soycharliente Posted January 4, 2007 Share Posted January 4, 2007 I cannot seem to figure out why this isn't working.I was using this at first...[code]$newpwd = $_POST['newpass'];if (isset($newpwd)) { //Connect To Database $hostname = "..."; $username = "..."; $password = "..."; $dbname = "..."; mysql_connect($hostname,$username, $password) OR DIE ("Unable to connect! Please try again."); mysql_select_db($dbname); $temp = $HTTP_SESSION_VARS["LoggedInUser"]; $query = "UPDATE brothers SET Password='quote_smart($newpwd)' WHERE Name='$temp'"; $result = mysql_query($query);}[/code]And that actually changed the password, but it changed it to "quote_smart(" literally because there's a 12 char limit to the password field.I am using this now...[code]$newpwd = $_POST['newpass'];if (isset($newpwd)) { //Connect To Database $hostname = "..."; $username = "..."; $password = "..."; $dbname = "..."; mysql_connect($hostname,$username, $password) OR DIE ("Unable to connect! Please try again."); mysql_select_db($dbname); $temp = $HTTP_SESSION_VARS["LoggedInUser"]; $query = sprintf("UPDATE brothers SET Password='%s' WHERE Name='$temp'", quote_smart($newpwd)); $result = mysql_query($query);}[/code]and absolutley nothing happens.I skipped a couple of steps (researching and playing around) in the middle from the first example to the second. Am I using the sprintf incorrectly? I'm fairly new to PHP so I hope this isn't a noob question. Any help is MUCH appreciated and thanks in advance.I forgot to add this. I don't know if it is needed or not. I got it off the php.net site.[code]function quote_smart($value){ // Stripslashes if (get_magic_quotes_gpc()) { $value = stripslashes($value); } // Quote if not a number or a numeric string if (!is_numeric($value)) { $value = "'" . mysql_real_escape_string($value) . "'"; } return $value;}[/code] Quote Link to comment Share on other sites More sharing options...
SharkBait Posted January 4, 2007 Share Posted January 4, 2007 Try this[code]<?php$query = "UPDATE brothers SET Password '". quote_smart($newpwd) ."' WHERE Name='{$temp}'";?>[/code]Though you probably could just use the [code=php:0]mysql_real_escape_string() [/code] function like:[code]<?php$newpwd = mysql_real_escape_string($_POST['newpass']);?>[/code] Quote Link to comment Share on other sites More sharing options...
soycharliente Posted January 4, 2007 Author Share Posted January 4, 2007 [quote author=SharkBait link=topic=120936.msg496608#msg496608 date=1167886018]$query = "UPDATE brothers SET Password '". quote_smart($newpwd) ."' WHERE Name='{$temp}'";[/quote]Why did you wrap the $temp variable in braces? What does that do? And did you leave off the = after Password on purpose? Quote Link to comment Share on other sites More sharing options...
SharkBait Posted January 4, 2007 Share Posted January 4, 2007 Oops sorry I forgot the = after password :)I always put curly braces around my varibles if they are in a string. It helps me keep the PHP seperate from the text. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.