soycharliente Posted January 4, 2007 Share Posted January 4, 2007 I cannot seem to figure out why this isn't working.I was using this at first...[code]$newpwd = $_POST['newpass'];if (isset($newpwd)) { //Connect To Database $hostname = "..."; $username = "..."; $password = "..."; $dbname = "..."; mysql_connect($hostname,$username, $password) OR DIE ("Unable to connect! Please try again."); mysql_select_db($dbname); $temp = $HTTP_SESSION_VARS["LoggedInUser"]; $query = "UPDATE brothers SET Password='quote_smart($newpwd)' WHERE Name='$temp'"; $result = mysql_query($query);}[/code]And that actually changed the password, but it changed it to "quote_smart(" literally because there's a 12 char limit to the password field.I am using this now...[code]$newpwd = $_POST['newpass'];if (isset($newpwd)) { //Connect To Database $hostname = "..."; $username = "..."; $password = "..."; $dbname = "..."; mysql_connect($hostname,$username, $password) OR DIE ("Unable to connect! Please try again."); mysql_select_db($dbname); $temp = $HTTP_SESSION_VARS["LoggedInUser"]; $query = sprintf("UPDATE brothers SET Password='%s' WHERE Name='$temp'", quote_smart($newpwd)); $result = mysql_query($query);}[/code]and absolutley nothing happens.I skipped a couple of steps (researching and playing around) in the middle from the first example to the second. Am I using the sprintf incorrectly? I'm fairly new to PHP so I hope this isn't a noob question. Any help is MUCH appreciated and thanks in advance.I forgot to add this. I don't know if it is needed or not. I got it off the php.net site.[code]function quote_smart($value){ // Stripslashes if (get_magic_quotes_gpc()) { $value = stripslashes($value); } // Quote if not a number or a numeric string if (!is_numeric($value)) { $value = "'" . mysql_real_escape_string($value) . "'"; } return $value;}[/code] Link to comment https://forums.phpfreaks.com/topic/32795-solved-simple-password-change/ Share on other sites More sharing options...
SharkBait Posted January 4, 2007 Share Posted January 4, 2007 Try this[code]<?php$query = "UPDATE brothers SET Password '". quote_smart($newpwd) ."' WHERE Name='{$temp}'";?>[/code]Though you probably could just use the [code=php:0]mysql_real_escape_string() [/code] function like:[code]<?php$newpwd = mysql_real_escape_string($_POST['newpass']);?>[/code] Link to comment https://forums.phpfreaks.com/topic/32795-solved-simple-password-change/#findComment-152695 Share on other sites More sharing options...
soycharliente Posted January 4, 2007 Author Share Posted January 4, 2007 [quote author=SharkBait link=topic=120936.msg496608#msg496608 date=1167886018]$query = "UPDATE brothers SET Password '". quote_smart($newpwd) ."' WHERE Name='{$temp}'";[/quote]Why did you wrap the $temp variable in braces? What does that do? And did you leave off the = after Password on purpose? Link to comment https://forums.phpfreaks.com/topic/32795-solved-simple-password-change/#findComment-152701 Share on other sites More sharing options...
SharkBait Posted January 4, 2007 Share Posted January 4, 2007 Oops sorry I forgot the = after password :)I always put curly braces around my varibles if they are in a string. It helps me keep the PHP seperate from the text. Link to comment https://forums.phpfreaks.com/topic/32795-solved-simple-password-change/#findComment-152717 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.