I have a query which is not inserting if i use the where clause, without the where clause it inserts data. this is weird and I have never seen it happen before in WAMP
$key=substr(md5(rand(0, 1000000)), 0, 5);
$key1="INSERT INTO login(key_id) VALUES('$key')
WHERE (email_id = '" . mysql_real_escape_string($_POST['email_id']) . "')"
if(mysql_query($key1))
{
$message = 'User Added!.';
echo "<SCRIPT>
alert('$message');
location='forgotpassword.php';
</SCRIPT>";
}
If I echo $_POST['email_id'] it does return valid result
INSERT and WHERE do not mix.
when INSERTing, you are creating a new record.
WHERE is used with SELECTing DELETEing or UPDATEing, when you have to specify a filter which rows you want to SELECT, DELETE or UPDATE.
if you want to INSERT a row, do not use WHERE.
if you want to change a row, use
$key1="UPDATE login SET key_id = '$key' WHERE
(email_id = '" . mysql_real_escape_string($_POST['email_id']) . "')";
Insert is only used on creating new record and where clause is only used if want to set any condition it is used with like select,update,delete.
Try this it will help:-
$key1="update login set key_id ='$key' WHERE
(email_id = '" . mysql_real_escape_string($_POST['email_id']) . "')";
I know #Franz-Gleichmann is already explained very well, whats wrong in your code.
You need to use UPDATE for updating data modified code:
$key1 = "UPDATE login SET key_id = '$key' WHERE
(email_id = '" . mysql_real_escape_string($_POST['email_id']) . "')";
Now i am adding two more points:
Please use mysqli_* or PDO, because mysql_* is deprecated and not available in PHP 7.
You missed the termination semi colon on the same line, i hope this is typo error.
Related
Update query not working with GET
$key = mysql_real_escape_string($_GET['key']) ;
$pass = mysql_real_escape_string(trim($_POST['pass'])) ;
$key1="UPDATE login SET pass = '" . $pass . "' WHERE
(key_id = '" . $key . "')";
the variable is passed like this newpassword.php?key=5384f
echo $key; variable does not yield any result ? what could be wrong?
for some reason it's updating all the other passwords except the one where key exists.
It was a dumb mistake, I figured the error; I was posting to same page using <?php echo $_SERVER['PHP_SELF']?> . After posting to the page I was trying to retrieve the key using get and then trying to run the update query with it. This was not working as after post the url will change and key would be gone.
The solution was to capture the key value first and store it into the form as an invisible text item first and then post it to update.
I've setup an EE template with PHP enabled and set the PHP Parsing Stage as Input. I would expect the following code to update the database correctly, but nothing happens:
<?php
$ids= "{last_segment}";
$userId = "{member_id}";
$sql = "UPDATE table SET column = '" . $ids . "' WHERE member_id = '" . $userId . "'";
$this->EE->db->query($sql);
?>
If I echo my query it looks correct, and in fact if I run it in PHPMyAdmin it works fine. Is there something I'm missing? Do I need to modify the PHP Parsing Stage?
Thanks in advance!
Looks like you may just need parentheses after "EE":
$this->ee()->db->query($sql);
Also, I'm not sure if you need $this...
http://ellislab.com/expressionengine/user-guide/development/usage/database.html
Hey I am currently trying to insert a global variable to a table. The other values I pass are variables too but they get sent correctly.
Here is my query. my error handling does not capture anything
$result = mysql_query("INSERT INTO IPmanagement (userId, NameUsed, EmailUsed, IPStatus, Ip) VALUES ('" .$masterUserId . "', '" . $Entry['LeadName'] . "', '" . $Entry['LeadEmail'] . "', '0', '" . $ip . "')") or die(ErrorException("Function 6", "Error when processing the current lead. your data is unaffected and if the proccess continues please contact an Admin.", mysql_error(),$_SERVER['REMOTE_ADDR'], CurrentPath(), $masterUserId));
my variable that is global defined before the function is
$masterUserId = "1";
I tried echoing the variable before it sends and it echos out correctly YET my table holds a value of 0.
here is a screenshot of how I have my table setup.
Click for Larger Image
Any idea what is going on. I am rather stumped and tried writing this same code different ways and it still gives me same issue. Also $masterUserId will always be an int value
Edit: also would like to mention the variable is different .php that contains the varaiable and database login information. It is being included at the top. (don't know if that is relevant)
Because you are not inserting IP STATUS.Which is not null
\
You should either set this to null or enter some value to it.
If you are using query in a function than use like this
function (){
//than define
$globat $masterUserId;
// use the global defination
// than use this variable with global value
}
Do not use mysql_*. Replace them with mysqli_* or PDO::.
Did you try to echo the mysql_query()? Do this. Replace mysql_query("..."); with die("..."); and put it in the phpMyAdmin and try executing.
And in your table, I see that IP Status is a NOT NULL. So that might throw an exception. Use a default value in the table.
And yeah, what do you get the result as in mysql_error()?
Why ''' or "' in query?
I have cleaned up query with PHP function sprintf and using NULL for EntryID(Autoincrement)
$query = sprintf("INSERT INTO IPmanagement (EntryID,userId, NameUsed, EmailUsed, IPStatus, Ip) VALUES (NULL,%s,%s,%s,'0',%s)",
$masterUserId , $Entry['LeadName'] , $Entry['LeadEmail'] , $ip ));
$result = mysql_query($query);
You should also use MySQLi or PDO
I've already read Passing an array to a query using a WHERE clause which is basically what I am doing, but with strings instead of integers. I am having an issue with the WHERE clause.
$codes_imp = "'" . implode("','", $codes) . "'";
$passwords_imp = "'" . implode("','", $passwords) . "'";
$comments_imp = "'" . implode("','", $comments) . "'";
$set_pass_query = "INSERT INTO users (password, comments) VALUES ($passwords_imp, $comments_imp) WHERE Code IN ($codes_imp)";
When executed, the query looks like this:
INSERT INTO users (password, comments)
VALUES ('password1', 'password2', 'password3', 'comment1', 'comment2', 'comment3')
WHERE Code IN ('code1', 'code2', 'code3')
All columns in the table are of type VARCHAR. Clearly I have a syntax error (as it is telling me), but I am not sure how to construct this properly.
You are trying to constrain an INSERT query with a WHERE clause. That's a big no-no.
Either you want to UPDATE, or you need to drop the WHERE
What exactly are you trying to accomplish?
You need to use UPDATE and not INSERT, to alter existing db rows.
You could use a loop construct like the foreach loop.
E.g:
foreach($codes_imp as $key=>$code){
$query="UPDATE users SET password='$passwords_imp[$key]', comments='$comments_imp[$key]' WHERE Code='$code'"
[Code to execute the query goes here]
}
N.B: We need to use a loop construct because UPDATE queries can run only on one db row at a time.
Alternative method:
Instead of using loops you could use the CASE WHEN ELSE END syntax in Mysql.
To know how to use this, please refer:
https://stackoverflow.com/a/2528188/749232
http://www.kavoir.com/2009/05/mysql-update-multiple-rows-with-one-single-query.html
i have written few codes to show time spent by users at site but when a users click on submit it should be stored in mysql but its not getting stored can you please tell where i have done mistake here is my code.
Your query seems to be wrong.
Either use INSERT without WHERE if you want to insert a new record. If however you want to update an already present record, use UPDATE instead of INSERT.
And it is always a good idea to check whether a query was successful:
if (mysql_query ("insert into jcow_accounts(Time_Spent) values ('{$Time}') where uid='{$client['id']}' ") === FALSE) {
echo 'MySQL error: ' . mysql_error() . "\n";
}
You need to use an UPDATE instead of an insert.
$dtime = getChangeInTime(); // this is the change in time from the last update
mysql_query( "UPDATE jcow_accounts SET `TIME_SPENT` = `TIME_SPENT` + $dtime ".
" where id='{$client['id']}'" );
Try
insert INTO `jcow_accounts` (`Time_Spent`) VALUES ('{$Time}') where uid='{$client['id']}' WHERE `uid` = '{$client['id']}'
Are you sure the uid is in the DB? try running it without the WHERE...