Hi all i have this peice of code which allows my users to edit their profile details they can easily change and edit.. and if they dont fill in a field it gives them a "field missing error" and to retry.. all of that works. Now here is my peice of code <?php include "../../config.php"; $firstname = $_POST['firstname']; $password = $_POST['password']; $n_firstname = $_POST['new_firstname']; $update = $_POST['update']; if ((!$firstname) || (!$n_firstname) || (!$password)){ include 'fieldmissing.php'; exit(); } $connection = mysql_connect("**************","****","****"); mysql_select_db("****", $connection); if ( $firstname && $password && $n_firstname && $update ) { mysql_query("UPDATE cms_members SET firstname='$n_firstname' WHERE firstname='$firstname' AND password='$password'", $connection); mysql_close($connection); include 'successfulchange.php'; } ?> PHP: Thats a working validation script.. as you can see when the user puts in her old firstname and then her new first name and then her current password it updates and sends them to the successful page, if they miss out a field it tells them field is missing etc.. But when the user fills out the field but with the wrong information i.e. wrong password or firstname etc it dosent update but goes to the succuessful page?? I want it to go to another page if the password or current username is incorrect.. how can i do this? If tried putting other if and else statements in between but dosent work.. it seems to be a very small problem i dont know how to fix. Thanks in advance.
You need to catch the return value of the mysql_query. If its 0, it means it failed and redirect to a fail page or back to the form. If success, continue on. Which is in examples here at php.net: http://us2.php.net/manual/en/function.mysql-query.php $query = YOUR_SQL_STATEMENT; $result = mysql_query($query); if(!$result) { include 'failed.php'; } else { include 'success.php'; }
Just a word of warning, that coding is extremely insecure. You should parse the posted data to prevent SQL injection.
Another note, use require/include_once instead of include. If you use include_once or require_once it'll only include a file once instead of multiple times if you include it multiple times.