I am attempting to write a script that will update records in the Users table. I am using the following syntax in the modify script:
my $email = $in->param('Email');
my $email_perm = $in->param('Email_Permission');
my $password = $in->param('Password');
my $username = $in->param('Username');
my $user_perm = $in->param('Username_Permission');
# Get the link.
$db = new Links::DBSQL "$LINKS{admin_root_path}/defs/Users.def";
$rec = $db->get_user_record ($username, 'HASH');
my $title_linked = &build_linked_cgi_title ("Modify Account/Error: Unable to Process Form");
$rec or &site_html_error ( { error => "Invalid Account!", title_linked => $title_linked}, $dynamic),return;
# Convert to hash.
foreach $key (keys %{$rec}) {
$original->{$key} = $rec->{$key};
}
$status = $rec->{'Status'} = $original->{'Status'};
$userid = $rec->{'UserID'} = $original->{'UserID'};
$validation = $rec->{'Validation'} = $original->{'Validation'};
# Update User Table.
$rec = $db->prepare ("SELECT 1 FROM Users WHERE UserID = $userid");
$rec->execute();
$db->do ("UPDATE Users SET UserID=$userid, Username=$username, Password=$password, Email=$email, Email_Permission=$email_perm, Username_Permission=$user_perm, Validation=$validation, Status=$status WHERE UserID = $userid");
Mind you that this is not the complete processing sub.
When I go through the forms and submit the final confirmation form, I get the following error message:
DBSQL (27731): Fatal Error: Unable to execute query: UPDATE Users SET UserID=value, Username=value, Password=value, Email=value@anthrotech.com, Email_Permission=value, Username_Permission=value, Validation=value, Status=value WHERE UserID = value. Reason: You have an error in your SQL syntax near '@anthrotech.com, Email_Permission=value, Username_Permission=value, Validation=value' at line 1 at /somepath/modacct.cgi line 239
I have bolded line 239 in the first set of codes. I also have replaced the actual values of the fields with value for security purposes. The edited values are correct. That does not seem to be a problem.
I believe that the @ in the email address is being interpreted as an array, which is causing the script to choke.
Any thoughts about how to fix these codes would be greatly appreciated.
Thanks in advance.
BTW: I have read through many chapters of the MySQL manual regarding the UPDATE operation with no success.
Regards,
Eliot Lee
Code:
my $email = $in->param('Email');
my $email_perm = $in->param('Email_Permission');
my $password = $in->param('Password');
my $username = $in->param('Username');
my $user_perm = $in->param('Username_Permission');
# Get the link.
$db = new Links::DBSQL "$LINKS{admin_root_path}/defs/Users.def";
$rec = $db->get_user_record ($username, 'HASH');
my $title_linked = &build_linked_cgi_title ("Modify Account/Error: Unable to Process Form");
$rec or &site_html_error ( { error => "Invalid Account!", title_linked => $title_linked}, $dynamic),return;
# Convert to hash.
foreach $key (keys %{$rec}) {
$original->{$key} = $rec->{$key};
}
$status = $rec->{'Status'} = $original->{'Status'};
$userid = $rec->{'UserID'} = $original->{'UserID'};
$validation = $rec->{'Validation'} = $original->{'Validation'};
# Update User Table.
$rec = $db->prepare ("SELECT 1 FROM Users WHERE UserID = $userid");
$rec->execute();
$db->do ("UPDATE Users SET UserID=$userid, Username=$username, Password=$password, Email=$email, Email_Permission=$email_perm, Username_Permission=$user_perm, Validation=$validation, Status=$status WHERE UserID = $userid");
Mind you that this is not the complete processing sub.
When I go through the forms and submit the final confirmation form, I get the following error message:
Code:
DBSQL (27731): Fatal Error: Unable to execute query: UPDATE Users SET UserID=value, Username=value, Password=value, Email=value@anthrotech.com, Email_Permission=value, Username_Permission=value, Validation=value, Status=value WHERE UserID = value. Reason: You have an error in your SQL syntax near '@anthrotech.com, Email_Permission=value, Username_Permission=value, Validation=value' at line 1 at /somepath/modacct.cgi line 239
I have bolded line 239 in the first set of codes. I also have replaced the actual values of the fields with value for security purposes. The edited values are correct. That does not seem to be a problem.
I believe that the @ in the email address is being interpreted as an array, which is causing the script to choke.
Any thoughts about how to fix these codes would be greatly appreciated.
Thanks in advance.
BTW: I have read through many chapters of the MySQL manual regarding the UPDATE operation with no success.
Regards,
Eliot Lee