Jump to content

SQL weird UPDATE result


clown[NOR]

Recommended Posts

well basicly what i'm doing is that i'm working on the Edit Profile page.. but when the user clicks "Save Changes" something weird happens.. no matter what the user types in the password field, the field sais "0"...

this is the script i'm working with...

<?php 
session_start();
print_r($_SESSION);
require_once( 'includes/functions.php' );
$chkLogin=chkLogin();

if ($_POST['Submit']) {
	if ($chkLogin==TRUE) { // Do NOT add any changes if user is not logged in.
		con2db();
		$oldPass=mysql_real_escape_string($_POST['oldpass']);
		$newPass=mysql_real_escape_string($_POST['newpass']);
		$vnewPass=mysql_real_escape_string($_POST['vnewpass']);

		$fname=mysql_real_escape_string($_POST['fname']);
		$lname=mysql_real_escape_string($_POST['lname']);
		$email=mysql_real_escape_string($_POST['email']);
		$city=mysql_real_escape_string($_POST['city']);
		$coutnry=mysql_real_escape_string($_POST['country']);

		$id=mysql_real_escape_string($_POST['id']);

		if (!$oldPass) {
			/*$dbq="UPDATE `users` SET 
				`fname`='$fname' 
				AND 
				`lname`='$lname'
				AND
				`email`='$email'
				AND
				`city`='$city'
				AND
				`country`='$country'
				WHERE
				`id`='$id'
				LIMIT 1
				";*/
				echo  "Do NOT change password";
		} elseif ($oldPass) {
			// Check if old pass is correct
			$pass=md5($oldPass);
			//echo "Pass #1: $pass<br>";
			$xtrasec=md5($pass);
			//echo "Pass #2: $xtrasec<br>";
			$pass=$xtrasec.$pass;
			//echo "Pass #3: $pass<br>";
			$pass=md5($pass);
			//echo "Pass #4: $pass<br>";
			$chkOldPass="SELECT * FROM `users` WHERE `pass`='$pass' AND `id`='$id' LIMIT 1";
			$copRes=mysql_query($chkOldPass);
			if ($copRes) {
				$num=mysql_num_rows($copRes);
				if ($num==1) { // Old password matches the password stored in the database
					echo "Test";
					// Check for errors in new password
					if (!$newPass) { $errors[].="You did not enter a news password."; }
					if (!$vnewPass) { $errors[].="You did not verify your password."; }
					if ($newPass!=$vnewPass) { $errors[].="The passwords didn't match."; }
					if ($errors) { // Found errors
						$_SESSION['errors']=$errors;
					} else {
						$pass=md5($newPass);
						$xtrasec=md5($pass);
						$pass=$xtrasec.$pass;
						$pass=md5($pass);
						$dbq="UPDATE `users` SET
							`pass`='$pass'
							AND
							`fname`='$fname' 
							AND 
							`lname`='$lname'
							AND
							`email`='$email'
							AND
							`city`='$city'
							AND
							`country`='$country'
							WHERE
							`id`='$id'
							LIMIT 1
						";

						mysql_query($dbq);
					}
				} else {
					echo "Old pass WRONG!";
				}
			} else { echo "Something went wrong!"; }
		}
	}
}

?>

 

when i try using "echo $pass" it returns the right value... so this must be something i'm doing wrong with the UPDATE query :D still pretty new to mysql :P

Link to comment
https://forums.phpfreaks.com/topic/98812-sql-weird-update-result/
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.