I am trying to issue a mysqli_multi_query, in which my querys are named $query & $query2. Query 1 is a seperate table from query 2. This is a sample of how the code syntax looks like:
$query1 = "INSERT INTO invoices (`id`,`c`) VALUES (NULL, '$client_id')";
$query2 = "UPDATE `customers` SET `a` = `$a`,`b` = `$b` WHERE `customers.id` = $client_id";
the invoices.client_id is the same as the customers.id, and I only want to update customers.id that matches the invoice client_id.
For some odd reason, everything is updated fine into my invoices, but not into my customers. Is my syntax correct?
after our discussion in the chat we figured out the following misstakes:
Your code:
$query2 = "UPDATE customers SET alarmcode = $alarmcode, garagecode = $garagecode, gatecode = $gatecode, liason = $liason, lphone = $lphone WHERE customers.id = '$client_id'";
table-def:
So the problem was not correct encapsulating of strings in the sql statement.
corrected statement was:
$query2 = "UPDATE customers SET alarmcode = '$alarmcode', garagecode = '$garagecode', gatecode = '$gatecode', liason = '$liason', lphone = '$lphone' WHERE id = $client_id";
Related
For some reason $query3 and $query4 will throw out this error
Couldn't enter data: You have an error in your SQL syntax; check the
manual that corresponds to your MariaDB server version for the right
syntax to use near 'WHERE job_id = '35' at line 1
I cannot see why it is doing this the query syntax seems fine.
Table structure:
https://imgur.com/a/ioOKZ
Actionpage7:
session_start();
require 'config.php';
$id = $_SESSION['login_user'];
$bidid = $_POST['bid_id'];
$jobid = $_POST['job_id'];
$bidder_id = $_POST['bidder_id'];
$bid_amount = $_POST['bid_amount'];
$query = " UPDATE bid SET status = '1' WHERE bid_id = '$bidid'";
$success = $conn->query($query);
$query2 = " UPDATE job SET accepted = '1' WHERE job_id = '$jobid'";
$success = $conn->query($query2);
$query3 = "INSERT into job (accepted_bidder) VALUES('" . $bidder_id . "') WHERE job_id = '$jobid'";
$success = $conn->query($query3);
$query4 = "INSERT into job (accepted_bid) VALUES('" . $bid_amount . "') WHERE job_id = '$jobid'";
$success = $conn->query($query4);
if(!$success) {
die("Couldn't enter data: " . $conn->error);
}
echo "Thank You For Contacting Us <br>";
header("location: myjobs.php");
$conn->close();
You can do it in one query:
UPDATE job SET
accepted = '1',
accepted_bidder = 'value',
accepted_bid = 'value'
WHERE job_id = '$jobid'
As stated in comments - your code is vulnerable to SQL injections. Refer to this topic to know more.
You have two types of queries here.
Query 1 and 2 are updates
$query = " UPDATE bid SET status = '1' WHERE bid_id = '$bidid'";
$query2 = " UPDATE job SET accepted = '1' WHERE job_id = '$jobid'";
They say UPDATE table and SET column = value WHERE condition is true. As the name implies this updates existing rows. The condition is used to limit the rows that the update is applied to. Without it every bid would have its status set to 1 and every job would be accepted. Which is probably not good.
Query 3 and 4 are inserts
$query3 = "INSERT into job (accepted_bidder) VALUES('" . $bidder_id . "') WHERE job_id = '$jobid'";
$query4 = "INSERT into job (accepted_bid) VALUES('" . $bid_amount . "') WHERE job_id = '$jobid'";
They say INSERT into table using (columns...) having VALUES(values...) WHERE condition. Again the name says it all, INSERT inserts new rows into the table. Now the question is what is the WHERE clause supposed to do?
Are you trying to limit the inserted rows to only those that match your condition? Well you are the one saying what rows to insert so you don't really need to do that. Are you trying to set values on the rows to be inserted? Well you can do that by adding more columns to the column list and their respective values to the value list. So it turns out there isn't really much point to a WHERE clause on an INSERT statement like that and in fact it's not allowed. That's what the error is trying to tell you.
As the other answer says you probably want to update an existing job and not insert a new one anyways.
when i query the database using php my admin the following sql works
update invoice
set paid = 1, date_recieved = 0000-00-00, check_number = 00000
where invoice_number IN (110038,110035,110033)
i have a text box where a user enters numbers separated by a comma. this is submitted via post to the $invoice variable.
when i run the following only the first row is affected.
the code commented out is things that i tried but didn't work
if(isset($_POST["paymentbtn"])){
$invoice = $_POST["invoice"];
//$data = array($invoice);
//$data = implode(",", $data);
$date = $_POST["date"];
$check = $_POST["checknumber"];
//$invoice = mysql_real_escape_string($invoice);
$sql = mysql_query("update invoice set paid = 1, date_recieved = '$date', check_number = '$check'
where invoice_number IN ('$invoice')" )or die (mysql_error());
}
im probability missing something simple
p.s. it also works when i just enter one value so its not an invalid date or anything
Don't use ' ' for $invoice because when you use it is like '1,2,3' where it should either be like '1','2','3' or 1,2,3
I think your query should be as below
"update invoice set paid = 1, date_recieved = '$date', check_number = '$check' where invoice_number IN ($invoice)"
I'm having problems with my php script.
Im settings these variables:
$v1 = mysql_real_escape_string($_POST["v1"]);
$v2 = mysql_real_escape_string($_POST["v2"]);
$v3 = mysql_real_escape_string($_POST["v3"]);
$v4 = mysql_real_escape_string($_POST["v4"]);
I want these values to be updated to the row of my db where id = 1 every time (the row already exists and just need to be updated).
should I then insert or update the row?
I've tried this without success:
$sql = "INSERT INTO table1 (v1, v2, v3, v4) WHERE id = 1";
$sql .= "VALUES ('$v1', '$v2', '$v3', '$v4')";
Use an UPDATE rather than an INSERT.
Try this:
UPDATE table1 set v1 = '$v1', v2 = '$v2', v3 = '$v3', v4 = '$v4' WHERE id = 1
I'm having problem with inserting in purchase table and updating facility table. Let's say, user made a purchase with product_id and product_quantity.
The query is running. But it inserts twice with the same data and not updating facility table.
When user hit submit, I want to insert product_id and product_quantity into purchase table. And updating facility table with product_id and product_quantity that associated with it.
Here is my code
<?php
include 'dbconn.inc.php';
include 'functions.inc.php';
$sql1 = "SELECT * FROM facilities";
$res = $mysqli->query($sql1);
$facilities = array();
while( $row = $res->fetch_array(MYSQLI_ASSOC) ){
$facilities[]['id'] = $facilities_id;
$facilities[]['product_id'] = $facilities_product_id;
$facilities[]['product_current_quantity'] = $product_current_quantity;
}
$id = $mysqli->real_escape_string ($_POST['id']);
$purchase_id = $mysqli->real_escape_string( $_POST['purchase_id'] );
$facility_id = $mysqli->real_escape_string( $_POST['facility_id'] );
$product_quantity = $mysqli->real_escape_string( $_POST['product_quantity'] );
$sql1 = "UPDATE facilities
SET
`product_current_quantity` = '$product_quantity + $product_current_quantity'
WHERE $facility_id = $facilities_id AND $id = $facilities_product_id ";
$sql = "INSERT INTO purchases
(
`purchase_id`,
`facility_id`,
`product_quantity`,,
`product_id`
)
VALUES
(
'$purchase_id',
'$facility_id',
'$product_quantity',
'$id'
)";
I did some research and I think I need to use triggers. But I never work with triggers before. Any helps would be great. Thank you!
Please execute your query and better use echo statement if you have doubt in query.
use "php.net"
used this code to your updates
product_current_quantity = product_current_quantity + $product_current_quantity
how many number they can add to your product Quantity and they sum the current number.
You have used insert query and update query for the same variable $sql without any condition. If so always your following query only executes.
Then anymore no update only insertion will reflect in your table.
$sql = "INSERT INTO purchases
(
`purchase_id`,
`facility_id`,
`product_quantity`,,
`product_id`
)
VALUES
(
'$purchase_id',
'$facility_id',
'$product_quantity',
'$id'
)";
I need to copy the value in a column named TEAM from one row into another row. Both rows need to have the same team name. This is my query that doesn't work:
$query = "UPDATE profiles SET team = (SELECT team FROM profiles WHERE id = '$coach_id') WHERE id = '$player_id'";
I have tried removing single quotes, removing "FROM profiles", changing value to table.value, tried to give a newdata.clan alias, and I have even tried changing the values to integers instead of parameters. Nothing works, and this is what I get:
Error: You have an error in your SQL
syntax; check the manual that
corresponds to your MySQL server
version for the right syntax to use
near 'WHERE id = '') WHERE id = ''' at
line 3
$query1 = "SELECT team FROM profiles WHERE id = '$coach_id'";
/* get the value of the first query and assign it to a variable like $team_name */
$query2 = "UPDATE profiles SET team = '$team_name' WHERE id = '$player_id'";
Also, you should surround your PHP variables in curly braces:
$query = "UPDATE profiles SET team = \"(SELECT team FROM profiles WHERE id = '{$coach_id}')\" WHERE id = '{$player_id}'";
From the MySQL manual:
"Currently, you cannot update a table
and select from the same table in a
subquery."
Source: http://dev.mysql.com/doc/refman/5.0/en/update.html
Use the method that FinalForm wrote:
<?
$coach_id = 2;
$player_id = 1;
$query1 = "SELECT team FROM profiles WHERE id = '$coach_id'";
$rs = mysql_query($query1);
if ($row = mysql_fetch_array($rs)) {
$team_name = $row['team'];
$query2 = "UPDATE profiles SET team = '$team_name' WHERE id = '$player_id'";
mysql_query($query2);
// Done, updated if there is an id = 1
} else {
// No id with id = 2
}
?>