Ok...I'm using a mySQL DB and this code snippet is part of a login process that is called from a flex coded swf
The code essentially does two things:
1) Checks for existance of a record and then checks period difference if that record exists
If the record exists and is older than six months it will do an update query
2) If no record exists it will use an insert
WHAT"S HAPPENNING...the insert works great...and the update query works except the values for Company and LastName are removed and no value is stored in the database
Why? That is the ten million dollar question...why is the update portion of this code not updating the Company and LastName fields?
Code Below
//This function handles the request from the Update Contact Information popup window in flex to update the records in the database
function updateContactInformation() {
//Initialize variable for result
$Result = false;
//ESTABLISH A CONNECTION WITH THE DATABASE
global $Return;
global $mysql;
global $username;
//ACQUIRE VALUES FROM THE HTTPS REQUEST(FLEX)
//mysql_real_escape_string is used to ensure no code is injected into the input fields
$uUCI_MSUN = mysql_real_escape_string($username); //value used in DB to associate login username with the users formal name
$uUCI_firstname = mysql_real_escape_string($_POST['firstname']);//first name of user
$uUCI_lastname = mysql_real_escape_string($_POST ["lastname"]);//last name of user
$uUCI_company = mysql_real_escape_string($_POST ["company"]);//Name of users company
$uUCI_email = mysql_real_escape_string($_POST["email"]); //email of the user
$uUCI_phone = mysql_real_escape_string($_POST["phone"]); //phone # of the user
//** Note: we do not collect time as the database will automatically update the Last_Updated_Date field with a new timestamp when the record is added or modified
//CHECK TO SEE IF A RECORD EXISTS FOR THE USER ***by checking number of rows returned in a query for login username
if(mysql_num_rows(mysql_query("SELECT MS_UserName FROM usercontactinformation WHERE MS_UserName = '" . $uUCI_MSUN . "'"))){
// UPDATE RECORD IN DATABASE
$query2 = "UPDATE usercontactinformation SET FirstName = '" . $uUCI_firstname . "', LastName = '" . $uUCI_lastname . "', Company = '" . $uUCI_company . "', Email = '" . $uUCI_email . "', Phone = '" . $uUCI_phone ."' WHERE idUserContactInformation = " . getUID($username) . " ;";
//send Request to mySQL
$Result = mysql_query($query2, $mysql);
} else {
//INSERT NEW RECORD INTO DATABASE
$query ="INSERT INTO usercontactinformation (MS_UserName,FirstName,LastName,Company,Email,Phone) VALUES('" . $uUCI_MSUN . "','" . $uUCI_firstname . "','" . $uUCI_lastname . "','" . $uUCI_company . "','" . $uUCI_email . "','" . $uUCI_phone . "');";
//send Request to mySQL
$Result = mysql_query($query, $mysql);
}
//RETURN A RESULT TO FLEX
if ($Result) {
$Return .= "<SuccessCode>1</SuccessCode>";
} else {
$Return .= "<SuccessCode>0</SuccessCode>";
}
}
function getUID($username) {
global $mysql; //access Global mysql connection
//Create Query to verify user exists and check difference between current date and Date Last Modified for the Users Contact Information
$query = "Select idUserContactInformation from mydatabasename.UserContactInformation where MS_username = '" . $username . "'";
//Send The Query To the SQL server
$result = mysql_query($query, $mysql);
//parse results and return access level to calling function
while ( $User = mysql_fetch_object( $result ) ) {
return $User->idUserContactInformation;
}
}
$Return .= "</Result>";
print ($Return)
Somone asked for the form values...the below code is a snippet from flex that passes the form value to the PHP file
public function useHttpService():void { //Alert.show("Use HTTPS");
service = new HTTPService();
service.method = "POST";
service.useProxy = false;
service.url = parentApplication.relativeDir + "/somepath/phpfileprocessinginformation.php";
service.request.req = "updateContactInformation";
service.request.username = parentApplication.User.username;
service.request.password = parentApplication.User.password;
//pass user supplied new information to query
service.request.firstname = firstname.text;
service.request.lastname = lastname.text;
service.request.company = company.text;
service.request.email = email.text;
service.request.phone = phone.text;
service.addEventListener(ResultEvent.RESULT, httpResult);
service.addEventListener(FaultEvent.FAULT, httpFault);
service.send();
}