clown[NOR] Posted March 31, 2008 Share Posted March 31, 2008 well basicly what i'm doing is that i'm working on the Edit Profile page.. but when the user clicks "Save Changes" something weird happens.. no matter what the user types in the password field, the field sais "0"... this is the script i'm working with... <?php session_start(); print_r($_SESSION); require_once( 'includes/functions.php' ); $chkLogin=chkLogin(); if ($_POST['Submit']) { if ($chkLogin==TRUE) { // Do NOT add any changes if user is not logged in. con2db(); $oldPass=mysql_real_escape_string($_POST['oldpass']); $newPass=mysql_real_escape_string($_POST['newpass']); $vnewPass=mysql_real_escape_string($_POST['vnewpass']); $fname=mysql_real_escape_string($_POST['fname']); $lname=mysql_real_escape_string($_POST['lname']); $email=mysql_real_escape_string($_POST['email']); $city=mysql_real_escape_string($_POST['city']); $coutnry=mysql_real_escape_string($_POST['country']); $id=mysql_real_escape_string($_POST['id']); if (!$oldPass) { /*$dbq="UPDATE `users` SET `fname`='$fname' AND `lname`='$lname' AND `email`='$email' AND `city`='$city' AND `country`='$country' WHERE `id`='$id' LIMIT 1 ";*/ echo "Do NOT change password"; } elseif ($oldPass) { // Check if old pass is correct $pass=md5($oldPass); //echo "Pass #1: $pass<br>"; $xtrasec=md5($pass); //echo "Pass #2: $xtrasec<br>"; $pass=$xtrasec.$pass; //echo "Pass #3: $pass<br>"; $pass=md5($pass); //echo "Pass #4: $pass<br>"; $chkOldPass="SELECT * FROM `users` WHERE `pass`='$pass' AND `id`='$id' LIMIT 1"; $copRes=mysql_query($chkOldPass); if ($copRes) { $num=mysql_num_rows($copRes); if ($num==1) { // Old password matches the password stored in the database echo "Test"; // Check for errors in new password if (!$newPass) { $errors[].="You did not enter a news password."; } if (!$vnewPass) { $errors[].="You did not verify your password."; } if ($newPass!=$vnewPass) { $errors[].="The passwords didn't match."; } if ($errors) { // Found errors $_SESSION['errors']=$errors; } else { $pass=md5($newPass); $xtrasec=md5($pass); $pass=$xtrasec.$pass; $pass=md5($pass); $dbq="UPDATE `users` SET `pass`='$pass' AND `fname`='$fname' AND `lname`='$lname' AND `email`='$email' AND `city`='$city' AND `country`='$country' WHERE `id`='$id' LIMIT 1 "; mysql_query($dbq); } } else { echo "Old pass WRONG!"; } } else { echo "Something went wrong!"; } } } } ?> when i try using "echo $pass" it returns the right value... so this must be something i'm doing wrong with the UPDATE query still pretty new to mysql Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.