problem updating database

fearfx

in my members section members can update there contact information..

if (isset($_POST['submit'])) {
	 $query = 'UPDATE wsd_members SET ';
	  $query .= "first_name = '" . prepareData($_POST['fname']) . "'" . ',';
	  $query .= "last_name = '" . prepareData($_POST['lname']) . "'" . ',';
	  $query .= "address = '" . prepareData($_POST['address']) . "'" . ',';
	  $query .= "city = '" . prepareData($_POST['city']) . "'" . ',';
	  $query .= "zip = '" . prepareData($_POST['zip']) . "'" . ',';
	  $query .= "WHERE username = '" . addslashes($_SESSION['username']) . "'";

  $confirm = 'Contact Information Updated.';
	unset($_POST);
  }
  else {
	 $error = mysql_error();
  }

when I submit, it doesn't actually update the database ? now why is that?

rulian

you never run the query
mysql_query($query) anywhere

cahva

If Im not completelely blind I see and exra "," character in the query:

$query .= "zip = '" . prepareData($_POST['zip']) . "'" . ',';

..Should be

$query .= "zip = '" . prepareData($_POST['zip']) . "' ";

Also I dont see the actual query sent to mysql ( mysql_query($query) ).

And btw, that if sentence dont make much sense. Now its done so that if submit is pressed it does the query, else its printing mysql_error(). That mysql_error should be put after the query is made to see what was wrong.