jesushax Posted March 18, 2008 Share Posted March 18, 2008 hi the code below updates a users password from a form, and what i need to do is if the filed password is left blank then the sql UserPassword is not run how can i do this? Cheers $strUserName = mysql_real_escape_string($_POST["txtUserName"]); $strFirstName = mysql_real_escape_string($_POST["txtFirstName"]); $strlastName = mysql_real_escape_string($_POST["txtLastName"]); $strTel = mysql_real_escape_string($_POST["txtTel"]); $strHomePage = mysql_real_escape_string($_POST["txtHomePage"]); $strCompanyName = mysql_real_escape_string($_POST["txtCompanyName"]); $strUserPass = md5($_POST["txtUserPass"]); $strEmail = mysql_real_escape_string($_POST["txtEmail"]); $strUserID = $_SESSION["UserID"]; if(!strlen($strUserName)){ echo '<p style="color:#FF0000;">Error: Username Was Left Blank</p>'; } elseif(!strlen($strEmail)){ echo '<p style="color:#FF0000;">Error: Email Was Left Blank</p>'; } else{ mysql_query("Update tblUsers Set UserName='".$strUserName."', UserPassword='".$strUserPass."', UserEmail='".$strEmail."', UserCompanyName='".$strCompanyName."', UserFirstName='".$strFirstName."', UserLastName='".$strlastName."', UserTel='".$strTel."', UserHomePage='".$strHomePage."' WHERE UserID='".$strUserID."'") or die(mysql_error()); Quote Link to comment Share on other sites More sharing options...
MadTechie Posted March 18, 2008 Share Posted March 18, 2008 <?php $strUserName = mysql_real_escape_string($_POST["txtUserName"]); $strFirstName = mysql_real_escape_string($_POST["txtFirstName"]); $strlastName = mysql_real_escape_string($_POST["txtLastName"]); $strTel = mysql_real_escape_string($_POST["txtTel"]); $strHomePage = mysql_real_escape_string($_POST["txtHomePage"]); $strCompanyName = mysql_real_escape_string($_POST["txtCompanyName"]); $strUserPass = md5($_POST["txtUserPass"]); $strEmail = mysql_real_escape_string($_POST["txtEmail"]); $strUserID = $_SESSION["UserID"]; if(!strlen($strUserName)){ echo '<p style="color:#FF0000;">Error: Username Was Left Blank</p>'; } elseif(!strlen($strEmail)){ echo '<p style="color:#FF0000;">Error: Email Was Left Blank</p>'; } else{ //empty is what your looking for if(!empty($_POST["txtUserPass"]))// if not empty then process { mysql_query("Update tblUsers Set UserName='".$strUserName."', UserPassword='".$strUserPass."', UserEmail='".$strEmail."', UserCompanyName='".$strCompanyName."', UserFirstName='".$strFirstName."', UserLastName='".$strlastName."', UserTel='".$strTel."', UserHomePage='".$strHomePage."' WHERE UserID='".$strUserID."'") or die(mysql_error()); } ?> Quote Link to comment Share on other sites More sharing options...
jesushax Posted March 18, 2008 Author Share Posted March 18, 2008 do i need two sql queries? cos i still want the sql to run if the user doesnt change their password if they dont change teh password i just want to not set UserPassword and still update the rest Cheers Quote Link to comment Share on other sites More sharing options...
jesushax Posted March 18, 2008 Author Share Posted March 18, 2008 this is how it would work in asp i just dont know in php... SQL = "UPDATE table SET " _ & "UserName ='" & strUserName & "', " _ & "FirstName ='" & strFirstName & "', " if LEN(strUserPass ) > 0 AND not isnull(strUserPass ) then SQL = SQL & "UserPassword='" & strUserPass & "', " end if SQL = SQL & "UserEmail='" & StrUserEmail & "' " _ & "WHERE UserID=" & ID Quote Link to comment Share on other sites More sharing options...
MadTechie Posted March 18, 2008 Share Posted March 18, 2008 Sorry didn't understand the first post i assumed you didn't want to update if their was no password basic translation to php <?php $strUserID = $_SESSION["UserID"]; $strFirstName = mysql_real_escape_string($_POST["txtFirstName"]); $strlastName = mysql_real_escape_string($_POST["txtLastName"]); $strUserName = mysql_real_escape_string($_POST["txtUserName"]); $strUserPass = md5($_POST["txtUserPass"]); $strEmail = mysql_real_escape_string($_POST["txtEmail"]); $SQL = "UPDATE table SET UserName ='".$strUserName."', FirstName ='".$strFirstName."', "; if (isset($_POST["txtUserPass"]) && !empty($_POST["txtUserPass"])) { $SQL = $SQL." UserPassword='".$strUserPass."', "; } $SQL = $SQL." UserEmail='".$strEmail."' WHERE UserID='".$strUserID."' "; //Connect to database etc mysql_query($SQL) or die(mysql_error()); Updated to make it look as close to asp code as i could Quote Link to comment Share on other sites More sharing options...
jesushax Posted March 18, 2008 Author Share Posted March 18, 2008 just what the doctor order thankyou Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.