update in MYSQL using php and login

update in MYSQL using php and login - php

I am doing an update of values inside a MySQL database using PHP
and here is my code to update
$id = $_REQUEST['uid'];
$name = $_REQUEST['name'];
$company = $_REQUEST['company'];
$contact = $_REQUEST['contact'];
$email = $_REQUEST['email'];
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
echo "$id "."$name". "$company" . "$contact" . "$email";
if ($conn->connect_error)
{
die("Connection failed: " . $conn->connect_error);
}
else
{
$sql = "UPDATE `users` SET `userName`='$name',`userEmail`='$email',`userCompany`='$company',`userContact`='$contact' WHERE userID = $id";
if (mysqli_query($conn, $sql))
{
mysqli_commit($conn);
echo "success";
}
else
{
echo "error";
}
}
mysqli_close($conn);
it does the update and changes the value in the db.
But when I login using the previous username and password, it still accepts it
code for login
$uname= $_REQUEST['loginusername'];
$pword= $_REQUEST['loginpassword'];
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
else
{
$sql = "SELECT * FROM `users` WHERE userName = '$uname' AND userPassword = '$pword'";
$return = mysqli_query($conn, $sql);
if(mysqli_num_rows($return) > 0)
{
echo 'found';
}
else
{
echo 'not found';
}
}
$conn->close();
thanks in advance

You don't update your Password field in
UPDATE `users` SET `userName`='$name',`userEmail`='$email',`userCompany`='$company',`userContact`='$contact' WHERE userID = $id
and it isn't a good practice to save clear text passwords. Its better to hash it with an hash algorithm (for example sha256) and salt it.

Related

MYSQL create a line with every new user

I have a little problem
I want to create a script, that creates a new line in the table, if there is a new user and in the line, change the "points" columme to zero(0)
This is my current code:
<?php
header('Content-Type: text/html; charset=Windows-1250');
$firstName = $_POST['firstname'];
$servername = "db.mysql-01.gsp-europe.net";
$username = "xxxxxxxxxx";
$password = "xxxxxxxxxxx";
$dbname = "xxxxxxxxxxx";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// sql to create table
$sql = "UPDATE `member_profile` SET points = points + 1 WHERE user_id = '$firstName'";
if ($conn->query($sql) === TRUE) {
echo "Thingz created successfully";
} else {
echo "Error doing sum thingz: " . $conn->error;
}
$conn->close();
?>
What i need in the cube: When there new user_id ($firstName) appear, create new line with this user name, and change the "points" columme from "null" into Zero(0)
Thanks for yout time, I appreciate it

If I understand well you want to check if the user exists or not. If user is new create new line with the user with 0 points and if exist increse points with 1.
<?php
header('Content-Type: text/html; charset=Windows-1250');
if(isset($_POST['firstname'])){
$firstName = $_POST['firstname'];
$servername = "db.mysql-01.gsp-europe.net";
$username = "xxxxxxxxxx";
$password = "xxxxxxxxxxx";
$dbname = "xxxxxxxxxxx";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
// check if the user exist
$check = "SELECT * FROM `member_profile` WHERE user_id = '$firstName'";
$result = mysqli_query($conn,$check) or die(mysqli_error($conn));
$rows = mysqli_num_rows($result);
//if exist increse points with 1
if($rows>=1){
$sql = "UPDATE `member_profile` SET points = points + 1 WHERE user_id = '$firstName'";
if ($conn->query($sql) === TRUE) {
echo "Thingz created successfully";
} else {
echo "Error doing sum thingz: " . $conn->error;
}
}
//if don't exist create user with points 0
if($rows==0)
{
$query = "INSERT into `member_profile` (user_id, points) VALUES ( '$firstName' ,'0')";
$result = mysqli_query($conn,$query)or die(mysqli_error($conn));
$conn->close();
}
}
?>
Remember, I gave you an idea, the code is prone to sql inject

Inserting data into mySQL database through PHP is not working

I've been trying to figure out how to insert data into mySQL database for a long time. When I try to insert data, it returns "no database selected". I'm not too sure what's wrong with the code, could someone check it out?
<?php
$servername = "localhost";
$database= "learnsc2_ts";
$username = "learnsc2_admin";
$password = "Ts#123";
$conn = new mysqli($servername, $username, $password, $database);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
else {
echo "Connection successful";
}
$query = "INSERT INTO users(fname, lname) VALUES ('Owen',
'Feng')";
mysqli_query($conn, $query);
if (mysqli_query($conn, $query)) {
echo "New record created successfully";
} else {
echo "Error: " . $query . "<br>" . mysqli_error($conn);?>

Make sure your database name is correct.
i tested it in my local, It's work Just fine.
$servername = "localhost";
$database= "test";
$username = "root";
$password = "";
$conn = new mysqli($servername, $username, $password, $database);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$query = "INSERT INTO users(fname, lname) VALUES ('Owen',
'Feng')";
$query = mysqli_query($conn, $query);
if ($query) {
echo "New record created successfully";
} else {
echo "Error: " . $query . "<br>" . mysqli_error($conn);
}

You forgot to add database name
$conn = new mysqli($servername, $username, $password, $database);

I figured it out. Something was wrong with the old username I was using. After changing to a new username and database, it worked out!

I am trying to run a query that takes value from one table and uses it as condition to fetch value or execute action on another table

I am trying to take the value of the topay column where torecieve equals to current session user id and use it to perform operation on the user table.
But it throws a syntax error
<?php
session_start();
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "bazze2";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$merge = "SELECT topay FROM merge WHERE torecieve=$_SESSION[id]";
$sql = "UPDATE user SET topay2='10000000' WHERE 'id'=$merge";
if ($conn->query($sql) === TRUE) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $conn->error;
}
$conn->close();
?>

Use a prepared query, and use a join.
$sql = "UPDATE user AS u
JOIN merge AS m ON u.id = m.topay
SET u.topay2 = '10000000'
WHERE m.toreceive = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param('i', $_SESSION['id']);
if ($stmt->execute()) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $stmt->error;
}

php sql insert blank values

Whenever I submit my php form, the data shows up blank in the database. What is not working? I've tried to setup the code different, but no matter what I do, the values ends up being blank.
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if (isset($_POST["email"]))
{
$login = $_POST["email"];
}
else
{
$login = null;
}
if (isset($_POST["psw"]))
{
$psw = $_POST["psw"];
}
else
{
$psw = null;
}
$login2 = mysqli_real_escape_string($conn, $login);
$psw2 = mysqli_real_escape_string($conn, $psw);
$verify = "INSERT INTO test (email, password) VALUES ('$login2', '$psw2')";
$verify2 = mysqli_query($conn, $verify);
$conn->close();
?>

Try this:
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if(isset($_POST['login']) and isset($_POST['email'])){
$insert = mysqli_query("INSERT INTO test VALUES('".$_POST['login']."', '".$_POST['email']."')");
if($insert){
echo "Dados inseridos.";
}
}
$conn->close();

mysql will not insert past fourth row

I'm not exactly sure what happened but this database and the php effecting it were working just fine until it hit the fourth row and now it won't insert new records at all.
if($_POST)
{
$servername = ******;
$username = ******;
$password = ******;
$db = ******;
$conn = mysqli_connect($servername, $username, $password, $db);
mysqli_select_db($conn,$db);
$uuid = $_POST['uuid'];
$sql = "INSERT INTO uuid VALUES ('$uuid');";
mysqli_query($conn,$sql);
mysqli_close($conn);
}
I'm not sure what happened but this is the relevant code for the mysqli query.

try this
<?php
if(isset($_POST['uuid']))
{
$servername = yourServerName;
$username = username;
$password = password;
$dbname = databaseName;
// Create connection
$conn = mysqli_connect($servername, $username, $password, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$uuid = $_POST['uuid'];
$sql = "INSERT INTO tableName (columnName) VALUES ('$uuid')";
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
mysqli_close($conn);
}
?>
Also, I recommend using prepared statements.

We Keep Coding

PHP, A popular general-purpose scripting language that is especially suited to web development.

update in MYSQL using php and login - php

Related

MYSQL create a line with every new user

Inserting data into mySQL database through PHP is not working

I am trying to run a query that takes value from one table and uses it as condition to fetch value or execute action on another table

php sql insert blank values

mysql will not insert past fourth row

Categories

Resources