search

thedigicraft / Atom.CMS

Atom.CMS
56 stars 52 forks source link

Can't update user # 58 #144

Closed msecursus closed 8 years ago

msecursus commented 8 years ago

MARIA this is my problem and my code. CAN SOMEBODY HELP???? using newest version :juli 2015! and using:windows 8

User could not be updated because: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE id =' at line 1

UPDATE users SET first = 'me2', last = 'meme', status = 1, WHERE id = <?php

switch ($page) { case 'dashboard':

break;

case 'pages':

  if(isset($_POST['submitted']) == 1) {

        $title = mysqli_real_escape_string($dbc, $_POST['title']);
        $label = mysqli_real_escape_string($dbc, $_POST['label']);
        $header = mysqli_real_escape_string($dbc, $_POST['header']);
        $body = mysqli_real_escape_string($dbc, $_POST['body']);

  if(isset($_POST['id']) != '') {

            $action = 'updated';
            $q = "UPDATE pages SET user = $_POST[user], slug = '$_POST[slug]', title = '$title', label = '$label', header = '$header', body = '$body' WHERE id = $_GET[id]";

        } else {

            $action = 'added';
            $q = "INSERT INTO pages (user, slug, title, label, header, body) VALUES ($_POST[user], '$_POST[slug]', '$title', '$label', '$header', '$body')";

        }

        $r = mysqli_query($dbc, $q);

            if($r){

                $message =  '<p>user was '.$action.' </p>';

            } else {

                $message =  '<p>user could not be '.$action.' because: '.mysqli_error($dbc);
                $message .=  '<p>'.$q.'</p>';
            }

    }
if(isset($_GET['id'])) { $opened = data_page($dbc, $_GET['id']); }

break;

case 'users':

     if(isset($_POST['submitted']) == 1) {

        $first = mysqli_real_escape_string($dbc, $_POST['first']);
        $last = mysqli_real_escape_string($dbc, $_POST['last']);

     if($_POST['password'] != '') {
        $password = " password = SHA1('$_POST[password]'),";
        }

     if(isset($_POST['id']) != '') {

            $action = 'updated';
            $q = "UPDATE users SET first = '$first', last = '$last', $password status = $_POST[status], WHERE id = $_GE[id]";

        } else {

            $action = 'added';
            $q = "INSERT INTO users (first, last, password, status) VALUES ('$first', '$last', SHA1('$_POST[password]'), '$_POST[status]')";

        }

        $r = mysqli_query($dbc, $q);

            if($r){

                $message =  '<p>User was '.$action.'!</p>';

            } else {

                $message =  '<p>User could not be '.$action.' because: '.mysqli_error($dbc);
                $message .=  '<p>'.$q.'</p>';
            }
     }

if(isset($_GET['id'])) { $opened = data_user($dbc, $_GET['id']); }

break;

case 'settings':

break;

default:

break;

}

?> seen all the issues have done this: <?php if(isset($opened['id'])) { ?> <?php } ?>ETC<?php } ?>in users.php this didn't help

JasonMate commented 8 years ago

Do you have this code at the bottom of your form?

<?php if(isset($opened['id'])) { ?>
  <input type="hidden" name="id" value="<?php echo $opened['id']; ?>">
<?php } ?>
JasonMate commented 8 years ago

Just noticed this: $q = "UPDATE users SET first = '$first', last = '$last', $password status = $_POST[status], WHERE id = $_GE[id]";

The last part of this query needs to say:

WHERE id = $_GET[id]

msecursus commented 8 years ago

before i had get and post.. just tying ..and than i forget that missing t .it was there but didn't work.it still doesn't work. yes i have that code in my users.php

JasonMate commented 8 years ago

remove the comma after $_POST[status]

like this:

$q = "UPDATE users SET first = '$first', last = '$last', $password status = $_POST[status] WHERE id = $_GET[id]";

msecursus commented 8 years ago

User was updated Case Closed!!!!! thanks