I tried searching for my problem, but nothing came up...


I am trying to crate a page that, after login in, admin can update their password.  

Why is it that, no matter who logs in, it keeps changing the same users PSWRD (not user who logged in)?

Quote:

Why is it that, no matter who logs in, it keeps changing the same users PSWRD (not user who logged in)?

Without seeing your server-side code and/or your SQL, it would be somewhat difficult to answer this question.

Greg
"Personally, I am always ready to learn, although I do not always like being taught." - Winston Churchill

Im not sure it this will help...


MY Recordset:

<%
Dim RS_Password
Dim RS_Password_numRows

Set RS_Password = Server.CreateObject("ADODB.Recordset")
RS_Password.ActiveConnection = MM_CN_VZThot_STRING
RS_Password.Source = "SELECT * FROM Employees"
RS_Password.CursorType = 0
RS_Password.CursorLocation = 2
RS_Password.LockType = 1
RS_Password.Open()

RS_Password_numRows = 0
%>





My Form:

<form name="form1" method="POST" action="<%=MM_editAction%>">
Password
<input type="text" name="textfield">
  Re-Enter
  <input type="text" name="textfield2">
  <input type="submit" name="Submit" value="Submit">
  <input type="hidden" name="MM_update" value="form1">
  <input type="hidden" name="MM_recordId" value="<%= RS_Password.Fields.Item("TechName").Value %>">
</form>

What about the 'Update' sql? What have you tried so far?

I'm stuck so don't know what to try.



' *** Update Record: construct a sql update statement and execute it

If (CStr(Request("MM_update")) <> "" And CStr(Request("MM_recordId")) <> "") Then

  ' create the sql update statement
  MM_editQuery = "update " & MM_editTable & " set "
  For MM_i = LBound(MM_fields) To UBound(MM_fields) Step 2
    MM_formVal = MM_fields(MM_i+1)
    MM_typeArray = Split(MM_columns(MM_i+1),",")
    MM_delim = MM_typeArray(0)
    If (MM_delim = "none") Then MM_delim = ""
    MM_altVal = MM_typeArray(1)
    If (MM_altVal = "none") Then MM_altVal = ""
    MM_emptyVal = MM_typeArray(2)
    If (MM_emptyVal = "none") Then MM_emptyVal = ""
    If (MM_formVal = "") Then
      MM_formVal = MM_emptyVal
    Else
      If (MM_altVal <> "") Then
        MM_formVal = MM_altVal
      ElseIf (MM_delim = "'") Then  ' escape quotes
        MM_formVal = "'" & Replace(MM_formVal,"'","''") & "'"
      Else
        MM_formVal = MM_delim + MM_formVal + MM_delim
      End If
    End If
    If (MM_i <> LBound(MM_fields)) Then
      MM_editQuery = MM_editQuery & ","
    End If
    MM_editQuery = MM_editQuery & MM_columns(MM_i) & " = " & MM_formVal
  Next
  MM_editQuery = MM_editQuery & " where " & MM_editColumn & " = " & MM_recordId

  If (Not MM_abortEdit) Then
    ' execute the update
    Set MM_editCmd = Server.CreateObject("ADODB.Command")
    MM_editCmd.ActiveConnection = MM_editConnection
    MM_editCmd.CommandText = MM_editQuery
    MM_editCmd.Execute
    MM_editCmd.ActiveConnection.Close

    If (MM_editRedirectUrl <> "") Then
      Response.Redirect(MM_editRedirectUrl)
    End If

Is your hidden field (<input type="hidden" name="MM_recordId" value="<%= RS_Password.Fields.Item("TechName").Value %>">) equal to what you think it should be?

Greg
"Personally, I am always ready to learn, although I do not always like being taught." - Winston Churchill

"SELECT * FROM Employees"
you need to filer the recordset for cridential supplied in the form/page prior to pulling into hidden field.
=========================
<%= RS_Password.Fields.Item("TechName").Value %>
=========================

this value is most likely the 1st returned....
logic would be:
login form-->
validate user/pass -->
if valid (found in recordset) return uniqueID (TechName)--->
this ID will then be populated into your hidden field of
<%= RS_Password.Fields.Item("TechName").Value %>

then and only then you will be able to update the correct record.
All the best!

:--------------------------------------:
  

  All around in my home town,
  They tryin' to track me down...