...

View Full Version : Change database values. Either one, or both.



martynball
01-23-2010, 11:37 PM
I want this script to change BOTH values if it detects values added in both fields. But if not, then it will just change the value in the database of which ever field has data in.



<?php
if ($_POST['fName'] && $_POST['lName'] != "") {
echo "Got here";
//Add BOTH
$nfname = mysql_real_escape_string($_POST['fName']);
$nlname = mysql_real_escape_string($_POST['lName']);
$query = "UPDATE users SET fname='$nfname' lname='$nlname' WHERE rid=$srid";
$result = mysql_query ($query);
if (!$result) {
echo "$resErr Error updating first name and last name!";
}
else {
echo "$resSucc Successfully updated last and second name!";
}
}
elseif ($_POST['fName'] != "") && $_POST['lName'] == "") {
//Add first name only
$nfname = mysql_real_escape_string($_POST['fName']);
$query = "UPDATE users SET fname='$nfname' WHERE rid=$srid";
$result = mysql_query ($query);
if (!$result) { echo "$resErr Error updating first name!"; }
else { echo "$resSucc Successfully updated first name!"; }
}
elseif {
//Add last name only
$nlname = mysql_real_escape_string($_POST['lName']);
$query = "UPDATE users SET lname='$nlname' WHERE rid=$srid";
$result = mysql_query ($query);
if (!$result) { echo "$resErr Error updating last name!"; }
else { echo "$resSucc Successfully updated last name!"; }
}
}
else {
echo "Damn";
}
?>


Only problem I am getting at the moment is:
Parse error: syntax error, unexpected T_BOOLEAN_AND in /home/martynba/public_html/stokeGTA/ucp/changeName.php on line 16

But I so no problem :S

masterofollies
01-24-2010, 01:14 AM
This is line 16, change it


elseif ($_POST['fName'] != "") && $_POST['lName'] == "") {

to this below and the error should be fixed.


elseif (($_POST['fName'] != "") && $_POST['lName'] == "") {

martynball
01-24-2010, 12:56 PM
Ohh yeah, I see what is wrong with it now Lol. Cheers. :)

martynball
01-24-2010, 01:18 PM
How can I check if BOTH fields are empty and then display error, but if only one is empty then continue.

My php at the moment:


<?php
if ($_POST['fName'] && $_POST['lName'] != "") {
if ($_POST['fName'] && $_POST['lName'] != "") {
//Add BOTH
$nfname = mysql_real_escape_string($_POST['fName']);
$nlname = mysql_real_escape_string($_POST['lName']);
$query = "UPDATE users SET fname='$nfname', lname='$nlname' WHERE rid=$srid";
$result = mysql_query ($query);
if (!$result) {
echo "$resErr Error updating first name and last name!";
}
else {
echo "$resSucc Successfully updated first and second name!";
}
}
elseif ($_POST['fName'] != "" && $_POST['lName'] == "") {
//Add first name only
$nfname = mysql_real_escape_string($_POST['fName']);
$query = "UPDATE users SET fname='$nfname' WHERE rid=$srid";
$result = mysql_query ($query);
if (!$result) { echo "$resErr Error updating first name!"; }
else { echo "$resSucc Successfully updated first name!"; }
}
elseif ($_POST['fName'] == "" && $_POST['lName'] != "") {
//Add last name only
$nlname = mysql_real_escape_string($_POST['lName']);
$query = "UPDATE users SET lname='$nlname' WHERE rid=$srid";
$result = mysql_query ($query);
if (!$result) { echo "$resErr Error updating last name!"; }
else { echo "$resSucc Successfully updated last name!"; }
}
}
else { echo "$resErr Please complete either one field or both fields!"; }
?>

MattF
01-24-2010, 04:03 PM
Add this just after the opening php tag.



$_POST['fName'] = ((isset($_POST['fName'])) ? trim($_POST['fName']) : '');
$_POST['lName'] = ((isset($_POST['lName'])) ? trim($_POST['lName']) : '');

if ($_POST['fName'] == '' && $_POST['lName'] = '')
{
[error code here]
}

masterofollies
01-24-2010, 05:10 PM
This would be a more secure and coder friendly way.


if ((EMPTY($_POST['fName']) && EMPTY($_POST['lName']))
{
echo 'Both names are empty.';
die();
}

That will check if both are empty, containing no value and will display the message and also kill the script so it doesn't keep processing.

MattF
01-24-2010, 05:41 PM
This would be a more secure

How? I think we can assume he would do whatever necessary for his script within the [error code here] block. Also, isset and empty are two different things. You merely check for a lack of a value with your code, and don't check with regards as to whether the vars actually exist. The code I posted also cleans everything up for further script processing.



and coder friendly way.

Again, how?

martynball
01-24-2010, 06:38 PM
Add this just after the opening php tag.



$_POST['fName'] = ((isset($_POST['fName'])) ? trim($_POST['fName']) : '');
$_POST['lName'] = ((isset($_POST['lName'])) ? trim($_POST['lName']) : '');

if ($_POST['fName'] == '' && $_POST['lName'] = '')
{
[error code here]
}

Cheers. Could you explain how it works briefly please? Also, what does the "?" part actually do? And then you have ":", whats that for? Lol.
Another thing. I have this code here which I go of a website, but I get an error saying:
Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/martynba/public_html/stokeGTA/ucp/settings.php on line 40
I have not changed any of the code, I don't understand why it doesn't work.
<form action="" method="post" name="write" id="write">
Name
<input name="name" type="text" id="name">
<br>
Password
<input name="password" type="text" id="password">
<br>
Email
<input name="email" type="text" id="email">
<br>
Database User
<input name="db_user" type="text" id="db_user">
<br>
Database Password
<input name="db_pass" type="text" id="db_pass">
<br>
Database
<input name="db_data" type="text" id="db_data">
<br>
Host
<input name="db_host" type="text" id="db_host">
<br>
<input type="submit" name="Submit" value="Submit">
</form>
<?php

if ($_POST['Submit']) {
extract($_POST);

$file_to_write = 'config.php';

$content .="<?php";
$content .="$config['name'] = '$name';";
$content .="$config['password'] = '$password';n";
$content .="$config['email'] = '$email';n";
$content .="$config['db_user'] = '$db_user';n";
$content .="$config['db_pass'] = '$db_pass';n";
$content .="$config['db_data'] = '$db_data';n";
$content .="$config['db_host'] = '$db_host';n";
$content .="?>";

$fp = fopen($file_to_write, 'w');
fwrite($fp, $content);
fclose($fp);
echo "Successn";
echo "$file_to_writen";
echo "Has been written";
}
?> And sorry for the lack of new lines, my Enter buttons have decided not to work :/ I probably need to restart my computer, but that takes too long Lol.

MattF
01-24-2010, 07:33 PM
Also, what does the "?" part actually do? And then you have ":", whats that for?




(([if this code evaluates true]) ? [do this] : [else do this for false]);

masterofollies
01-24-2010, 07:41 PM
How? I think we can assume he would do whatever necessary for his script within the [error code here] block. Also, isset and empty are two different things. You merely check for a lack of a value with your code, and don't check with regards as to whether the vars actually exist. The code I posted also cleans everything up for further script processing.




Again, how?

I wasn't saying your code wouldn't work or anything was wrong with it. This is a more modern version of it, and adding DIE will stop the script from processing more information. In your version it doesn't stop it, and it can still process. Such as show the message but still load the page or code block.

For coder friendly, it's a newer version. There is many code tags that have been deleted from PHP since PHP3 and PHP4.

Also saying


if ($fieldname == "") {

That can still miss a blank field. Using EMPTY will ensure it hasn't been touched at all. It's just my way of doing things, I wasn't posting against you, I was adding a second option to the poster.

MattF
01-24-2010, 08:02 PM
if ($fieldname == "") {

That can still miss a blank field.

I'm obviously missing something here. How could that miss an empty field after the isset, trim etc?



Using EMPTY will ensure it hasn't been touched at all. It's just my way of doing things, I wasn't posting against you, I was adding a second option to the poster.

My apologies mate. :) I had a slight uppity moment there. :D If the values in a post field are null or 0, the $_POST var isn't actually set, if I remember correctly. That's why the isset is called. Using empty() would just log an error due to there not actually being a $_POST var set for it to check. Plus, if the form processing does continue due to one or both fields being set, without setting the vars, even if it is just the empty string, again, there could be errors further down the page. Granted though, empty() is a more robust solution after trimming and/or setting the vars.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum