This question already has answers here:
Why does this PDO statement silently fail?
(2 answers)
Closed 6 years ago.
Im trying to update my data using php but it doesnt work, any ideas?
This is the code, this isnt the full code (its not done) but even the username cant be updated.
<?php
session_start();
include "dbconfig.php";
require "check.php";
if(!empty($_POST['user_name']) || !empty($_POST['user_email'])){
$user_name = trim($_POST['user_name']);
$user_email = trim($_POST['user_email']);
$count=$db_con->prepare("SELECT * FROM users WHERE user_id=:userid");
$count->bindParam(":userid",$_SESSION['user_session'],PDO::PARAM_STR,15);
$count->execute();
$row = $count->fetch(PDO::FETCH_OBJ);
$sql=$db_con->prepare("update users set user_name=:username where user_id='$row->user_id'");
$sql->bindParam(':username',$user_name,PDO::PARAM_STR, 32);
if($sql->execute()){
echo "Successfully updated Profile";
}
else{
print_r($sql->errorInfo());
}
else {
echo "No data inserted!"
}
include "home.php";
?>
I guess a syntax error in this Line
$sql=$db_con->prepare("update users set user_name=:username where user_id='$row->user_id'");
Corrected
$sql=$db_con->prepare("update users set user_name=:username where user_id="$row->user_id);
Related
This question already has answers here:
Reference - What does this error mean in PHP?
(38 answers)
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(1 answer)
Closed 5 years ago.
I am writing a login form with PHP and Mysql.
I did everything its just the forgot password that is not working.
It sends me email confirmation but it does not update the password in the database.
First is the forgot page, then sends an email and redirect me to the confirm_pass.html page where is the form for the two passwords and on this page executes the confirm_pass.php where is doing everything, except updating the password in the database.
Please help.
<?php
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Make sure the two passwords match
if ( $_POST['newpassword'] == $_POST['confirmpass'] ) {
$new_password = password_hash($_POST['newpassword'], PASSWORD_BCRYPT);
$email = $mysqli->escape_string($_POST['email']);
$confirm_code = md5(rand().$password);
$result = "UPDATE `mv_db`.`users` SET `password`='$new_password', `confirm`='$confirm_code' WHERE `email`='$email'";
if ( $mysqli->query($result) ) {
header("location: login.html");
}
}
else {
$_SESSION['message'] = " The two passwords you entered don't match, try again!";
header("location: error.php");
}
}
?>
Your $_POST['email'] is not defined, because there is no "email" field in your HTML form.
So nothing is updated in database, because there is no matching record.
This question already has answers here:
Reference - What does this error mean in PHP?
(38 answers)
How to include php file in a php file
(1 answer)
What to do with mysqli problems? Errors like mysqli_fetch_array(): Argument #1 must be of type mysqli_result and such
(1 answer)
Closed 5 years ago.
So i have a page where there is a button when clicked it takes u to an admin page.
if u click it first takes u to a admincheck code before bringing u to the adminpage. In that admincheck page it should let admins go through and normal users redirected back. It doesnt work i dont know why
here is the admincheck code:
<?php
include "dbconnection.php";
include "login.php;"
$query = "SELECT * FROM gebruikers WHERE gebruikerID = $userid";
$result = mysqli_query($conn, $query);
$count = $conn->affected_rows;
if($row['admin']=='Ja'){
header("location: contactregister.php");
}
else{
$message = "You shall not pass!";
echo "<script type='text/javascript'>alert('$message');</script>";
header("location: home.php");
}
?>
Did i do anything wrong in that code??
This question already has answers here:
MySQL password function
(4 answers)
Closed 2 years ago.
I am making a php document the logs the user in if they are in the database and entered the correct username and password. To be secure I am using prepared statements but I can't get the results from my SELECT query to set session variables necessary for my site. Here is my code...
<?php
session_start();
require 'config.php'; #This file has all connection info
#$C is the mysqli connection
#$USERS is the name of the table in my database
$sql = $C->prepare('SELECT ID,Username,Favorites FROM '.$USERS.' WHERE Email=? AND Password=PASSWORD(?)');
$sql->bind_param("ss", $e,$p);
$e = $_POST['e'];#email
$p = $_POST['p'];#password
$query = $sql->execute();
$sql->store_result();
$numrows = $sql->num_rows;
if($numrows == 1) {
$sql->bind_result($id,$username,$favs);
while($sql->fetch()) {
$_SESSION['ID'] = $id;
$_SESSION['Name'] = $username;
$_SESSION['favs'] = $favs;
$_SESSION['valid'] = true;
}
echo 'true';
}
else {
echo 'User Not Found';
}
This just echoes 'User Not Found' because $numrows always = 0 and I made sure that all the entered info was correct.
Move the variable assignments to $e and $p above the call to bind_params or at least declare them above the call.
The parameters to bind_params are passed by reference, so changes to the variables after bind but before execute take effect, but AFAIK the variables have to exist before the bind call.
This question already has answers here:
When to use single quotes, double quotes, and backticks in MySQL
(13 answers)
Closed 6 years ago.
Hi! The objective of this code is to log-in to a website. This code has no error but still doesn't redirect to a profile page. Please, help. Thank you!
<?php
include("dbconnect.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "post")
{
$username = $_POST['student'];
$password = $_POST['password'];
$query=mysqli_query($dbconfig,"SELECT * FROM members WHERE sn=$username AND pw=$password");
$row=mysqli_fetch_array($query,MYSQLI_ASSOC);
$count=mysqli_num_rows($query);
if($count==1)
{
$_SESSION['login_user']=$username;
header("location: main.php");
}
else
{
$error="Username or Password is invalid";
}
}
?>
You need to write you query like this
$query=mysqli_query($dbconfig,"SELECT * FROM members WHERE sn='".$username."' AND pw='".$password."'");
Your query doesn't work. Try with SELECT * FROM members WHERE sn='$username' AND pw='$password'
And also after you execute the query check if the are some errors with
if(!$query)
die(mysqli_error($dbconfig));
P.S. sanitize username and password before inserting them in a query
This question already has answers here:
The 3 different equals
(5 answers)
Closed 7 years ago.
i am trying to make a website using php with mysql database..
here is my code
<?php
$con=mysql_connect("localhost", "root", "");
mysql_select_db("mydatabase", $con);
$query = "INSERT INTO tblSecurity Values('".$_POST['txtUser']."','".$_POST['txtPass']."')";
$password = $_POST['txtPass'];
$confirm = $_POST['txtPassConfrm'];
mysql_query($query, $con);
if($password = $confirm)
{
Header("Location: Login.php");
}
else
{
echo"Verify your Answer";
}
?>
the problem is, how can i verify if the confirm password is same with the password inputted, this code works but it wont move to ELSE even the passwords are not the same. can anyone help me correct this please.. thanks
better practice is check two passwords are same in inputting stage.
here also code is correct , only mistake is php needs == instead of =.