Home/ Questions/Q 622209
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T18:57:35+00:00

I am editing my application form.So what i am Doing telling you here..I am

  • 0

I am editing my application form.So what i am Doing telling you here..I am already logged in

  • First of all i am giving a edit link(edit_profile1.php) on my home page
  • NOw i am asking again for username and password so that unauthorized user can not making editing in your profile
  • NOw on edit_profile1.php i am checking username and password sent by user to the username and password stored in database
  • If username and password are correct then i am redirected to edit_profile2.php
  • Here I am creating a form with same text boxes as i used in filling the application form(i am using same name for boxes).Here is a button with name update

For the last page edit_profile3.php i am giving coading here

<?php

    $con=mysql_connect("localhost","root","");
        if(!$con)
        {
        die('Could Not Connect:'.mysql_error());
        } 
        mysql_select_db("tcs",$con);

$usr=$_POST["username"];                 
$pwd=hash('sha1',$_POST['password']);   

$query="select * from employee where Username='$usr' and Password='$pwd'";   

$result=mysql_query($query,$con);


if ($result) 
{

$row=mysql_fetch_array($result);
$sql="update employee set ($row['Username']=$usr,$row['Password']=$pwd");

$deepak=mysql_query($sql,$con);

if($deepak)
{
    echo "Updation Successfull"
}

}
?>

Now when i excute this error is coming like this
Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in F:\Study Material\Linux\xampp\htdocs\edit_profile3.php on line 21

Line number 21 is 
 $sql="update employee set ($row['Username']=$usr,$row['Password']=$pwd");

NOw i am not getting where i am getting wrong.Plz also tell me is there any other method for updating application forms any another logic.Plz check out above.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Apart from the problem with the parentheses that others have already pointed out, shouldn’t it be like this?

    "update employee set password=$pwd WHERE username=$usr"

    If you also want to change the username, do something like this:

    "update employee set username=$new_username, password=$pwd WHERE username=$old_username"

    See the UPDATE documentation for MySQL for a description of the syntax.

    Also, putting strings like this directly into SQL queries is risky – if you’re not careful you could leave an SQL injection invulnerability. You should use query parameters to ensure that your code is secure. Read more about it from this question on StackOverflow.

    • 0