CodingForums.com - View Single Post

felgall · 01-19-2013, 09:07 AM

Is there some particular reason why you are trying to use three queries to do the job of one?

Also since the password and email are text fields and not numbers the values need to be wrapped in quotes.

Code:

mysql_query("UPDATE Member SET PassWord='$ui', email='$ei', Age=$ag WHERE UserName='$user'")

Note also that the mysql_ interface is obsolete and marked for deletion from PHP - Use the mysqli_ interface instead.

Also use prepare and bind instead of query so as to keep the data separate from the query.

Finally never assign $_POST values directly to fields - you should validate their content first.

01-19-2013, 09:07 AM	PM User \| #2
felgall Master Coder Join Date: Sep 2005 Location: Sydney, Australia Posts: 5,465 Thanks: 0 Thanked 499 Times in 491 Posts	Is there some particular reason why you are trying to use three queries to do the job of one? Also since the password and email are text fields and not numbers the values need to be wrapped in quotes. Code: mysql_query("UPDATE Member SET PassWord='$ui', email='$ei', Age=$ag WHERE UserName='$user'") Note also that the mysql_ interface is obsolete and marked for deletion from PHP - Use the mysqli_ interface instead. Also use prepare and bind instead of query so as to keep the data separate from the query. Finally never assign $_POST values directly to fields - you should validate their content first. __________________ Stephen Learn Modern JavaScript - http://javascriptexample.net/ Helping others to solve their computer problem at http://www.felgall.com/