3 replies to this topic

[Korndawg]

Hey P2L! It's me with another stupid question!

I know I can get this to work by doing an update one field at a time instead of all at once, but I figure I should be able to update all at once. Please take a look at the code and let me know why it won't update.

It displays the message saying it did, but the database is never updated.

(FYI, I know the code is sloppy, before uploading it I am going to go back and redo the entire document, but if I can't get it working now, then I expect it wont work later.)

// --------- Edit an Admin ---------
}else if($action == "edit"){
	$id = $_GET['id'];

	$query = mysql_query("SELECT * FROM `admins` WHERE `id` = '$id'");
	$q=mysql_fetch_array($query);

	if(isset($_POST['editAdmin'])){
		
		$user = $_POST['user'];
		$oldpass = $_POST['oldpass'];
		$pass = $_POST['pass'];
		$email = $_POST['email'];
		$fname = $_POST['fname'];
		$lname = $_POST['lname'];
		$admin = $_POST['admin'];

		$continue = TRUE;

		if(empty($email)){
	   		echo $trtd.'You must enter an e-mail.'.$trtdend;
			$continue = FALSE;
		}
		if(empty($fname)){
	   		echo $trtd.'You must enter a first name.'.$trtdend;
			$continue = FALSE;
		}
		if(empty($email)){
	   		echo $trtd.'You must enter an last name.'.$trtdend;
			$continue = FALSE;
		}
		if(empty($admin)){
	   		echo $trtd.'You must enter an admin level.'.$trtdend;
			$continue = FALSE;
		}
		
		if(empty($oldpass) && empty($pass)){
		}else{
			if($oldpass == $q['pass'] && $continue != FALSE){
				$pass = md5(md5($pass));
				mysql_query("UPDATE `admins` SET `pass` = '$pass' WHERE `id` = '$id'");
			}
		}

		if ($continue || $continue == TRUE){
			mysql_query("UPDATE `admins` SET `fname` = '$fname', 
											 `lname` = '$lname', 
											 `email` = '$email', 
											 `admin` = '$admin' 
										 WHERE `id` = '$id'") or die("<font color=\"red\">Unable to update the admin in the database :: Unable to continue update.</font>");
			echo $trtd."<b><center>Username \"$q[user]\" successfully updated.</center></b>".$trtdend;
		}
	}else{
?>
<form method="Post" action="<?php echo $_SERVER['PHP_SELF']; ?>?action=edit">
	<tr>
		<td colspan="7" align="center">
			<table width="100%" colspan="2" align="center" valign="top" class="mainFont">
				<tr>
					<td align="right">
						First Name:
					</td>
					<td align="left">
						<input type="text" name="fname" value="<?php echo $q['fname']; ?>">
					</td>
				</tr>
				<tr>
					<td align="right">
						Last Name:
					</td>
					<td align="left">
						<input type="text" name="lname" value=" <?php echo $q['lname']; ?>">
					</td>
				</tr>
				<tr>
					<td align="right">
						E-mail:
					</td>
					<td align="left">
						<input type="text" name="email" value="<?php echo $q['email']; ?>">
					</td>
				</tr>
				<tr>
					<td align="right">
						Username:
					</td>
					<td align="left">
						<input type="text" name="user" value="<?php echo $q['user']; ?>" disabled>
					</td>
				</tr>
				<tr>
					<td align="right">
						Old Password:
					</td>
					<td align="left">
						<input type="text" name="oldpass" value="">
					</td>
				</tr>
				<tr>
					<td align="right">
						New Password:
					</td>
					<td align="left">
						<input type="text" name="pass" value="">
					</td>
				</tr>
				<tr>
					<td align="right">
						Admin Level:
					</td>
					<td align="left">
						<select name="admin">
							<option value="1" <?php if($q['admin'] == "1"){ echo "SELECTED"; } ?>>Regular Admin</option>
							<option value="2" <?php if($q['admin'] == "2"){ echo "SELECTED"; } ?>>Super Admin</option>
						</select>
					</td>
				</tr>
				<tr>
					<td align="right">&nbsp;
						
					</td>
					<td align="left">
						<input type="submit" name="editAdmin" value="Edit">
					</td>
				</tr>
			</table>
		</td>
	</tr>
	</form>
<?php
	}

[rc69]

// ...
$id = $_GET['id'];
// ...
<form method="Post" action="<?php echo $_SERVER['PHP_SELF']; ?>?action=edit">

It may actually be updating correctly. Since $id is never set, you'd be surprised how "right" that can make things look while they may be so very wrong.

You're on the right track though; two lines after that you run a select query with it. However, i don't see you actually check to see if $q actually has anything, or if (hypothetically speaking) mysql_num_rows() returned > 0.

My two other criticisms.

		if(empty($oldpass) && empty($pass)){
		}else{
			if($oldpass == $q['pass'] && $continue != FALSE){
				$pass = md5(md5($pass));
				mysql_query("UPDATE `admins` SET `pass` = '$pass' WHERE `id` = '$id'");
			}
		}

		if((!empty($oldpass) || !empty($pass)) && ($oldpass == $q['pass'] && $continue != FALSE)){
			$pass = md5(md5($pass));
			mysql_query("UPDATE `admins` SET `pass` = '$pass' WHERE `id` = '$id'");
		}

1. De Morgan's Law = God. You also don't need to use a nested if, just a conjunction (with the negation of your original condition).

		if ($continue || $continue == TRUE){

2. || is a short-circuit operator. PHP, in a similar fashion to C, will evaluate an non-zero variable to be true. Since true is true (naturally), that conditional will short-circuit and it will never actually check to see if it specifically equals true (note: "foo" evaluates to true also, so to prevent a misassignment from slipping in, it's best to see if $continue is simply equal to true).

[Korndawg]

I got it fixed. I didn't realize what you meant at the beginning rc69, then I stopped and actually looked at the code. It was loading the right id for the right admin, however when I would submit the form the id wasnt sent again. So the code didn't know which admin I wanted to change.

I switched the form from this...

<form method="Post" action="<?php echo $_SERVER['PHP_SELF']; ?>?action=edit">

To this...

<form method="Post" action="<?php echo $_SERVER['PHP_SELF']; ?>?action=edit&id=<?php echo $q['id']; ?>">

Thanks for the help rc69, you always solve my problems... You should just give me your phone number. lol jp .

As for the updating password if statement. I fixed that also, I didn't know I could have so many checks in one if statement so I learned a little something there as well. I also knew I could use the || as OR in C++ but I didn't know if it worked the same in PHP so that also answered a question that I have been wondering in my mind for quite awhile.

Please close this, and thanks again rc69. I'll catch ya again when another stupid question arises.

[rc69]

Quote

As for the updating password if statement. I fixed that also, I didn't know I could have so many checks in one if statement so I learned a little something there as well. I also knew I could use the || as OR in C++ but I didn't know if it worked the same in PHP so that also answered a question that I have been wondering in my mind for quite awhile.

I think you missed the point i was trying to make here. I didn't doubt that you knew about ||, it's just the use of an empty if-statement followed by an else.

Basically:

if($something && $anotherthing){
}else{
	// ...
}

Is equivalent to:

if(!($something && $anotherthing)){
	// ...
}

// and
if(!$something || !$anotherthing){
	//..
}

Using the second version allows for more efficient short-circuiting.

Anywho, i'll close this and leave you to ponder what i said. If you have further questions about it, feel free to send me a pm.