I need to know why rank is been update for the username that has been set

[Renato]

Hello everyone,

 

I'm create an application where I have member, admin, and superadmin

 

What I'm try to do is superadmin update member to admin, so they can have more privilege. The name of the table is member where I have member, admin account, and i have row call 'rank'. Rank 1 is for member they have access basic stuff and rank 2 they have more privilege. Want the superadmin to type the name of the member and change to rank 2.

 

This is what happening, if I dont put nothing on the text boxes, it said "Please check if you have put the right information." , if i put member and the rank i want to change  is says ""User has upgrade to admin", but than when i check my database the member is still a member when i wanted to change to admin.

 

Can anyone see where I'm going home, or what should I change.

<form> </form>
			<form action='<?php htmlentities($_SERVER['PHP_SELF']); ?>' method='POST' enctype='multipart/form-data '>
			
				Username: <input class="fontsize" name='user' type='text'/> 
				Rank: <input class="fontsize" name='rank' type='text' /> <br><br>
				<input class="button" type='submit' name='get' value='Upgrade' /> 
			</form>
		
		</h2>
			
				<?php
				
			if(isset($_POST['get']))
				{
					$username1 = $_POST['user'];
					$sql_user = mysqli_real_escape_string ($connection, $username1);
					$rank = $_POST['rank'];
					$rank = mysqli_real_escape_string ($connection, $rank);
					
					
					
					
						$query1 = mysqli_query($connection, "SELECT rank FROM  member WHERE username='$sql_user'");
						if ($row = mysqli_fetch_array($query1))
						{
							if ($rank == '1')
							{
								$data1 = mysqli_query($connection, "UPDATE member SET rank= '1' WHERE username='sql_user'") or die (mysql_error($connection));
								echo "User has downgrade to member";
							}
							elseif ($rank == '2')
							{
								$data2 = mysqli_query($connection, "UPDATE member SET rank= '2' WHERE username ='sql_user'") or die (mysql_error($connection));
								echo "User has upgrade to admin";
							}
							else
							{
								echo "Please check if you have put the right information.";
								
							}
						}
				} 
				
				?>

[scootstah]

Is there any query errors? Are you sure your variables hold the data that you think they do?

 

I would try changing it around a little like this:

$sql = "UPDATE member SET rank= '$rank' WHERE username='$sql_user'";
mysqli_query($connection, $sql);

if (($error = mysqli_error($connection)) != '') {
    echo 'mysql error: ' . $error . '<br />';
    echo 'query: ' . $sql;
}

This way, your query is in a variable and you can output the exact query that is being executed. Also, note that you were using the wrong error function: mysql_error() instead of mysqli_error(). Edited January 30, 2015 by scootstah

[maxxd]

You're not using the $sql_user variable in your update queries, you've got it as a string. So, change the following lines:

$data1 = mysqli_query($connection, "UPDATE member SET rank= '1' WHERE username='sql_user'") or die (mysql_error($connection));
$data2 = mysqli_query($connection, "UPDATE member SET rank= '2' WHERE username ='sql_user'") or die (mysql_error($connection));

to

$data1 = mysqli_query($connection, "UPDATE member SET rank= '1' WHERE username='$sql_user'") or die (mysql_error($connection));
$data2 = mysqli_query($connection, "UPDATE member SET rank= '2' WHERE username ='$sql_user'") or die (mysql_error($connection));

That's the first thing I see right off the bat...

[scootstah]

Ah, good catch. I updated my query above, but that was probably the problem.

[Renato]

I figure out by myself, after looking at the code for hours.

 

It happens to everyone

 

 

thank you so much for the replies.