I am new in Stackoverflow and noob in programming.
I have a problem . I am creating a script that can change a database column info by give database username and password.
My source code is here :
<?php
$servername = "localhost";
$username = "admin";
$dbname = "mydb";
$password = "1234";
// Create connection
$conn = new mysqli($servername, $username, $password);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
echo "Connected successfully";
mysqli_select_db($conn,"$dbname");
$sql = "UPDATE users SET login='admin1' WHERE id=1";
$sql2 = "UPDATE users SET pass='1234' WHERE id=1";
if ($conn->query($sql) === TRUE) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $conn->error;
}
$conn->close();
?>
Now there is two query's
$sql = "UPDATE users SET login='admin1' WHERE id=1";
$sql2 = "UPDATE users SET pass='1234' WHERE id=1";
How can I execute this two query's and i want that when this two query's became true I message will be show that Record updated successfully. In the above source code showing error.
You can update both records by one query:
$sql = "UPDATE users
SET login = 'admin1',
pass = '1234'
WHERE id = 1";
Do it in one query:
$sql = "UPDATE users SET login='admin1', pass='1234' WHERE id=1";
Since you are updating one table, you can have one query instead like this:
$sql = "UPDATE users SET login='admin1',pass='1234' WHERE id=1";
try this.
$sql = "UPDATE users "
. " SET login='admin1',pass='1234' "
. " WHERE id=1";
Related
So I would like to update multiple rows in a mysql database with php with this code it updates only the last one. What do I need to add so it will update all the rows?
<?php
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "cases";
$conn = new mysqli($servername, $username, $password, $dbname);
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$Famas_Doomkitty_mn = 1,54;
$Famas_Doomkitty_ft = 1,46;
$Famas_Doomkitty_mnst = 2,57;
$Famas_Doomkitty_ftst = 2,42;
$sql = "UPDATE esports2013skins SET FAMASDoomkitty='$Famas_Doomkitty_mn' WHERE id=2";
$sql = "UPDATE esports2013skins SET FAMASDoomkitty='$Famas_Doomkitty_ft' WHERE id=3";
$sql = "UPDATE esports2013skins SET FAMASDoomkitty='$Famas_Doomkitty_mnst' WHERE id=7";
$sql = "UPDATE esports2013skins SET FAMASDoomkitty='$Famas_Doomkitty_ftst' WHERE id=8";
if ($conn->query($sql) === TRUE) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $conn->error;
}
$conn->close();
?>
You can try with an array and a foreach like this:
$sql_querys = [
"UPDATE esports2013skins SET FAMASDoomkitty='$Famas_Doomkitty_mn' WHERE id=2",
"UPDATE esports2013skins SET FAMASDoomkitty='$Famas_Doomkitty_ft' WHERE id=3",
"UPDATE esports2013skins SET FAMASDoomkitty='$Famas_Doomkitty_mnst' WHERE id=7",
"UPDATE esports2013skins SET FAMASDoomkitty='$Famas_Doomkitty_ftst' WHERE id=8"
];
foreach($sql_querys as $sql){
if ($conn->query($sql) === TRUE) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $conn->error;
}
}
I have created a login.php that works and keeps the user logged in with session.
Now, User has an option to use his "money" to buy something, so he clicks on "buy" and it opens "transfer.php" which is this below.
<?php
session_start();
$servername = "";
$username = "";
$password = "";
$dbname = "";
// Create connection header("Location:transfer2.php");
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$sql = "UPDATE user SET money=money-2 WHERE id=2";
if ($conn->query($sql) === TRUE) {
exit();
} else {
echo "Error updating record: " . $conn->error;
}
$conn->close();
?>
Now, this part:$sql = "UPDATE user SET money=money-2 WHERE id=2"; I want this script to automaticly find the id from the user that is logged in currently.
Im trying to figure this out, and I am just lost.
Thanks in advance.
In the login script, set a session variable to the user's ID. Then you can use this session variable in other scripts.
$sql = "UPDATE user SET money=money-2 WHERE id = ?";
if ($stmt = $conn->prepare($sql)) {
$stmt->bind_param("i", $_SESSION['user_id']);
if ($stmt->execute()) {
exit();
} else {
die("Error updating record: " . $stmt->error);
}
} else {
die("Error updating record: " . $conn->error);
}
I am trying to take the value of the topay column where torecieve equals to current session user id and use it to perform operation on the user table.
But it throws a syntax error
<?php
session_start();
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "bazze2";
// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
$merge = "SELECT topay FROM merge WHERE torecieve=$_SESSION[id]";
$sql = "UPDATE user SET topay2='10000000' WHERE 'id'=$merge";
if ($conn->query($sql) === TRUE) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $conn->error;
}
$conn->close();
?>
Use a prepared query, and use a join.
$sql = "UPDATE user AS u
JOIN merge AS m ON u.id = m.topay
SET u.topay2 = '10000000'
WHERE m.toreceive = ?";
$stmt = $conn->prepare($sql);
$stmt->bind_param('i', $_SESSION['id']);
if ($stmt->execute()) {
echo "Record updated successfully";
} else {
echo "Error updating record: " . $stmt->error;
}
I want to do a query to get the last id (int) in a table to create a new row with that last id + 1 but actually this just put all rows with the same id
my code:
<?php
$servername = "localhost";
$user = "root";
$pass = "dbpass";
$dbname = "site";
$mail = $_POST['mail'];
$password = $_POST['password'];
// Create connection
$conn = mysqli_connect($servername, $user, $pass, $dbname);
// Check connection
if (!$conn) {
die("Connection failed: " . mysqli_connect_error());
}
$sqlID = "SELECT MAX(id) FROM `login`;";
if ($result = mysqli_query($conn, $sqlID)) {
$id = mysqli_fetch_row($result);
}
settype($id, "int");
$id = $id + 1;
$sql = "INSERT INTO login (`id`,`mail`,`password`)
VALUES ('".$id."','".$mail."','".$password."');";
if (mysqli_query($conn, $sql)) {
echo "New record created successfully";
} else {
echo "Error: " . $sql . "<br>" . mysqli_error($conn);
}
mysqli_close($conn);
?>
mysqli_fetch_row returns always an array, also if there is only 1 element. So the MAX(id) in in $row[0].
Fixing this, you also don't need to use settype.
If your id is autoincrement, change this:
$sql = "INSERT INTO login (`id`,`mail`,`password`)
VALUES ('".$id."','".$mail."','".$password."');";
to:
$sql = "INSERT INTO login (`mail`,`password`)
VALUES ('".$mail."','".$password."');";
Then get rid of all code from $sqlID to $id + 1; (for tidyness)
I've been looking around stackoverflow and wasn't able to ever find a way that'd actually work. I have a simple php application
//Database credentials
$servername = "localhost";
$username = "root";
$password = "password";
$database = "database";
// Create connection to database
$db = new mysqli($servername, $username, $password, $database);
// Check connection for errors
if ($db->connect_error) {
die("<h1>Connection to database failed: " . $db->connect_error) . "</h1>";
};
$username = $json['statuses'][0]['user']['screen_name'];
$userid = $json['statuses'][0]['user']['id_str'];
$sql = "SELECT * FROM log WHERE userid='" . $userid . "' LIMIT 1";
if ($db->query($sql)->num_rows > 0) {
echo "<h4>This user already exists</h4>";
} else {
//Put the userid into the database
$sql = "INSERT INTO log (userid) VALUES ('" . $userid . "')";
if ($db->query($sql) === TRUE) {
echo "<h4>Added " . $username . " to the database</h4>";
} else {
echo "Error: " . $sql . "<br>" . $db->error;
}
}
Currently it seems to be hit or miss. It'll work sometimes, other times a record will exist, and it'll still insert the userid again creating duplicates.
Like said #tadman Your code is BAD. Data from variable $json is directly inserted into query - this is not good...
Simple test:
I set :
$userid = "111111111a";
query:
$sql = "SELECT * FROM log WHERE userid='111111111a' LIMIT 1";
return TRUE because, this user doesn't exists in db,
or
$userID ='111111111\' OR \'1=1';
query:
$sql = "SELECT * FROM log WHERE userid='111111111' OR '1=1' LIMIT 1";
return TRUE because 1=1 is always true.
If column userid is INT type, $userid value is converted to 111111111 and inserted into log table