Short, Simple PHP Error.

[Baevus]

I've been working on editing my own version of radiPanel all day.
So basically, if I update a user it updates ALL users info to what's been edited.
Is there a way to implement into this code so if the users id matches then it saves to that id if it makes sence?
Heres the code:

                        $db->query( "UPDATE users SET username = '{$username}'{$password}, habbo = '{$habbo}', displaygroup = '{$dgroup}', usergroups = '{$ugroups}', usertitle = '{$utitle}'" );


                        }
                        else {
                       
                            $db->query( "INSERT INTO users VALUES (NULL, '{$username}', '{$password_enc}', '{$habbo}', '{$dgroup}', '{$ugroups}', '{$utitle}');" );
                       
                        }

help appreciated!!

 

[Markshall]

WHERE UserID = '" . $userid . "'

 

[brsy]

WHERE UserID = '" . $userid . "'

This ^. But if you don't understand what he means by that... Be sure that you're getting the userId from the active session so that nothing fishy can be done... aka the stealing of accounts.

  $db->query( "UPDATE users SET username = '{$username}', password = '{$password}', habbo = '{$habbo}', displaygroup = '{$dgroup}', usergroups = '{$ugroups}', usertitle = '{$utitle}' WHERE userId = '{$_SESSION['userId']}'" );