Update db function not working

luds

I've got a page that displays a site members details.....

<?php

function get_user_info()
{
//extract user info from db
$userName = $_SESSION['valid_user'];

if (!($conn = db_connect()))
	return false;
$result = mysql_query( "select * from client_details where userName = '$userName'")  

				or die ("couldn't execute.");


$num_results = mysql_num_rows($result);

echo '<h3 align="center">Welcome '.$_SESSION['valid_user'].'!  </br>
		Here are your personal details.</h3>';
for ($i=0; $i <$num_results; $i++)
	{
	$row = mysql_fetch_array($result);
?>

<form action="personal_update.php" method="post">
<table>
<tr>
 <td width="20%" align="left"><h3>Username:</h3></td><td><h3><?php echo ($row['userName']); ?></h3></td>
 </tr>
 <tr>
 <td align="left"><h3>First name:</h3></td><td><h3><?php echo ($row['firstName']); ?></h3></td>
 </tr>
 <tr>
 <td align="left"><h3>Surname:</h3></td><td><h3><?php echo ($row['lastName']); ?></h3></td>
 </tr>
 <tr>
 <td align="left"><h3>Email:</h3></td><td><h3><?php echo ($row['email']); ?></h3></td>
 </tr>
 <tr>
 <td align="left"><h3>Address:</h3></td><td><h3><?php echo ($row['address']); ?></h3></td>
 </tr>
 <tr><td><input type=hidden name=passwd value="<?php echo ($row['passwd']); ?>"></td></tr>
  <tr><td><input type="submit" value="Update Details"></td></tr>

  </table>
	</form>	
<?php
	}
}	
?>

If the user wants to update any fields then they are sent to the next page...

<?php
function update_details($userName, $passwd)
{
//extract user info from db
$userName = $_SESSION['valid_user'];

if (!($conn = db_connect()))
	return false;
$result = mysql_query( "select * from client_details where userName = '$userName'")  

				or die ("couldn't execute.");


$num_results = mysql_num_rows($result);

echo '<h3 align="center">'.$_SESSION['valid_user'].'!  </br>
		Please update the relevant fields .</h3>';
for ($i=0; $i <$num_results; $i++)
	{
	$row = mysql_fetch_array($result);
?>

<form action="personal_details.php" method="post">
<table>
<tr>
 <td width="20%" align="left"><h3>Username:</h3></td>
 <td><h3><input type=text name=userName size="20" value="<?php echo ($row['userName']); ?>"></h3></td>
 </tr>
 <tr>
 <td align="left"><h3>First name:</h3></td>
 <td><h3><input type=text name=firstName size="20" value="<?php echo ($row['firstName']); ?>"></h3></td>
 </tr>
 <tr>
 <td align="left"><h3>Surname:</h3></td>
 <td><h3><input type=text name=lastName size="20" value="<?php echo ($row['lastName']); ?>"></h3></td>
 </tr>
 <tr>
 <td align="left"><h3>Email:</h3></td>
 <td><h3><input type=text name=firstName size="40" value="<?php echo ($row['email']); ?>"></h3></td>
 </tr>
 <tr>
 <td align="left"><h3>Address:</h3></td>
 <td><h3><input type=text name=firstName size="50"  value="<?php echo ($row['address']); ?>"></h3></td>
 </tr>
 <tr><td><input type=hidden name=passwd value="<?php echo ($row['passwd']); ?>"></td></tr>
  <tr><td><input type="submit" value="Update Details"></td></tr>

 </table>
	</form>	
<?php
	}

update_db($userName, $passwd);

}
?>

The update_db() is

function update_db($userName, $passwd)

// register new person with db
// return true or error message
{

 // connect to db

  $conn = db_connect();
  if (!$conn)
    return 'Could not connect to database server - please try later.';

  // check if userName is unique 
  $result = mysql_query("select * from client_details where userName = '$userName'"); 
  if (!$result)
     return 'Could not execute query';
  if (mysql_num_rows($result)>0) 
     return 'Username already in use Please choose another one.';

 // email address not valid
   if (!valid_email($email))
   {
	  echo '<h2>Problem!</h2>';      

	  echo '<p>That is not a valid email address.  Please go back '
           .' and try again.</p>';
      echo '<h3 align="center"><a href="register_form.php">Return to the Registration Form</h3>';
      exit;
   } 
  // if ok, put in db
  $result = mysql_query("UPDATE client_details SET
	firstName = '.$firstName.', lastName = '.$lastName.', address = '.$address.',
					 email = '.$email.', userName = '.$userName.' 
                      where passwd = password('.$passwd.')");


  if (!$result)
    return 'Could not update your records in the database - please try again later.';

  return true;
}
?>

but.... the details are not being updated... all that gets returned is the original data!

Can someone please point me in the right direction?

Thanks
luds

lanjoky

Where you have:

$result = mysql_query("UPDATE client_details SET 
    firstName = '.$firstName.', lastName = '.$lastName.', address = '.$address.', 
                     email = '.$email.', userName = '.$userName.' 
                      where passwd = password('.$passwd.')");

Try:

$result = mysql_query("UPDATE client_details SET 
    firstName = '".$firstName."', lastName = '".$lastName."', address = '".$address."', 
                     email = '".$email."', userName = '".$userName."' 
                      where passwd = password('".$passwd."')");

Basically all I did was add " near your ' to make sure the variables were getting concatinated to the string properly

HTH

luds

Thanks for the reply, lanjoky.... but still no joy I'm afraid :¬(

I'm assuming that the problem is the update_db().

I've inputed userNames that are already in the db and invalid email address, and the error messages are not returned...but I'm not getting any php errors generated

luds

bump!