“error in your SQL syntax” when using lostpassword

netvicar
(@netvicar)

19 years, 2 months ago

WordPress no longer recognizes my username and password. Says, “Error: Incorrect password”

And when I try to reset password using …/wp-login.php?action=lostpassword this is what I get:

Database error: [You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near ‘SET user_pass = MD5(‘832ee6’) WHERE user_login = ‘loginname’]
UPDATE SET user_pass = MD5(‘832ee6’) WHERE user_login = ‘loginname’

I know I could always delete the database, create a new one, and then manually re-enter my blog messages again //shudder//

…there’s got to be an easier way to fix this error _and_ prevent it from happening again(?)

Do you know an easier way to fix this error than starting over?

Thanks!

Andre
p.s. I have version 1.2.2

Viewing 7 replies - 1 through 7 (of 7 total)

Moderator James Huff
(@macmanx)

Volunteer Moderator

19 years, 2 months ago

Try retting the password manually.
http://tamba2.org.uk/wordpress/phpmyadmin/

Thread Starter netvicar
(@netvicar)

19 years, 2 months ago

Thank you very very much!!!! Manually chaning password via phpmyadmin worked perfectly!

Now I can log into my blog and remove comment checkmarks from old messages, so spammer-bots stop trying to post poker and porn comments and trackback spam on my messages posted before disabling comments.

thanks again!

Moderator James Huff
(@macmanx)

Volunteer Moderator

19 years, 2 months ago

You could enable either “Auto shutoff comments” http://wiki.wordpress.org/?pagename=Plugin#comments or Spam Karma http://unknowngenius.com/blog/archives/2004/11/19/spam-karma-merciless-spam-killing-machine/ . Both disable comments on posts which are x days old.

ejm
(@llizard)

19 years, 2 months ago

I too am running wordpress 1.2.2 and logged off and could not login again. I got this message:

Database error: [You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'SET user_pass = MD5('4345a3') WHERE user_login = 'admin'' at li] UPDATE SET user_pass = MD5('4345a3') WHERE user_login = 'admin'

Many thanks to you macmanx, for pointing to http://tamba2.org.uk/wordpress/phpmyadmin/

I have now managed to change my login from phpmyadmin.

But now that that is accomplished, how do I fix the incorrect syntax? I am an absolute neophyte with this php stuff so please feel free to spell it all out.

Thank you.

eamono
(@eamono)

19 years, 2 months ago

This is a bug in the code
Take a look at the source for wp-login.php. Look for the SQL statement. (Search for ‘UPDATE’.) The variable afterwards is $wpdb->users. Change this to $tableusers, and all is well. For some reason the class variable is not defined. As near as I can tell, it might have existed in a previous version, and the decision was made to use globals for the table names.

Found the bug listing: here

ejm
(@llizard)

19 years, 2 months ago

Many thanks, eamono. I’m glad you posted the link to the bug report; I wasn’t sure if I was supposed to change “users” or “$wpdb” or “$wpdb->users”….

Just to clarify for other php neophytes like me who are reading this:

in wp-login.php, search for
UPDATE $wpdb->users SET

on line 115 and change it to:

UPDATE $tableusers SET

herculean
(@herculean)

19 years, 2 months ago

I had a similar problem with my version 1.2.2, but this fix didn’t work. The line referred to above was already correct in my wp-login.php file. The problem was in setting the $user_login variable. It is set twice right above the “$wpdb->query(“UPDATE…” line. The line:
$user_login = $_POST[“user_login”];
was not working for some reason so I changed it to:
$user_login = $user_data->user_login;

This seems to fix the problem for me. Hope this helps somebody.