I have a working registration and login system. I am trying to create a form where a user can add product registration info (via mysql update). I can't seem to get the db to actually update the fields. What am I missing here?!? <?php define('INCLUDE_CHECK',true); require 'connect.php'; require 'functions.php'; // Those two files can be included only if INCLUDE_CHECK is defined session_name('tzLogin'); // Starting the session session_set_cookie_params(2*7*24*60*60); // Making the cookie live for 2 weeks session_start(); if($_SESSION['id'] && !isset($_COOKIE['tzRemember']) && !$_SESSION['rememberMe']) { // If you are logged in, but you don't have the tzRemember cookie (browser restart) // and you have not checked the rememberMe checkbox: $_SESSION = array(); session_destroy(); // Destroy the session } if(isset($_GET['logoff'])) { $_SESSION = array(); session_destroy(); header("Location: index_login3.php"); exit; } if($_POST['submit']=='Login') { // Checking whether the Login form has been submitted $err = array(); // Will hold our errors if(!$_POST['username'] || !$_POST['password']) $err[] = 'All the fields must be filled in!'; if(!count($err)) { $_POST['username'] = mysql_real_escape_string($_POST['username']); $_POST['password'] = mysql_real_escape_string($_POST['password']); $_POST['rememberMe'] = (int)$_POST['rememberMe']; // Escaping all input data $row = mysql_fetch_assoc(mysql_query("SELECT * FROM electrix_users WHERE usr='{$_POST['username']}' AND pass='".md5($_POST['password'])."'")); if($row['usr']) { // If everything is OK login $_SESSION['usr']=$row['usr']; $_SESSION['id'] = $row['id']; $_SESSION['email'] = $row['email']; $_SESSION['first'] = $row['first']; $_SESSION['last'] = $row['last']; $_SESSION['address1'] = $row['address1']; $_SESSION['address2'] = $row['address2']; $_SESSION['city'] = $row['city']; $_SESSION['state'] = $row['state']; $_SESSION['zip'] = $row['zip']; $_SESSION['country'] = $row['country']; $_SESSION['product1'] = $row['product1']; $_SESSION['serial1'] = $row['serial1']; $_SESSION['product2'] = $row['product2']; $_SESSION['serial2'] = $row['serial2']; $_SESSION['product3'] = $row['product3']; $_SESSION['serial3'] = $row['serial3']; $_SESSION['rememberMe'] = $_POST['rememberMe']; // Store some data in the session setcookie('tzRemember',$_POST['rememberMe']); } else $err[]='Wrong username and/or password!'; } if($err) $_SESSION['msg']['login-err'] = implode('<br />',$err); // Save the error messages in the session header("Location: index_login3.php"); exit; } else if($_POST['submit']=='Register') { // If the Register form has been submitted $err = array(); if(strlen($_POST['username'])<4 || strlen($_POST['username'])>32) { $err[]='Your username must be between 3 and 32 characters!'; } if(preg_match('/[^a-z0-9\-\_\.]+/i',$_POST['username'])) { $err[]='Your username contains invalid characters!'; } if(!checkEmail($_POST['email'])) { $err[]='Your email is not valid!'; } if(!count($err)) { // If there are no errors $pass = substr(md5($_SERVER['REMOTE_ADDR'].microtime().rand(1,100000)),0,6); // Generate a random password $_POST['email'] = mysql_real_escape_string($_POST['email']); $_POST['username'] = mysql_real_escape_string($_POST['username']); $_POST['first'] = mysql_real_escape_string($_POST['first']); $_POST['last'] = mysql_real_escape_string($_POST['last']); $_POST['address1'] = mysql_real_escape_string($_POST['address1']); $_POST['address2'] = mysql_real_escape_string($_POST['address2']); $_POST['city'] = mysql_real_escape_string($_POST['city']); $_POST['state'] = mysql_real_escape_string($_POST['state']); $_POST['zip'] = mysql_real_escape_string($_POST['zip']); $_POST['country'] = mysql_real_escape_string($_POST['country']); // Escape the input data mysql_query(" INSERT INTO electrix_users(usr,pass,email,first,last,address1,address2,city,state,zip,country,regIP,dt) VALUES( '".$_POST['username']."', '".md5($pass)."', '".$_POST['email']."', '".$_POST['first']."', '".$_POST['last']."', '".$_POST['address1']."', '".$_POST['address2']."', '".$_POST['city']."', '".$_POST['state']."', '".$_POST['zip']."', '".$_POST['country']."', '".$_SERVER['REMOTE_ADDR']."', NOW() )"); if(mysql_affected_rows($link)==1) { send_mail( '[email protected]', $_POST['email'], 'Your New Electrix User Password', 'Thank you for registering at www.electrixpro.com. Your password is: '.$pass); $_SESSION['msg']['reg-success']='We sent you an email with your new password!'; } else $err[]='This username is already taken!'; } if(count($err)) { $_SESSION['msg']['reg-err'] = implode('<br />',$err); } header("Location: index_login3.php"); exit; } if($_POST['submit']=='Update') { { mysql_query(" UPDATE electrix_users(product1,serial1,product2,serial2,product3,serial3) WHERE usr='{$_POST['username']}' VALUES( '".$_POST['product1']."', '".$_POST['serial1']."', '".$_POST['product2']."', '".$_POST['serial2']."', '".$_POST['product3']."', '".$_POST['serial3']."', )"); if(mysql_affected_rows($link)==1) { $_SESSION['msg']['upd-success']='Thank you for registering your Electrix product'; } else $err[]='So Sad!'; } if(count($err)) { $_SESSION['msg']['upd-err'] = implode('<br />',$err); } header("Location: index_login3.php"); exit; } if($_SESSION['msg']) { // The script below shows the sliding panel on page load $script = ' <script type="text/javascript"> $(function(){ $("div#panel").show(); $("#toggle a").toggle(); }); </script>'; } ?>