php - My code will not write into mysql database -
i have created log in system , trying add reset password code it. seems working fine except not writing mysql database. appreciated.
<?php if(isset($_post['submit'])){ $mycode = ($_post['code']); $mynewpass = ($_post['password']); $myconfpass = ($_post['password1']); //checks if fields filled if( (empty($mynewpass)) || (empty($myconfpass)) || (empty($mycode)) ){ $errors[] = '<center>all fields must filled in.<center>'; } //check if passwords match if ($mynewpass != $myconfpass){ $errors[] = '<center>your passwords not match</center>'; } if (!empty($errors)){ foreach($errors $error){ echo '<strong>',$error ,'</strong><br />'; } }else{ include 'grubconfig.php'; mysql_connect($host, $user, $password) or die(mysql_error()); mysql_select_db($database) or die(mysql_error()); // change password $mychk = mysql_query(" select * customer passreset = '$mycode' "); if(mysql_num_rows($mychk) == 1) mysql_query("upadte customer set password='$mynewpass' passreset='$mycode'"); mysql_query("upadte customer set passreset='0' passreset='$mycode'"); echo '<center>your password has been reset please click <a href="grublogin.php">here !</a><center>'; } } ?>
typos:
mysql_query("upadte customer set password='$mynewpass' passreset='$mycode'"); ^^^^^^--- update (swap d , a) never assume queries succesful. check errors:
$result = mysql_query($sql) or die(mysql_error()); ^^^^^^^^^^^^^^^^^^^^^^-- bare minimum error handling you wide open sql injection attacks. you'd better read them , fix holes before deploy code.
Comments
Post a Comment