Help with PHP query (complete newb)

LatinP

$sha_password = SHA1(strtoupper($vbulletin->userinfo['username']).':'.strtoupper($vbulletin->GPC['newpassword'])); 
$temp_username = mysql_real_escape_string($vbulletin->userinfo['username']); 
$db->query_write("UPDATE `logon`.`account` SET `sha_pass_hash` ='" . $sha_password . ", SET `v`='"0"', SET `s`='"0"',' WHERE `username`='" . $temp_username . "'");

What I have up there is a piece of code from a pasword reset script that I need for forum integration to another database. The other database is a logon db for a game server, my problem is I'm a complete newb when it comes to PHP and I need the query to reset the "v" and "s" tables in the logon to 0 so the webserver side of things can work correctly, but since I have no idea what I'm doing the above fails to do so. Any help would be greatly appreciated!

bradgrafelman

Welcome to PHPBuilder! When posting PHP code, please use the board's [noparse]

..

[/noparse] bbcode tags as they make your code much easier to read and analyze.

As for your issue, you've got two problems:

You've got a couple of PHP syntax errors; you've got multiple literal double quotes appearing inside of a string delimited with double quotes. To do this, you need to escape the literal double quotes with backslashes; see the manual page for [man]string[/man] for more info and examples.

However, note that a bigger problem with these double quotes is that they shouldn't even be there. In fact, neither should the single quotes if the v and s columns are numeric (since quotes are used to delimit strings, not numeric values).
Take a look at the manual page for the UPDATE syntax; there should be only one 'SET' keyword with a comma-delimited list of column-value pairs.

LatinP

the "v" and "s" columns are not for digits at all, it's actually part of some type of encrypted hash code, looking at other users the other columns look like this:

v:
86B327C5951A00BAB96E64A20D7204D0DEF0030C2367B79FD7F85F47ED647C4D

s:
FD1761C95FABC570DF3721DAA79B341BCBADDA0980734680450F97EDFDD1CF6F

I don't know exactly what they do but I know they are a part of the password system... that's over my head. The reason why I need v and s set to 0 is because unless the script does so the password on the forum changes correctly but not the game server side of things. I just need those to columns to be set to 0.

bradgrafelman

Ah, so you don't want them set equal to 0 (the number zero), but rather '0' (a string of length one).

In that case, ignore the part above about removing the single quotes.

LatinP

I tried:

$sha_password = SHA1(strtoupper($vbulletin->userinfo['username']).':'.strtoupper($vbulletin->GPC['newpassword'])); 
$temp_username = mysql_real_escape_string($vbulletin->userinfo['username']); 
$db->query_write("UPDATE `logon`.`account` SET `sha_pass_hash` ='" . $sha_password . ", SET `v` = '0', SET `s` = '0', ' WHERE `username`='" . $temp_username . "'");

That didn't seem to change anything, so you're saying I should try something like:

$sha_password = SHA1(strtoupper($vbulletin->userinfo['username']).':'.strtoupper($vbulletin->GPC['newpassword'])); 
$temp_username = mysql_real_escape_string($vbulletin->userinfo['username']); 
$db->query_write("UPDATE `logon`.`account` SET `sha_pass_hash` ='" . $sha_password . ", SET `v` '0', SET `s` '0', ' WHERE `username`='" . $temp_username . "'");

Instead?

bradgrafelman

Er, why did you get rid of the equal sign? I never even mentioned that at all.

Again, other than the quote issues (which you've now resolved), your only other issue was with the SQL query syntax; UPDATE queries should not have multiple instances of the 'SET' keyword - only one. Relevant part of the MySQL manual page I linked to above:

SET col_name1={expr1|DEFAULT} [, col_name2={expr2|DEFAULT}] ...

(Note that the 'SET' keyword was not repeated for the 2nd or nth column-value pair.)

LatinP

I think my brain just farted, lol! I apologize PHP is beyond new to me. I actually only deal with in-game issues and answer questions for users. Our "web guy" is currently MIA and I have a server with a few users that can't login because they changed their password after he installed this script and forgot to add the part where v and s are suppose to reset to 0. I really hate to ask but do you think you could help me put all of those pieces together to make this work again?

LatinP

Really sorry for the double post I don't see an edit button anywhere I now tried:


$sha_password = SHA1(strtoupper($vbulletin->userinfo['username']).':'.strtoupper($vbulletin->GPC['newpassword'])); 
$temp_username = mysql_real_escape_string($vbulletin->userinfo['username']); 
$db->query_write("UPDATE `logon`.`account` SET `sha_pass_hash` ='" . $sha_password . ", SET `v` = '"0"', `s` = '"0"', ' WHERE `username`='" . $temp_username . "'");

But v and s never changed, I'm so confused.

Derokorian

you still have TWO SET key words... before sha_pass_hash and before v