aarontbarksdale Posted February 2, 2014 Share Posted February 2, 2014 Hey Guys, So, I know this information is all over the 'net...and I've scoured dozens of similar problems, however, none of the suggested fixes have helped for my code. So, I've turned back here... <? session_start(); ?><?php$email = $_SESSION['email'];$userid = $_SESSION['user_id'];include ('connect.php');$result = mysql_query("SELECT * FROM shadbarktest.mcn_users WHERE email = '$email'"); $row = mysql_fetch_array($result);// data sent from form $first_name = $_POST['first_name'];$last_name = $_POST['last_name'];$user_email = $_POST['email'];$address = $_POST['address'];$city = $_POST['city'];$state = $_POST['state'];$zip = $_POST['zip'];$phone = $_POST['phone'];$password = $_POST['password'];// To protect MySQL injection (more detail about MySQL injection)$first_name = stripslashes($first_name);$last_name = stripslashes($last_name);$user_email = stripslashes($user_email);$address = stripslashes($address);$city = stripslashes($city);$state = stripslashes($state);$zip = stripslashes($zip);$phone = stripslashes($phone);$password = stripslashes($password);$first_name = mysql_real_escape_string($first_name);$last_name = mysql_real_escape_string($last_name);$user_email = mysql_real_escape_string($user_email);$address = mysql_real_escape_string($address);$city = mysql_real_escape_string($city);$state = mysql_real_escape_string($state);$zip = mysql_real_escape_string($zip);$phone = mysql_real_escape_string($phone);$password = mysql_real_escape_string($password);// Adding information to Database$update = 'UPDATE mcn_users SET first_name = "$first_name", last_name = "$last_name", bill_address = "$address", city = "$city", state = "$state", zip = "$zip", phone = "$phone", email = "$user_email", user_pass = "$password" WHERE user_id = "$userid"';@mysql_query($update);$_SESSION['email'] = $user_email;echo $userid ."<br/>";echo $first_name ."<br/>";echo $last_name ."<br/>";echo "<a href="user_mainpage.php">Return</a>";?> It simply is not adding the updated information that it receives from the Edit User page to the database. Please point out to me where I've gone wrong:I have tried... "UPDATE mcn_users SET first_name='". $first_name ."'..."UPDATE mcn_users SET first_name='{$first_name}'..."UPDATE mcn_users SET `first_name`='$first_name'... NOTHING HAS WORKED...which leads me to question if I even have the syntax correct. Link to comment Share on other sites More sharing options...
Don Jajo Posted February 2, 2014 Share Posted February 2, 2014 Okay, i got it Here in your code $update = 'UPDATE mcn_users SET first_name = "$first_name", last_name = "$last_name", bill_address = "$address", city = "$city", state = "$state", zip = "$zip", phone = "$phone", email = "$user_email", user_pass = "$password" WHERE user_id = "$userid"'; your MySQL query should start with double quotes (") and the values inside should be in single quotes (') Try that Link to comment Share on other sites More sharing options...
aarontbarksdale Posted February 3, 2014 Author Share Posted February 3, 2014 Don, Thanks, tried that...didn't work. I changed the code to read $update = mysql_query('UPDATE mcn_users SET first_name = "$first_name", last_name = "$last_name", bill_address = "$address", city = "$city", state = "$state", zip = "$zip", phone = "$phone", email = "$user_email", user_pass = "$password" WHERE user_id = "$userid"'); And removed the @mysql_query($update); line...still doesn't work. Link to comment Share on other sites More sharing options...
Ingolme Posted February 3, 2014 Share Posted February 3, 2014 Variables inside strings aren't interpretted when the string is wrapped in single-quotes. $a = 1;echo 'Number $a'; // Shows "Number $a"echo "Number $a"; // Shows "Number 1" Link to comment Share on other sites More sharing options...
justsomeguy Posted February 3, 2014 Share Posted February 3, 2014 You might want to switch over to something like mysqli or PDO to help you out, you wouldn't run into issues like that if you were using prepared statements and passing in the values that you want to use. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now