Jump to content


Photo

What am I doing wrong here?


  • Please log in to reply
2 replies to this topic

#1 alexville

alexville
  • Members
  • PipPipPip
  • Advanced Member
  • 71 posts

Posted 04 April 2006 - 11:10 PM

Hello,

I am getting an error when I try to run this query:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Chnage your account on dsfdsfsfsfs Game</title>
<style type="text/css">
<!--
body {
    background-color: #CCCCCC;
}
.style1 {font-family: Tahoma}
-->
</style></head>

<body>
<?php
// Get the 'username' varible from flash
$username = $_POST['username'];
$password = $_POST['password'];
$clueone = $_POST['clueone'];
$cluetwo = $_POST['cluetwo'];
$cluethree = $_POST['cluethree'];

$dbcnx = @mysql_connect("localhost","fdsfdsfs","dsfsfsfs");
if (!$dbcnx) {
echo "<p>Unable to connect to the database server at this time.</p>";
exit();
}
mysql_select_db("alexg_web",$dbcnx);
$result = @mysql_query("UPDATE whoamipeople SET Clue = '$clueone', Cluetwo = '$cluetwo', Cluethree = '$cluethree' WHERE Username = '$username', Password = '$password'");
if (!$result) {
exit("<p>Error performing query: " . mysql_error() . "</p>");
}
?>
<p><a href="http://dsfsfsfsfs" class="style1">Click here to login </a></p>
</body>
</html>

This error is what I get:

[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]Error performing query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' Password = ''' at line 1[/quote]

What am i'm doing wrong?

Mysql version = 4.1.14-standard

#2 ToonMariner

ToonMariner
  • Members
  • PipPipPip
  • Advanced Member
  • 3,342 posts
  • LocationNewcastle upon Tyne, UK

Posted 04 April 2006 - 11:17 PM

WHERE Username = '$username' AND Password = '$password'");
follow me on twitter @PHPsycho

#3 wildteen88

wildteen88
  • Staff Alumni
  • Advanced Member
  • 10,482 posts
  • LocationUK, Bournemouth

Posted 05 April 2006 - 08:59 AM

I would recommend you to put back ticks around the word Password in your mysql query as password a predefined function in mysql and so m ysql is getting confused so if you add back ticks around it then your query should pass through:
[!--sql--][div class=\'sqltop\']SQL[/div][div class=\'sqlmain\'][!--sql1--]WHERE Username='$username' AND `Password`='$password'" [!--sql2--][/div][!--sql3--]




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users