Original geschrieben von Brecherle
Jo geht jetzt.
Jo geht jetzt.
Aber jetzt mag er meine alten eingaben nicht mehr
ausgabe?
fehlermeldung?
lass dir doch nich alles aus der nase ziehen
UPDATE users SET userpass=MD5('') username=('') userlevel=('3') usermail=('') name=('Torsten Gadegast') WHERE userid=7 AND userpass=MD5('')You have an error in your SQL syntax near 'username=('') userlevel=('3') usermail=('') name=('Torsten Gadega' at line 3
print_r($_POST);
Array ( [UserName] => torti [userpassalt] => torti [userpassneu] => torti55 [UserMail] => [email]torsten.gadegast@kev-hannover-indians.de[/email] [name] => Torsten Gadegast [userlevel] => 3 [UserID] => 7 [eintrag] => Abschicken ) UPDATE users SET userpass=MD5('torti55'), username=torti, userlevel=3, usermail=torsten.gadegast@kev-hannover-indians.de, name=Torsten Gadegast, WHERE userid=7 AND userpass=MD5('torti')You have an error in your SQL syntax near '@kev-hannover-indians.de, name=Torsten Gadegast, WHERE userid=7 AND userpa' at line 5
<?
$sql="UPDATE users
SET userpass=MD5('".$userpassneu."'),
username=".$_POST['UserName'].",
userlevel=".$_POST['userlevel'].",
usermail=".$_POST['UserMail'].",
name=".$_POST['name']."
WHERE userid=".$_POST['UserID']." AND userpass=MD5('".$userpassalt."')";
print_r($_POST);
echo $sql;
mysql_query($sql) or die(mysql_error());?>
<?
$sql="UPDATE users
SET userpass=MD5('".$userpassneu."'),
username=".$_POST['UserName'].",
userlevel=".$_POST['userlevel'].",
usermail=".$_POST('".$UserMail."'",
name=".$_POST['name']."
WHERE userid=".$_POST['UserID']." AND userpass=MD5('".$userpassalt."')";
print_r($_POST);
echo $sql;
mysql_query($sql) or die(mysql_error());?>
<?
$sql="UPDATE users
SET userpass=MD5('".$userpassneu."'),
username=".$_POST['UserName'].",
userlevel=".$_POST['userlevel'].",
usermail=".$_POST'.UserMail.'",
name=".$_POST['name']."
WHERE userid=".$_POST['UserID']." AND userpass=MD5('".$userpassalt."')";
print_r($_POST);
echo $sql;
mysql_query($sql) or die(mysql_error());?>
<?
$sql="UPDATE users
SET userpass=MD5('".$userpassneu."'),
username=".$_POST['UserName'].",
userlevel=".$_POST['userlevel'].",
usermail=".$_POST['UserMail']",
name=".$_POST['name']."
WHERE userid=".$_POST['UserID']." AND userpass=MD5('".$userpassalt."')";
print_r($_POST);
echo $sql;
mysql_query($sql) or die(mysql_error());?>
Parse error: parse error, unexpected ',' in /home/www/web8/html/test/links/acc/inc/userupdate.inc on line 6
<?
$sql="UPDATE users
SET userpass=MD5('".$userpassneu."'),
username=".$_POST['UserName'].",
userlevel=".$_POST['userlevel'].",
usermail='".$_POST['UserMail']."'",
name=".$_POST['name']."
WHERE userid=".$_POST['UserID']." AND userpass=MD5('".$userpassalt."')";
print_r($_POST);
echo $sql;
mysql_query($sql) or die(mysql_error());?>
Parse error: parse error, unexpected '=' in /home/www/web8/html/test/links/acc/inc/userupdate.inc on line 7
function get_id()
{
if (!logged_in())
return NULL;
$sql="SELECT userid
FROM users
WHERE usersession='".session_id()."'";
$result=mysql_query($sql);
if ($row=mysql_fetch_assoc($result))
return $row['userid'];
else
return NULL;
}
function has_access($level)
{
$id=get_id();
if (is_null($id))
return false;
$sql='SELECT userlevel
FROM users
WHERE userid='.$id;
$result=mysql_query($sql);
$row=mysql_fetch_assoc($row);
return ($row['userlevel']>=$level);
}
$sql="UPDATE users
SET userpass=MD5('".$userpassneu."'),
"username='".$_POST['UserName']."'",
"userlevel='".$_POST['userlevel']."'",
"usermail='".$_POST['UserMail']."'",
"name='".$_POST['name']."'"
Kommentar