Hi
I have probably done a stupid mistake. So, bare with
me and help please!
This here is the code (actually a 2-in-1). when in
admin mode, it updates the table and also lets admin
delete user, and when in user mode, it just lets the
user change his/her info (is it sensible to combine
these 2, i dont know).
<?
require("include.php");
require("defs.php");
require("content.php");
if($_ADMIND!="Y") Header("Location: index.php");
?>
<? echo $admin_html_begin; ?>
<p></p>
<?
$err = 0;
$login = strtolower($login);
$pw_a = strtolower($pw_a);
if(strlen($login)>50 || $login=="" ||
$login==$SPECIAL_USERNAME)
{
echo("<tr><td>Error :Your nickname is invalid");
$err = 1;
}
if(strlen($fname)>50 || $fname=="")
{
echo("<tr><td>Error :First Name is either too long
or empty");
$err = 1;
}
if(strlen($lname)>50 || $lname=="")
{
echo("<tr><td>Error :Last Name is either too long
or empty");
$err = 1;
}
if(strlen($email)>50 || $email=="" || strchr($email,
'@')=="" || strchr($email, '.')=="")
{
echo("<tr><td>Error :E-Mail is either too long or
empty");
$err = 1;
}
if(trim($pw)=="" && trim($pw2)=="")
$pwdchange="n";
if($pwdchange!="n")
{
if(strlen($pw)>50 || $pw=="" || strcmp($pw,
$pw2)!=0 || strlen($pw)<$MIN_PWD_LENGTH)
{
echo("<tr><td>Error :Password is either too long,
too short or empty");
$err = 1;
}
}
if(strlen($pw_a)>50 || $pw_a=="")
{
echo("<tr><td>Error :Answer to your secret question
is either too long or empty");
$err = 1;
}
if(strlen($bday)>2 || $bday=="")
{
echo("<tr><td>Error :Invalid day of birth");
$err = 1;
}
if(strlen($byear)>4 || $byear=="" || $byear<1900)
{
echo("<tr><td>Error :Invalid year of birth");
$err = 1;
}
if($err==0)
{
mysql_connect($dbhost, $dbuname, $dbpass) or
die("Error connecting to database backbone");
$crypt_pw = crypt($pw, substr($pw, 0,
$SECURITY_LEVEL));
if($pwdchange!="n")
$pw_query = "ut_password='$crypt_pw',";
else
$pw_query = "";
$isadmin=$isadmin[0];
//echo $isadmin;
$query =
"
UPDATE $usrtab SET
ut_nickname='$login',
ut_firstname='$fname',
ut_lastname='$lname',
ut_email='$email',".$pw_query."
ut_secretquestion='$pw_q',
ut_answer='$pw_a',
ut_birthday='$bday',
ut_birthmonth='$bmon',
ut_birthyear='$byear',
ut_isadmin='$isadmin'
WHERE ut_nickname='$oldlogin';
";
//echo $query;
$result = mysql_db_query($dbname, $query);
echo("<center><font size='5'><b>Updated User
Information for $login</b></font><br><br>");
$result = mysql_db_query($dbname, "SELECT * FROM
$usrtab WHERE ut_nickname='$login' ||
ut_nickname='$oldlogin'");
if(mysql_num_rows($result)<=0)
{
echo("<font size='4' color='red'>User Not
Found!</font>");
} else
{
$row = mysql_fetch_array($result);
if(strtoupper($row["ut_isadmin"])=="Y")
$chked="true"; else $chked="false";
echo
("
<table align='center' width='70%' cellpadding=2
cellspacing=0 border=0>
<tr bgcolor='#eeeeee'>
<td align='center'><b><font
size='4'>Field
Name</td>
<td align='center'><b><font
size='4'>Updated
Values</td>
</tr>
<tr><td bgcolor='#eeeeee'
colspan='2'><br></td></tr>
<tr bgcolor='#eeeeee'>
<td><b> Nick
Name</td>
<td>".$row["ut_nickname"]."</td>
</tr>
<tr bgcolor='#eeeeee'>
<td><b> First
Name</td>
<td>".$row["ut_firstname"]."</td>
</tr>
<tr bgcolor='#eeeeee'>
<td><b> Last
Name</td>
<td>".$row["ut_lastname"]."</td>
</tr>
<tr bgcolor='#eeeeee'>
<td><b> E-Mail</td>
<td>".$row["ut_email"]."</td>
</tr>
<tr bgcolor='#eeeeee'>
<td><b> Secret
Question</td>
<td>".$row["ut_secretquestion"]."</td>
</tr>
<tr bgcolor='#eeeeee'>
<td><b> Answer</td>
<td>".$row["ut_answer"]."</td>
</tr>
<tr bgcolor='#eeeeee'>
<td
valign='top'><b> Password</td>
<td
valign='top'>".$row["ut_password"]."<font
color='red'> <b>ENCRYPTED!!!</b></font></td>
</tr>
<tr bgcolor='#eeeeee'>
<td><b> Day of
Birth</td>
<td>".$row["ut_birthday"]."</td>
</tr>
<tr bgcolor='#eeeeee'>
<td><b> Month of
Birth</td>
<td>".$row["ut_birthmonth"]."</td>
</tr>
<tr bgcolor='#eeeeee'>
<td><b> Year of
Birth</td>
<td>".$row["ut_birthyear"]."</td>
</tr>
<tr bgcolor='#eeeeee'>
<td><b> Administrator
Rights</td>
<td>".$row["ut_isadmin"]."</td>
</tr>
<tr><td bgcolor='#eeeeee'
colspan='2'><br></td></tr>
");
echo("</table>");
}
}
?>
<? echo $admin_html_end; ?>
When i echo the sql, here's what i get...
UPDATE user_tab SET
ut_nickname='indian_robyn',
ut_firstname='Srinivasan',
ut_lastname='Ranganathan',
ut_email='[EMAIL PROTECTED]',
ut_password='de2pKVw0phgJw',
ut_secretquestion='What is the name of your pet?',
ut_answer='pappuchi',
ut_birthday='10',
ut_birthmonth='September',
ut_birthyear='1979',
ut_isadmin='Y'
WHERE ut_nickname='indian_robyn';
and this is the data i get after running the above
query (from script of course)
Nick Name indian_robyn
First Name Srinivasan
Last Name Ranganathan
E-Mail [EMAIL PROTECTED]
Secret Question What is the name of your pet?
Answer Pappuchi
Password depWoMd.B79Ws ENCRYPTED!!!
Day of Birth 10
Month of Birth September
Year of Birth 1979
Administrator Rights N
but if i run that *exact* same query from mysql
client, it gets updated!
Im sorry if i waste your time, but i was just so
confused, please bare with this newbie.
thanks in advance
Srinivasan Ranganathan
____________________________________________________________
*NEW* Connect to Yahoo! Messenger through your mobile phone *NEW*
Visit http://in.mobile.yahoo.com/smsmgr_signin.html
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
