On Mar 28, 2008, at 12:40 PM, Eric Butera wrote:
On Fri, Mar 28, 2008 at 12:28 PM, Jason Pruim <[EMAIL PROTECTED]> wrote:$chpwold[] = mysqli_query($chpwpostlink, $oldpasswordquery) or die("Sorry read failed: ". mysqli_error($chpwpostlink)); $chpwresult = $chpwold[0];Why would you pump that into an array instead of just calling it result itself? I'd say you're just making it harder on yourself for no apparent reason. The problem seems to be on your other line. $chpwrow[] = mysqli_fetch_assoc($chpwresult) or die('Sorry it didn\'t work....' .mysqli_error($chpwpostlink)); echo $chpwrow['loginPassword']; Just fetch the row into a single variable and not an array. In your example you'd need to access chpwrow[0]['loginPassword'] assuming it was an empty array up to that point. Calling things old query and old password isn't really adding any value to your code. If you're only going to use it once then throw it away call it result so it is easier to read and understand. But then again feel free to ignore this.
In the scope of my application since I'm checking the currently stored password before updating to a new password $oldpasswordquery makes sense, at least to me :)
Also is there a reason why you aren't using prepared statements?
a prepared statement seemed like alot of overkill for a simple check to see if the old pass matches what was stored in the database... And I didn't realize that you could use prepared statements for SELECTing rather then UPDATEing... But I'll look into that more, since I know that prepared statements make it much harder to do Sql injection attacks....
-- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
-- Jason Pruim Raoset Inc. Technology Manager MQC Specialist 3251 132nd ave Holland, MI, 49424-9337 www.raoset.com [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
