NOt able to update existing data of a application form.

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • itsmenarwal
    New Member
    • Jan 2010
    • 20
    #1

    NOt able to update existing data of a application form.

    I am editing my application form.So what i am Doing telling you here..I am already logged in

    * First of all i am giving a edit link(edit_profi le1.php) on my home page
    * NOw i am asking again for username and password so that unauthorized user can not making editing in your profile
    * NOw on edit_profile1.p hp i am checking username and password sent by user to the username and password stored in database
    * If username and password are correct then i am redirected to edit_profile2.p hp
    * Here I am creating a form with same text boxes as i used in filling the application form(i am using same name for boxes).Here is a button with name update

    For the last page edit_profile3.p hp i am giving coading here
    Code:
    <?php

    $con=mysql_connect("localhost","root","");
        if(!$con)
        {
        die('Could Not Connect:'.mysql_error());
        } 
        mysql_select_db("tcs",$con);

$usr=$_POST["username"];                 
$pwd=hash('sha1',$_POST['password']);   

$query="select * from employee where Username='$usr' and Password='$pwd'";   

$result=mysql_query($query,$con);


if ($result) 
{

$row=mysql_fetch_array($result);
$sql="update employee set ($row['Username']=$usr,$row['Password']=$pwd)";

$deepak=mysql_query($sql,$con);

if($deepak)
{
    echo "Updation Successfull"
}

}
?>
    Now when i excute this error is coming like this Parse error: syntax error, unexpected T_ENCAPSED_AND_ WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in F:\Study Material\Linux\ xampp\htdocs\ed it_profile3.php on line 21

    Line number 21 is
    $sql="update employee set ($row['Username']=$usr,$row['Password']=$pwd)";

    NOw i am not getting where i am getting wrong.Plz also tell me is there any other method for updating application forms any another logic.Plz check out above.
    Tags: None
    • Dormilich
      Recognized Expert Expert
      • Aug 2008
      • 8694
      #2
      one of the variable content’s could break your query string. hard to tell without the actual values.

        Comment

        • itsmenarwal
          New Member
          • Jan 2010
          • 20
          #3
          this is the last file actaul code...u tell me what u want should i send all files

            Comment

            • Dormilich
              Recognized Expert Expert
              • Aug 2008
              • 8694
              #4
              I don’t need further files, it’s the sql string itself that makes the problems.

              actually, this sql looks a bit twisted … and I don’t understand it’s purpose at all
              Code:
              $sql="update employee set ($row['Username']=$usr,$row['Password']=$pwd)";

                Comment

                • Atli
                  Recognized Expert Expert
                  • Nov 2006
                  • 5062
                  #5
                  Yea, be very very careful about using that SQL query. (Or rather; a working version of that SQL query). It has no WHERE or LIMIT clause, so it will update EVERY row in the table with those values.

                  But to fix the error:
                  [code=php]
                  $str = "This works: $_POST[stuff]";
                  $str = "This doesn't: $_POST['stuff']";
                  $str = "But this does: {$_POST['stuff']}";
                  [/code]
                  See the differences there?
                  If you want to include the quotes in the array element names inside a string, it needs to be wrapped in brackets: {}. If you do not use brackets, the elements can not be quoted.

                    Comment

                    Previous template Next
                    Working...