On Tue, Mar 25, 2008 at 1:14 PM, Jason Pruim <[EMAIL PROTECTED]> wrote:
>  the actual query I'm using is this:
>         $chpwsql = "UPDATE current SET customerName='$customerName',
>  loginName='$loginName', loginPassword='$PW', email='$email',
>  adminLevel='$adminLevel' WHERE Record='$Record1'";
>  What it is doing now is if I don't set a a field I am replacing the
>  content of it with a tab, which isn't what I want. Basically what I'm
>  looking for is if loginPassword hasn't changed... don't clear the
>  contents of it. if it has changed, then update loginPassword

    Okay, since you won't only want to rely on isset() here (in case
someone accidentally hits a key into the field), try this:

// NOTE: This assumes prior sanity checks and cleansing
// of variables, and is written like so to avoid breaking
// of the query due to mail client-enforced line breaks.
$chpwsql  = "UPDATE current SET ";
$chpwsql .= "customerName='".$customername."',";
$chpwsql .= "loginName='".$loginName."',";
if(preg_match('/^[a-z0-9]{5,16}$/i',$PW)) {
    // If it's between 5-16 case-insensitive alphanumeric
    // characters, it's all good. If you want to allow symbols,
    // simply modify the regexp accordingly.
    $chpwsql .= "loginPassword='".$PW."',";
$chpwsql .= "email='".$email."',";
$chpwsql .= "adminLevel='".$adminLevel',";
$chpwsql .= " WHERE Record='".$Record1."'";
$chpwsql .= " LIMIT 1";

</Daniel P. Brown>
Forensic Services, Senior Unix Engineer
1+ (570-) 362-0283

PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to