Topic: blah

[Steve]

one last little thing they want is for the user to be able to change user/pass but they dont want it to "be anything that will cost us money" meaning something quick and easy. so this is what i went with, cant think much easier then this. the variables post, but neiother example works wtf

Code: [Select]

$currentusername = $_POST["cusername"];
$newusername = $_POST["nusername"];
$newpassword = $_POST["password"];

if (!$newusername = ""){
$sql= "UPDATE asa_registered_members SET username = '$newusername' WHERE username = '$currentusername'";
}

if (!$newpassword = ""){
$sql2= "UPDATE asa_registered_members SET password = '$newpassword' WHERE username = '$currentusername'";
}

or

Code: [Select]

$currentusername = $_POST["cusername"];
$newusername = $_POST["nusername"];
$newpassword = $_POST["password"];

if ($newusername != ""){
$sql= "UPDATE asa_registered_members SET username = '$newusername' WHERE username = '$currentusername'";
}

if ($newpassword != ""){
$sql2= "UPDATE asa_registered_members SET password = '$newpassword' WHERE username = '$currentusername'";
}


[JaWiB]

Shouldn't you use isset or something? Also, shouldn't the passwords be stored as a hash?

[Steve]

they dont want to pay for my time to do it, so they get the lazy shit. i didnt even feel like posting it felt more like telling them pay for it for f-off. They are cutting me a very very nice check on tuesday though, so i figured why not.

[Steve]

ok screw above questions they decided to pay and i made them a nice little system. This is a preexisting setup they had for searching the database for clubs based on the name. Basically its a drop menu with A-G, H-K, L-Q, R-Z. The form posts properly, but the actual code doesnt work. It must be the if...statements because if i stick echos inside them i get jack shit. It's sloppy but do you guys see any reason the if's wouldnt trip?

Code: [Select]

$namesearch = $_POST["name"];

Code: [Select]

if (isset($namesearch))
{

if ($namesearch == "1")
{
echo "foo";
$a = "a";
$b = "b";
$c = "c";
$d = "d";
$e = "e";
$f = "f";
$g = "g";

$sql = "SELECT * FROM asa_eventregister WHERE clubgroupname LIKE '%$a%' OR '%$b%' OR
'%$c%' OR '%$d%' OR '%$e%' OR '%$f%' OR '%$g%'";

$result = mysql_query($sql);
}
if ($namesearch == '2')
{
$a = "h";
$b = "i";
$c = "j";
$d = "k";

$sql = "SELECT * FROM asa_eventregister WHERE clubgroupname LIKE '%$a%' OR '%$b%' OR
'%$c%' OR '%$d%'";

$result = mysql_query($sql);
}
if ($namesearch == '3')
{
$a = "l";
$b = "m";
$c = "n";
$d = "o";
$e = "p";
$f = "q";

$sql = "SELECT * FROM asa_eventregister WHERE clubgroupname LIKE '%$a%' OR '%$b%' OR
'%$c%' OR '%$d%' OR '%$e%' OR '%$f%'";

$result = mysql_query($sql);
}
if ($namesearch == '4')
{
$a = "r";
$b = "s";
$c = "t";
$d = "u";
$e = "v";
$f = "w";
$g = "x";
$h = "y";
$i = "z";

$sql = "SELECT * FROM asa_eventregister WHERE clubgroupname LIKE '%$a%' OR '%$b%' OR
'%$c%' OR '%$d%' OR '%$e%' OR '%$f%' OR '%$g%' OR '%$h%' OR '%$i%'";

$result = mysql_query($sql);
}

if (!$result) {
  die("Invalid query: " . mysql_error());
}
}

[Steve]

i was testing it couldnt member which to use. i got it tho

[Mike]

In PHP there is no single character literal.  Everything is a string.  '' is an unparsed string while "" is parsed (for things like variables certain escape characters [i.e. \n for newline and \t for tab]).

So if you have

Code: [Select]

<?php
$a='foo';
$b='bar';

echo '$a$b', '<br />', "$a$b";
?>
You would get:

Code: [Select]

$a$b
foobar

[Steve]

Got it, thnx