I've updated the post since I made a bit of change thanks to #user3282898! Though I still can't push the update to the DB.
The table column $id, $issue, $last_mod has already an existing content, I just need to update the content of issue andlast_modcolumn with respect to its$id`.
Here's what I have so far:
<?php
session_start();
session_regenerate_id();
if(!isset($_SESSION['username']))
{
header("Location: login.php");
}
?>
<?php
$conn = mysqli_connect("localhost", "root", "", "order");
if (isset($_GET['id']) && is_numeric($_GET['id']))
{
//id value
$id = $_GET['id'];
$last_mod = $_SESSION['username'];
mysqli_query($conn, "UPDATE order.coupon SET issue='Resolved', last_mod=".$last_mod." WHERE id=".$_POST['id']) //update won't work
or die(mysqli_error());
header("Location: form.php");
}
else
{
header("Location: form.php");
}
?>
I've tried omitting the $last_mod to isolate the issue of updating and find that this statement works:
mysqli_query($conn, "UPDATE order.coupon SET issue='Resolved' WHERE id=$id")
However it won't work with $last_mod in it:
mysqli_query($conn, "UPDATE order.coupon SET issue='Resolved', last_mod=".$last_mod." WHERE id=".$_POST['id'])
or
mysqli_query($conn, "UPDATE order.coupon SET issue='Resolved', last_mod=".$last_mod." WHERE job_id=$job_id")
Your suggestion/opinion is always welcome, thanks in advance guys!
$_SESSION['username']='$last_mod'
You are updating the $_SESSION['username'] field in your table which does not exist!
The $_SESSION['username'] is the username and the column to be updated is the last_mod.
You should do this as i said in my comment:
UPDATE order.coupon SET last_mod='$last_mod' WHERE id='".$_POST['id']."'");
This should work for you.
$last_mod = $_SESSION['username'];
$query = "INSERT INTO coupon(last_mod)
VALUES ($last_mod)";
that query does not seem to make any sense; so how about ...
$sql = "UPDATE `coupon` SET `last_mod` = NOW() WHERE `coupon_id` = ?";
because it appears, as if you were trying to insert a username as the last_mod (last modification) timestamp of a coupon. just add a die($sql); whenever being uncertain why generated SQL won't work. besides, using the user_id (or the coupon_id) instead of the username would be suggested; because indexed INT fields are way quicker to query by.
Related
I want to add the current date when a user is logged in on my system, however it doesn't seem to work!
if (password_verify($_POST['password'], $password)) {
session_regenerate_id();
$_SESSION['loggedin'] = TRUE;
$_SESSION['name'] = $_POST['username'];
$_SESSION['id'] = $id;
$query = " INSERT INTO accounts (last_login) VALUES (SYSDATE()
);WHERE `id`='".$id."'";
header('Location: home.php');
The field last_login field in MySQL is set to datetime. Now what happens is that it redirects the user to home.php, however nothing is written in the DB!
A few things to note:
I'd be surprised if you wanted to insert a record with only one value and no reference to the user account
INSERT doesn't use a WHERE clause
I'd expect you'd want to do an UPDATE
Perhaps something like this:
$query="UPDATE accounts SET last_login=NOW() WHERE id='".$id."'";
You may use NOW() Function in your query it will return the current date and time like
if (password_verify($_POST['password'], $password)) {
session_regenerate_id();
$_SESSION['loggedin'] = TRUE;
$_SESSION['name'] = $_POST['username'];
$_SESSION['id'] = $id;
$query = " INSERT INTO accounts (last_login) VALUES (NOW()) WHERE id='$id'";
header('Location: home.php');
I'm trying to convert a previous line I had where I was calling something back from the database, and insert it instead.
This is the function I have, but I can't get the INSERT INTO to work correctly
I've already debugged that: the connection to the DB is working fine, the session var for user is set and that the $avatarID is present.
if(!empty($_SESSION['user'])){
$avatarID = $_POST['avatarID'];
$avatarID = mysql_real_escape_string(trim($_POST['avatarID']));
// Insert into DB
$sql = "INSERT INTO `users` (`avatar`) VALUES ('{$avatarID}') WHERE `username` = '".$_SESSION['user']."'";
$query = mysql_query($sql);
if($query === false){
return false;
}else{
return true;
}
header('Location: profile.php');
}
I think it's an issue with the $sql line. I'm not getting any errors other than a simple blankpage/dead screen.
Attempted changing to just the following:
// Insert into DB
$query = mysql_query("INSERT INTO `user` (`avatar`) VALUES ('{$avatarID}'") or die(mysql_error());
Edit OK so I realise the mistake I have made, as this should be an UPDATE WHERE not INSERT INTO. But I am still struggling to get the query details correct even when using UPDATE and WHERE. But still no result:
<?php session_start();
require 'connect.php';
if(!empty($_SESSION['user'])){
$avatarID = $_POST['avatarID'];
$avatarID = mysql_real_escape_string(trim($_POST['avatarID']));
// Insert into DB
$sql = "UPDATE `users` SET `avatar`='{$avatarID}' WHERE `username` = '".$_SESSION['user']."'";
$query = mysql_query($sql);
if($query === false){
return false;
}else{
return true;
}
header('Location: profile.php');
}else{
header('Location: choose-avatar.php');
}
?>
Use UPDATE instead of INSERT
$sql = "UPDATE `users` SET `avatar`='{$avatarID}' WHERE `username` = '".$_SESSION['user']."'";
Ok! I have a script that is part of a live auction and my code is not all working and I am at the end of my rope! The below code is the two ways I have tried with no luck:
<? if(isset($_GET['golive'])) {
$id = $_POST['id'];
$totalamount = $_POST['amount'];
$ordernumber = $_POST['ordernumber'];
mysql_connect("localhost","DBusername","DBpassword") or die(mysql_error());
mysql_select_db("DBname") or die(mysql_error(header('Location: live_auction.php?ordermun=error')));
mysql_query("INSERT INTO auction_bundle
(`purchaser_id`,`amount`,`order_number`,`date`) VALUES (".$id.",".$totalamount.",".$ordernumber.",NOW())
UPDATE auction_products SET order_number=".$ordernumber." WHERE on_now=1;
UPDATE auction_products SET sold=1 WHERE on_now=1;
UPDATE auction_products SET on_now=3 WHERE on_now=1");
header('Location: live_auction.php?ordermun='.$ordernumber.'');
}
?>
I Also Tried
<? if(isset($_GET['golive'])) {
$id = $_POST['id'];
$totalamount = $_POST['amount'];
$ordernumber = $_POST['ordernumber'];
mysql_connect("localhost","DBusername","DBpassword") or die(mysql_error());
mysql_select_db("DBname") or die(mysql_error(header('Location: live_auction.php?ordermun=error')));
mysql_query("INSERT INTO auction_bundle
(`purchaser_id`,`amount`,`order_number`,`date`) VALUES (".$id.",".$totalamount.",".$ordernumber.",NOW()");
mysql_query("UPDATE auction_products SET order_number=".$ordernumber." WHERE on_now=1");
mysql_query("UPDATE auction_products SET sold=1 WHERE on_now=1");
mysql_query("UPDATE auction_products SET on_now=3 WHERE on_now=1");
header('Location: live_auction.php?ordermun='.$ordernumber.'');
}
?>
This second one was able to change the auction_products table but still would not INSERT and other query. What am I missing. I need all four of those to happen at the time that the golive button is clicked.
Your insert query doesn't work because your forgot a ) at the end.
mysql_query("INSERT INTO auction_bundle
(`purchaser_id`,`amount`,`order_number`,`date`) VALUES (".$id.",".$totalamount.",".$ordernumber.",NOW()");
Should be:
mysql_query("INSERT INTO auction_bundle
(`purchaser_id`,`amount`,`order_number`,`date`) VALUES (".$id.",".$totalamount.",".$ordernumber.",NOW())");
Can someone please help me. I'm trying to create a basic like system by inserting the values into mysql and auto incrementing the number of times the column 'likes' has been updated.
Basically the script will insert where there is not currently any record and update if there is a record.
I am trying to insert 'user_id' as a value, aswell but only the liked_id is being inserted into the table. the 'likes' column is being auto incremented as it should be but i need to find out how i can insert the user_id which is the users session id aswel and this isn't being put in. also i am trying to update the column 'user_id_has_liked' from enum value 0 to 1 as a final result.
can someone please show me where i am going wrong. thanks
<?php
require_once('includes/session.php');
require_once('includes/functions.php');
require('includes/_config/connection.php');
session_start();
confirm_logged_in();
if (isset ($_GET['to'])) {
$user_to_id = $_GET['to'];
}
if (!isset($_GET['to']))
exit('No user specified.');
$user_id = $_GET['to'];
$result = mysql_query("SELECT * FROM ptb_likes WHERE liked_id ='".$user_to_id."' ");
if( mysql_num_rows($result) > 0) {
mysql_query("UPDATE ptb_likes SET likes = likes +1 WHERE liked_id = '".$user_to_id."' ");
$user_to_id = mysql_query("ALTER TABLE likes AUTO_INCREMENT = $id");
}
else
{
mysql_query("INSERT INTO ptb_likes (user_id,liked_id) VALUES ('".$_SESSION['user_id'].",".$user_to_id."') ");
}
$result1 = mysql_query("UPDATE ptb_likes SET user_id_has_liked='1' WHERE user_id=".$_SESSION['user_id']."")
or die(mysql_error());
if($result)
{
header("Location: {$_SERVER['HTTP_REFERER']}");
}
?>
As the others said, mysql_* statements are depricated, use mysqli_* statements...
The first issue is the code in the user id insert statement was missing some quotes, it should look like this:
mysql_query("INSERT INTO ptb_likes (user_id,liked_id) VALUES ('".$_SESSION['user_id']."','".$user_to_id."') ");
The user_id_has_liked query issue could be caused by the enum variable being an integer in mysql. you could also try saving your query to a query variable and passing the variable to your query function for readability...
$query = "UPDATE ptb_likes SET user_id_has_liked='1' WHERE user_id=".$_SESSION['user_id'];
$result1 = mysql_query($query) or die(mysql_error());
i have a field in table opt named confirm of type tinyint. i want to insert value(1) by this statement but it is not working can any one help??
$connect= mysql_connect("localhost","root") or die ("Sorry, Can not connect to database");
mysql_select_db("login") or die (mysql_error());
$user=$_POST['staff'];
echo $user;
$query="SELECT * from users where username='$user' ";
$result=mysql_query($query,$connect) or die(mysql_error());
$row=mysql_fetch_array($result);
$uid=$row['userid'];
echo $uid;
$query="SELECT * from opt where userid='$uid' ";
$result=mysql_query($query,$connect) or die(mysql_error());
$row=mysql_fetch_array($result);
if($row['confirm']==0)
{
$query = "INSERT INTO opt (confirm) values(1)";
echo 'The user selected options has confirmed';
}
?>
You are not executing the query.
add an extra
$result=mysql_query($query,$connect) or die(mysql_error());
after the line
$query = "INSERT INTO opt (confirm) values(1)";
Apart from not executing the "InSERT STATEMENT",
You should probably be using an
"UPDATE OPT SET CONFIRM = '1' WHERE USERID = $user;"
as the row already exists ('cause you managed to select it!).
$query is a variable and there's no reason that it would cause a record to magically get inserted into the opt table.
You need to insert the following line after $query = "...":
mysql_query($query);
Also, I hopethat's not the code you're running in production.
You need to have the following somewhere:
$user = mysql_real_escape_string($user);
Why is not working? what error is throwing?
Check the other fields of the table...