I need help with update my column in database. I use InnoDB, probably problem is here
$sql_update_heslo = "UPDATE users SET u_password = $_noveHeslo WHERE u_name = '$_SESSION[username]'";
first I am checking if Button was clicke. If yes, then I am checking if there is only 1 user with this name who is logged in, then I am checking if MD5 password from the database is same as user input, if yes then update password based on the user entry.
if (isset($_POST['pass_aktualizovat'])) {
$_old_password = md5($_POST['o_pass']);
$sql_search_for_all_userss = "SELECT * FROM users WHERE u_name = '$_SESSION[username]' ";
$result = mysqli_query($connect_to_db, $sql_search_for_all_userss);
// ak sa najde jedna zhoda v databazy
if ($db_data = mysqli_num_rows($result) == 1) {
while (mysqli_fetch_assoc($result)) {
$_aktualneHeslo = $db_data['u_password'];
}
if (md5($_POST['o_pass'])==$_aktualneHeslo) {
$_noveHeslo = md5($_POST['n_pass']);
$sql_update_heslo = "UPDATE users SET u_password = '$_noveHeslo' WHERE u_name = '".$_SESSION['username']."'";
mysqli_query($connect_to_db, $sql_update_heslo);
echo "treti";
}
echo "druhy";
}
echo "prvy";
}
?>
Related
I am looking to count the number of times 'yes' in present for a user in a table, then post the result into anther table for that same user. Both tables have the username. I would like this done for each user. I have the following but it is not working.
$sql = $item_count = "SELECT SUM(if(strike='yes',1,0)) AS strike_total FROM weekpicks WHERE username = 'username'";
// execute SQL query and get result
$sql_result = mysql_query($sql) or die (mysql_error());
if (!$sql_result) {
echo "Something has gone wrong!";
}
else {
//loop through record and get values
while ($row = mysql_fetch_array($sql_result)) {
$item_result = ($row = #mysql_query($item_count)) or die(mysql_error());
$strike_total = ($row = #mysql_result($item_result,"strike_total"));
$strikes = ($row = $strike_total ['strike_total']);
$username = $row["username"];
// the following will insert number of strikes into table for each user.
$sql = "UPDATE authorize SET strikes = '($strikes)' WHERE username='$username'";
//mysql_query(" UPDATE authorize SET " . "strikes = '" . ($strikes) . "' WHERE username='$username' ");
$result = mysql_query($sql) or die (mysql_error());
Just one query should be enough
Update for single user..
UPDATE authorize SET strikes = (select count(*) from weekpicks WHERE username = '$username' and strike='yes') WHERE username='$username';
For bulk update all users
UPDATE authorize as A SET strikes = (select count(*) from weekpicks B WHERE strike='yes' and A.username=B.username group by B.username)
Isn't that simple.
I use a library that helps me with db functionality. This is a valid syntax:
if ($memID = $db->get_var("SELECT id FROM users WHERE social_id = ".$_SESSION['user'])) {
// user found
$db->query("
UPDATE users
SET
nameF = '".$NameF."',
nameL = '".$NameL."'
WHERE id = ".$memID."
LIMIT 1");
} else {
// user not found
}
I need to add additional checks:
if ($memID = $db->get_var("SELECT id FROM users WHERE social_id = ".$_SESSION['user']) ||
$memID = $db->get_var("SELECT id FROM users WHERE email = '".$Email."' AND password IS NULL") ||
($_COOKIE['socid'] != '' && $memID = $db->get_var("SELECT id FROM users WHERE FIND_IN_SET(social_id, '".$_COOKIE['socid']."'))
){
}
But I think I'm over complicating this and introduce errors along the way. What am I doing wrong?
I'm trying to make an last activity function for an website. but i can't get it to work. I hope you guys can help me out here.
this is my query:
$last_activity_query = "UPDATE users_table SET user_name = '$user_name' WHERE 'date_last_inlog' = NOW()";
$result_update = mysql_query($last_activity_query);
$last_activity_update = mysql_fetch_array($result_update);
this is an print screen of my database table:
I want to store this update in the last row.
Thanks in advance!
i've changed my script now but its still not changing anything in my database table.
this is the change:
if (isset($_REQUEST['inlog_submit'])){//checks if form is submitted
$user_name = $_REQUEST['username_input'];//request username from inlog_form
$password = $crypt;//gets enqrypted pass
//$tbl_name="user_table"; // Table name
$query = "SELECT * FROM users_table WHERE user_name= '$user_name' AND password='$password'";//query stored in var
$last_activity_query = "UPDATE users_table SET 'date_last_inlog' = NOW() WHERE user_name = '$user_name'";
$result = mysql_query($query);//var with result of query
$result_update = mysql_query($last_activity_query);
if ($user_name = mysql_fetch_array($result)){//checks inlog data from form with the $result query
$_SESSION['user_name'] = $user_name[user_name];//creates session with username
$_SESSION['password'] = $password[password];//creates session with password
$last_activity_update = mysql_fetch_array($result_update);
header ('Location: admin.php');//when login is correct redirect to specified page
}else{
$error_inlog = 10;//when inlog data is incorrect this error will show
}
}
?>
Your SQL query is in the wrong order.
$last_activity_query = "UPDATE users_table SET 'date_last_inlog' = NOW() WHERE user_name = '$user_name'";
Your logic is incorrect. Use this:-
"UPDATE users_table SET 'date_last_inlog' = NOW() WHERE user_name = '$user_name'";
You are using this :-
UPDATE users_table SET user_name = '$user_name' WHERE 'date_last_inlog' = NOW()
You are trying to update user_name column where the date_last_inlog column value is equal to the current time which is logically incorrect.
Im trying to create something that if a user choses a match is going to win and that match wins the points enter automatically into DB .. Im doing fine untill the point that points enter only one time into DB. I mean validating properly but everytime on refresh points enter into DB . Help Please.
//Ndeshjet e fituara ose jo
echo "<h3>Ndeshjet e vendosura nga <b>$username</b> dhe Rezultatet:</h3><br/>";
$query = $db-> query("SELECT * FROM match_select WHERE user_id='$username'");
while ($row = $query->fetch(PDO::FETCH_ASSOC)){
$match = $db->query("SELECT * FROM `winner` WHERE `user_id` = '$username' AND `match_id` = '$id' AND `liga`='$liga'");
$id = $row['match_id'];
$liga = $row['liga'];
$koeficent = $row['selected_koef'];
if($match->rowCount($match)){
echo "";
}else{
if ($row['result'] == $row['final']){
$hey = "style='color: green;' ";
$match = $db -> query("INSERT INTO winner (user_id, match_id, koef, final, liga) VALUES ('$username','$id', '$koeficent', '1', '$liga')");
}else if ($row['final']== ""){
$hey = "style='color: black;' ";
}else{
$hey = "style='color: red;' ";
}
}
}
In respect to the code provided and as I understand it;
Select all the matches for that username (loop through all matches)
Validation: check if this has been added to the winner table already
If so ignore it, otherwise if result = final is same (don't know the context here) then store..
The problem is when you select data for validation, they are null value you should declare them before query...as here
$match = $db->query("SELECT * FROM `winner` WHERE `user_id` = '$username' AND `match_id` = '$id' AND `liga`='$liga'");
$id = $row['match_id'];
$liga = $row['liga'];
$koeficent = $row['selected_koef'];
it should be
$id = $row['match_id'];
$liga = $row['liga'];
$koeficent = $row['selected_koef'];
$match = $db->query("SELECT * FROM `winner` WHERE `user_id` = '$username' AND `match_id` = '$id' AND `liga`='$liga'");
This coluld be the reason when refereshing everytime it doesn't find any results so inserts.... my recommendation is to have SQL in a different variable and for testing purposes you can dump it on screen such as
$sql = "SELECT * FROM `winner` WHERE `user_id` = '$username' AND `match_id` = '$id' AND `liga`='$liga'";
echo $sql; //to see whats going on
$match = $db->query($sql);
Hope this helps mate
Been tinkering with my website, it is a seat booking website. Still in alpha testing really so not live to the public yet for obvious reasons.
However, I'm having a few problems with updating the values in my database.
I'll post the code and then explain the problem..
else {
$seatID = $_POST['form_submitted'];
$query1 = "SELECT seatTaken FROM SEATS WHERE seatNo = '$seatID'";
$result = mysql_query($query1);
while($row = mysql_fetch_array($result))
{
$taken = $row['seatTaken'];
}
$query2 = "SELECT passNo FROM PASSENGER WHERE username = '$loggedinuser'";
$result = mysql_query($query2);
while($row = mysql_fetch_array($result))
{
$passno = $row['passNo'];
}
$query3 = "SELECT groupID FROM PASSENGER WHERE username = '$loggedinuser'";
$result = mysql_query($query3);
while($row = mysql_fetch_array($result))
{
$groupno = $row['groupID'];
}
$query4 = "SELECT flightNo FROM PASSENGER WHERE username = '$loggedinuser'";
$result = mysql_query($query3);
while($row = mysql_fetch_array($result))
{
$flightno = $row['flightNo'];
}
// if ($taken = 0) {
$update = mysql_query("UPDATE PASSENGER SET seatNo = $seatID WHERE username = '$loggedinuser'");
$update2 = mysql_query("UPDATE SEATS SET seatTaken = 1, passNo = '$passNo', groupID = '$groupid' WHERE seatNo = '$seatID'");
// AND flightNo = '$flightno'"
echo '<meta http-equiv="refresh" content="5;url=http://www.mywebsite.com/">';
echo mysql_error();
//}
}
?>
Now the user will have selected their seat in the previous form hence the:
$seatID = $_POST['form_submitted'];
However, at the bottom in my queries, the only value that actually changes in the database when this PHP code is run is the boolean value of 'seatTaken', in that it does change from 0 (not occupied) to 1 (occupied).
The field passNo and groupID in my database DO NOT UPDATE as referenced here in these queries:-
$update = mysql_query("UPDATE PASSENGER SET seatNo = $seatID WHERE username = '$loggedinuser'");
$update2 = mysql_query("UPDATE SEATS SET seatTaken = 1, passNo = '$passNo', groupID = '$groupid' WHERE seatNo = '$seatID'");
Is anyone able to help? Many thanks!
Tom
Watch your variable naming and string quotation
When your looking for values in mysql, they usually need to be a string literal (add quotes).
And your other problem is your variable names:
$update = mysql_query("UPDATE PASSENGER SET seatNo = '$seatID' WHERE username = '$loggedinuser'");
$update2 = mysql_query("UPDATE SEATS SET seatTaken = 1, passNo = '$passno', groupID = '$groupno' WHERE seatNo = '$seatID'");
$passno vs $passNo
$groupid vs $groupno
You should also make sure you properly escape any input coming from the user http://php.net/manual/en/function.mysql-real-escape-string.php
One can't see in your code how do you generate the values of $groupid, $passNo, $seatID. Are those varaibles set when you do your update? (just echo the SQL code to see what query is being sent to your database)
Maybe you should try getting the variables from your post request, like $_POST['groupid'], if groupid is the name of the field in the form.