tags:

views:

78

answers:

4
Q: 

Updating sql database problem php

Hey, I am trying to make a password retrieval system on my site, and I am having problems updating the password reset field in my database. I have tried everything, but nothing seems to work.

This is my code so far:

$passwordreset = md5(mt_rand()) . md5(mt_rand()) . md5(mt_rand());




$con = mysql_connect("localhost","XXX","XXX");

if (!$con)

  {

  die('Could not connect: ' . mysql_error());

  }



mysql_select_db("database", $con);




mysql_query("UPDATE members SET passwordreset = $passwordreset 

WHERE id = $id");

When I try to insert the data I get the error:

Error: Query was empty

Any help would be appreciated, Thanks.

A: 

Are the two line breaks after $passwordreset intentional? Can you try remoivng them?

Pekka  2009-12-17 12:01:17
They shouldn't be a problem. I have lots of long MySQL statements here with line breaks and php / MySQL have no problems with them.
flokra  2009-12-17 12:46:30
A: 

I am not sure, if you get an empty query error for this, but you need ticks around the values:

mysql_query("UPDATE members SET passwordreset = '$passwordreset' WHERE id = '$id'");
Residuum  2009-12-17 12:01:21
+1  A: 

Not sure it's the only problem, but I'm guessing your passwordreset field is a string, in the database -- to store a concatenation of several md5, which are strings, it has to.

So, there should be quotes arround the value you put in this field, in the SQL query :

mysql_query("UPDATE members SET passwordreset = '$passwordreset' WHERE id = $id");


And, in a general case, you should escape your string values with mysql_real_escape_string :

mysql_query("UPDATE members SET passwordreset = '" 
    . mysql_real_escape_string($passwordreset) 
    . "' WHERE id = $id");

It won't change anything here, as there is no quote in a md5... But it's a good practice to always do it, to never find yourself in a situation where it was necessary and you didn't do it.

Pascal MARTIN  2009-12-17 12:02:09
Thanks for your reply, still doesn't work, getting the same error
Crazyd22  2009-12-17 12:12:15
A: 

I guess the backticks around the names of the columns are missing, try:

mysql_query("UPDATE members SET `passwordreset` = '$passwordreset' WHERE `id` = '$id'");

HTH,

flokra

flokra  2009-12-17 12:03:53

related questions

What language do you use for Postgresql triggers and stored procedures?
Are Multiple DataContext classes ever appropriate?
Which tools do people use to create Data Dictionaries?
Any experiences with Protocol Buffers?
Mechanisms for tracking DB schema changes
How big can a MySQL database get before performance starts to degrade.
How do I index a database field
How does database indexing work?
How do I connect to a database and loop over a recordset in C#?
Editing database records by multiple users
Object Oriented vs Relational Databases
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
Embedded Database for .net that can run off a network
Connect PHP to an AS/400
Swap unique indexed column values in database.
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?
.NET Migrations Engine
Is there a version control system for database structure changes?
SQLite and XSD
How do I version my MS SQL database in SVN?
XSD DataSets and ignoring foreign keys
Flat File Databases in PHP
Throw Error In MySQL Trigger
Binary Data in MySQL