escape_string($val);
  }

  $q = "SELECT `Password` FROM business_info WHERE User_Name = '$user'";
  $sql = mysql_query($sql) or die(mysql_error() . "<br />$q");
  if (mysql_num_rows($sql) == 1) {
    $pass = $_POST['Password'];
    $confPass = mysql_result($sql, 0, 'Password');
    if ($pass == $confPass) {
      // update
      $query = "UPDATE  business_info SET `BusinessName`= '$BusinessName', `Slogan`='$Slogan', " .
              "`Business_Address`='$Business_Address', `Tel`='$Tel', `Website`='$Website', " .
              "`Email`='$Email', `Member_Status`='$Member_Status', `Fax`='$Fax', `type`='$type', " .
              "`make`='$make', `Categories`='$Categories', `Keyword`='$Keyword', `Picture1`='$Picture1', " .
              "`Headline`='$Headline', `Slogan2`='$Slogan2', `Description1`='$Description1', " .
              "`Description2`='$Description2', `Description3`= '$Description3', `Contact2`='$Contact2', " .
              "`Picture2`='$Picture2', `Picture3`='$Picture3', `User_Name` ='User_Name', " .
              "`Password`='$Password' WHERE `User_Name`='$User_Name'";

      if (!mysql_query($query)) {
        echo "Record updated!";
      } else {
        echo "Couldn't update!<br />" . mysql_error();
      }
    } else {
      // Passwords don't match
      echo "$pass != $confPass";
    }
  } else {
    // didn't get any records
    echo "No records for query: <b>$q</b>";
  }
}
?>
[/code]

see where that gets you. this is IN PLACE OF all the code we've discussed so far. don't add it to anything, replace everything with it. i would recommend putting this in a separate file and pointing your form to the new file and see what happens.

NOTICE: this script assumes that your submit button is named "submit" ... if this is not the case, change the "if (isset($_POST['submit']))" line to match your submit button's name.

Share this post


Link to post
Share on other sites
are you hitting the page directly, or are you coming from a form? i probably should have asked that in the first place, but i assumed that since you're using the $_POST variable you were coming from a submitted form

Share this post


Link to post
Share on other sites
what is the [b]name[/b] of your submit button on your form?

Share this post


Link to post
Share on other sites
<input type="submit"  value="Login" />
<form action="Update_Page.php" method="Post">
 
  <strong>UserName</strong> </td>

          <td width="63%"><input type="text" name="User_Name"></td>

that is my form information

Share this post


Link to post
Share on other sites
um... i hope you're showing me the idea of your form and not the actual code? there are a few things wrong: first of all, in the code you posted, your submit button is not even within your form. secondly, it has [b]no name at all[/b] which is why the code i gave you to handle it shows a blank page. the code i gave you is expecting the following form:
[code]
<form action="Update_Page.php" method="post" name="loginForm">
Username: <input type="text" name="User_Name" /><br />
Password: <input type="password" name="Password" /><br />
<input type="submit" name="submit" value="Login" />
</form>
[/code]

basically, your biggest problem is that your submit button isn't named. [b]every field needs to be named[/b] in your forms. this is good practice to get into. fix up your form, send it over to my code again, and let me know how it looks.

Share this post


Link to post
Share on other sites
hey, the form that i sent was just an idea, but still it seem you were right on the other stuff

here is what i am displaying

Notice: Undefined variable: sql in c:\program files\easyphp1-8\home\townsfinder\authorization\update_page.php on line 62
Query was empty
SELECT `Password` FROM business_info WHERE User_Name = 'franklin'

hey it seems that it is about to work

this is what i have on line 62
$q = "SELECT `Password` FROM business_info WHERE User_Name = '$user'";

i guess i can go up and define $q with  $_POST[];

Share this post


Link to post
Share on other sites
this is my codes how i set it up so you can have a better idea

[code=php:0]

<?php
$host    = "localhost";
$username = "localhost";
$password = "abc123";
$database = "contacts";

$db = mysql_connect($host, $username, $password) or die(mysql_error());
mysql_select_db($database) or die(mysql_error());

if (isset($_POST['submit']))

{
    $BusinessName = (isset($_POST['BusinessName']) ? $_POST['BusinessName'] : '');
$Slogan = (isset($_POST['Slogan']) ? $_POST['Slogan']:'');
$Business_Address = (isset($_POST['Business_Address']) ? $_POST['Business_Address']:'');
$Tel = (isset($_POST['Tel']) ? $_POST['Tel']:'');
$Website = (isset($_POST['Website']) ? $_POST['Website']:'');
$Email = (isset($_POST['Email']) ? $_POST['Email']:'');
$Member_Status = (isset($_POST['Member_Status']) ? $_POST['Member_Status']:'');
$Fax =(isset($_POST['Fax']) ? $_POST['Fax']:'');
$type = (isset($_POST['type']) ? $_POST['type']:'');
$make = (isset($_POST['make']) ? $_POST['make']:'');
$Categories = (isset($_POST['Categories']) ? $_POST['Categories']:'');
$Keyword = (isset($_POST['Keyword']) ? $_POST['Keyword']:'');
$Picture1 =  (isset($_POST['Picture1']) ? $_POST['Picture1']:'');
$Headline =  (isset($_POST['Headline']) ? $_POST['Headline']:'');
$Slogan2 = (isset($_POST['Slogan2']) ? $_POST['Slogan2']:'');
$Description1 = (isset($_POST['Description1']) ? $_POST['Description1']:'');
$Description2 = (isset($_POST['Description2']) ? $_POST['Description2']:'');
$Description3= (isset($_POST['Description3']) ? $_POST['Description3']:'');
$Contact2 = (isset($_POST['Contact2']) ? $_POST['Contact2']:'');
$Picture2 =  (isset($_POST['Picture2']) ? $_POST['Picture2']:'');
$Picture3 = (isset($_POST['Picture3']) ? $_POST['Picture3']:'');
$Picture4 =  (isset($_POST['Picture4']) ? $_POST['Picture4']:'');
$User_Name = (isset($_POST['User_Name']) ? $_POST['User_Name']:'');
$Password = (isset($_POST['Password']) ? $_POST['Password']: '');
$user = (isset($_POST['User_Name']) ? $_POST['User_Name']:'');
 

  foreach ($_POST as $key => $val) {
    $$key = mysql_real_escape_string($val);
  }

  $q = "SELECT `Password` FROM business_info WHERE User_Name = '$user'";
  $sql = mysql_query($sql) or die(mysql_error() . "<br />$q");
  if (mysql_num_rows($sql) == 1) {
    $pass = $_POST['Password'];
    $confPass = mysql_result($sql, 0, 'Password');
    if ($pass == $confPass) {
     
      $query = "UPDATE  business_info SET `BusinessName`= '$BusinessName', `Slogan`='$Slogan', " .
              "`Business_Address`='$Business_Address', `Tel`='$Tel', `Website`='$Website', " .
              "`Email`='$Email', `Member_Status`='$Member_Status', `Fax`='$Fax', `type`='$type', " .
              "`make`='$make', `Categories`='$Categories', `Keyword`='$Keyword', `Picture1`='$Picture1', " .
              "`Headline`='$Headline', `Slogan2`='$Slogan2', `Description1`='$Description1', " .
              "`Description2`='$Description2', `Description3`= '$Description3', `Contact2`='$Contact2', " .
              "`Picture2`='$Picture2', `Picture3`='$Picture3', `User_Name` ='User_Name', " .
              "`Password`='$Password' WHERE `User_Name`='$User_Name'";

      if (!mysql_query($query)) {
        echo "Record updated!";
      } else {
        echo "Couldn't update!<br />" . mysql_error();
      }
    } else {
      // Passwords don't match
      echo "$pass != $confPass";
    }
  } else {
    // didn't get any records
    echo "No records for query: <b>$q</b>";
  }
}
?>
[/code]

Share this post


Link to post
Share on other sites
ok, here's what your page should look like:
[code]
<?php
$host    = "localhost";
$username = "localhost";
$password = "abc123";
$database = "contacts";

$db = mysql_connect($host, $username, $password) or die(mysql_error());
mysql_select_db($database) or die(mysql_error());

$BusinessName = (isset($_POST['BusinessName']) ? $_POST['BusinessName'] : '');
$Slogan = (isset($_POST['Slogan']) ? $_POST['Slogan']:'');
$Business_Address = (isset($_POST['Business_Address']) ? $_POST['Business_Address']:'');
$Tel = (isset($_POST['Tel']) ? $_POST['Tel']:'');
$Website = (isset($_POST['Website']) ? $_POST['Website']:'');
$Email = (isset($_POST['Email']) ? $_POST['Email']:'');
$Member_Status = (isset($_POST['Member_Status']) ? $_POST['Member_Status']:'');
$Fax =(isset($_POST['Fax']) ? $_POST['Fax']:'');
$type = (isset($_POST['type']) ? $_POST['type']:'');
$make = (isset($_POST['make']) ? $_POST['make']:'');
$Categories = (isset($_POST['Categories']) ? $_POST['Categories']:'');
$Keyword = (isset($_POST['Keyword']) ? $_POST['Keyword']:'');
$Picture1 =  (isset($_POST['Picture1']) ? $_POST['Picture1']:'');
$Headline =  (isset($_POST['Headline']) ? $_POST['Headline']:'');
$Slogan2 = (isset($_POST['Slogan2']) ? $_POST['Slogan2']:'');
$Description1 = (isset($_POST['Description1']) ? $_POST['Description1']:'');
$Description2 = (isset($_POST['Description2']) ? $_POST['Description2']:'');
$Description3= (isset($_POST['Description3']) ? $_POST['Description3']:'');
$Contact2 = (isset($_POST['Contact2']) ? $_POST['Contact2']:'');
$Picture2 =  (isset($_POST['Picture2']) ? $_POST['Picture2']:'');
$Picture3 = (isset($_POST['Picture3']) ? $_POST['Picture3']:'');
$Picture4 =  (isset($_POST['Picture4']) ? $_POST['Picture4']:'');
$User_Name = (isset($_POST['User_Name']) ? $_POST['User_Name']:'');
$Password = (isset($_POST['Password']) ? $_POST['Password']: '');
$user = (isset($_POST['User_Name']) ? $_POST['User_Name']:'');

if (isset($_POST['submit']))  {

  foreach ($_POST as $key => $val) {
    $$key = mysql_real_escape_string($val);
  }

  $q = "SELECT `Password` FROM business_info WHERE User_Name = '$user'";
  $sql = mysql_query($q) or die(mysql_error() . "<br />$q");
  if (mysql_num_rows($sql) == 1) {
    $confPass = mysql_result($sql, 0, 'Password');
    if ($Password == $confPass) {
     
      $query = "UPDATE  business_info SET `BusinessName`= '$BusinessName', `Slogan`='$Slogan', " .
              "`Business_Address`='$Business_Address', `Tel`='$Tel', `Website`='$Website', " .
              "`Email`='$Email', `Member_Status`='$Member_Status', `Fax`='$Fax', `type`='$type', " .
              "`make`='$make', `Categories`='$Categories', `Keyword`='$Keyword', `Picture1`='$Picture1', " .
              "`Headline`='$Headline', `Slogan2`='$Slogan2', `Description1`='$Description1', " .
              "`Description2`='$Description2', `Description3`= '$Description3', `Contact2`='$Contact2', " .
              "`Picture2`='$Picture2', `Picture3`='$Picture3', `User_Name` ='User_Name', " .
              "`Password`='$Password' WHERE `User_Name`='$User_Name'";

      if (!mysql_query($query)) {
        echo "Record updated!";
      } else {
        echo "Couldn't update!<br />" . mysql_error();
      }
    } else {
      // Passwords don't match
      echo "$pass != $confPass";
    }
  } else {
    // didn't get any records
    echo "No records for query: <b>$q</b>";
  }
}
?>
[/code]

Share this post


Link to post
Share on other sites
No records for query: SELECT `Password` FROM business_info WHERE User_Name = 'franklin'

this is what i am getting now any subjection.

i do have records there

Share this post


Link to post
Share on other sites
copy the query that is output to the screen and run it in your database manually. do you get results there? keep in mind that "=" in MySQL is [b]case sensitive[/b], so if your User_Name in the database is "Franklin", it will not match with "franklin".

Share this post


Link to post
Share on other sites
ok Some interesting things are happening now, When i type in the  User_Name (franklin) and Password  it gets  changed to
User_Name in the database... and  i also use this in the database.No records for query: SELECT `Password` FROM business_info WHERE User_Name = 'franklin'

when i do that it shows the col Password and i can change it to whatever..

i am really close help to finish this thank you

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.