I am using php and mysql to update rows in my DB. I have 4 update statements in a row, yet only the last one works. I have confirmed that the statements work if they are used alone, but when I have them executed one after another only the last one executed works. I am receiving no error messages. Any help? Thanks!
$sql = "UPDATE comlog SET name='$name1', message='$message1' WHERE id=1";
$sql = "UPDATE comlog SET name='$name2', message='$message2' WHERE id=2";
$sql = "UPDATE comlog SET name='$name3', message='$message3' WHERE id=3";
$sql = "UPDATE comlog SET name='$name', message='$message' WHERE id=4";
In the above code, only the row with id 4 is being updated.
The answer is simple.
You are declaring the same variable for EACH sql string.
You need to declare it something like:
$sql1 = "";
$sql2 = "";
$sql3 = "";
$sql4 = "";
Related
$query = "UPDATE INTO Sanctions SET (idNumber, lastName,firstName, section,sanction,expireDate) VALUES('$idNumber','$lastName', '$firstName','$section','$sanction', '$dueDate') WHERE id= '$id'";
Wrong
$query = "UPDATE INTO Sanctions
SET (idNumber, lastName,firstName, section,sanction,expireDate)
VALUES('$idNumber','$lastName', '$firstName','$section','$sanction', '$dueDate')
WHERE id= '$id'";
Correct way:
$query = "UPDATE Sanctions
SET idNumber = '{$idNumber}',
lastName = '{$lastName}', ....
WHERE id = '{$id}'";
The INTO command is not valid for UPDATE query. You need to assign the table equals to (=) values for every column you want to edit.
Notes:
These query are not well secured, please use prepared statement insted. :)
I can update my database using the following code:
$id = 1;
$client = 3456;
$sql = "UPDATE production SET client=$client WHERE id=$id";
However, if the $client variable is a text string (instead of numeric), it won't work.
$id = 1;
$client = "some text";
$sql = "UPDATE production SET client=$client WHERE id=$id";
The client field in my database is VARCHAR with a limit of 50 characters. Is there anything obvious I'm overlooking?
Add single or double quotes at start and end of string to make is string in mysql query.
Replace
$sql = "UPDATE production SET client=$client WHERE id=$id";
With
$sql = "UPDATE production SET client='$client' WHERE id=$id";
The above can break if there is single quote in string so you can use addslashes to value.
Try
$sql = "UPDATE production SET client='".addslashes($client)."' WHERE id=$id";
Note:
There are SQL injection possibilities in above query. Please try to use prepare query to prevent SQL injections
add single quotes in query while you pass the string like this,
$sql = "UPDATE production SET client='$client' WHERE id=$id";
So besides the DB connector that I haven't included what could cause me to get this error?
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'UPDATE EventData SET deviceID = "631403956MB21" WHERE deviceID = "4631403956MB' at line 1"
This is my php mysqli multi query.
$sql = "UPDATE Device SET deviceID = \"631403956MB21\" WHERE
deviceID = \"4631403956MB2\" ";
$sql .= "UPDATE EventData SET deviceID = \"631403956MB21\" WHERE
deviceID = \"4631403956MB2\" ";
$sql .= "UPDATE NotifyQueue SET deviceID = \"631403956MB21\" WHERE
deviceID = \"4631403956MB2\" ";
$sql .= "UPDATE RuleTrigger SET deviceID = \"631403956MB21\" WHERE
deviceID = \"4631403956MB2\" ";
$sql .= "UPDATE RuleList SET deviceID = \"631403956MB21\" WHERE
deviceID = \"4631403956MB2\" ";
$result = mysqli_multi_query($db, $sql);
if ($result) {
echo 'true';
} else {
echo 'false';
echo mysqli_error($db);
}
mysqli_close($db);
Thanks,
Mike
Disable auto commit when inserting/updating multiple queries and use a loop:
$mysqli = dbConnect(); // Connect with database
$mysqli->autocommit(FALSE); // Set autocommit off
// You can prepare and bind outside the foreach loop, so you don't
// have to write and bind each query individually.
$sql = "UPDATE RuleList SET deviceID = ? WHERE deviceID = ?";
$stmt = $mysqli->prepare($sql);
$stmt->bind_param('ii', $deviceID1, $deviceID2);
foreach($ids as $id):
$deviceId1 = $id;
$stmt->execute();
endforeach;
$stmt->close();
$mysqli->commit(); // Commit all queries
$mysqli->close();
The above is an example
Correct query:
UPDATE Device SET deviceID = '631403956MB21' WHERE deviceID = '4631403956MB2';
UPDATE EventData SET deviceID = '631403956MB21' WHERE deviceID = '4631403956MB2';
...
So, finally, you did not assign ";" at the end of each query. You assign only one ";" at the end of php code.
$sql = "UPDATE Device SET deviceID = \"631403956MB21\" WHERE
deviceID = \"4631403956MB2\" ";
$sql .= "UPDATE EventData SET deviceID = \"631403956MB21\" WHERE
deviceID = \"4631403956MB2\" ";
...
↓↓↓
$sql = "UPDATE Device SET deviceID = '631403956MB21' WHERE
deviceID = '4631403956MB2'; ";
$sql .= "UPDATE EventData SET deviceID = '631403956MB21' WHERE
deviceID = '4631403956MB2'; ";
...
Please try and hope it helps.
you should not have multiple UPDATE clauses in the same query. You're attempting to use mysqli_multi_query but you need to separate your queries with a semi-colon:
First create an array:
$queries = [
"UPDATE Device...",
"UPDATE EventData...",
"UPDATE NotifyQueue...",
];
From there you have two options. First is to loop through and execute the queries one at a time
foreach($queries as $sql):
$result = mysqli_query($db, $sql);
...
endforeach;
This isn't a great idea though because it requires many trips to the DB. The better option is what you're actually trying to do: execute a multi-query statement
$multi_query = implode('; ',$queries);
mysqli_multi_query($db, $multi_query);
...
Important Note
multi_query does not use prepared statements, so if you're not careful, you will be vulnerable to SQL-injection attacks. With this approach, be sure to escape your strings and to cast all numerical values as numbers (eg: $var = (int)$var) before you include them in the queries.
By the way, I notice that you're making the same change in deviceID on multiple tables. This may be a sign that your architecture is poorly designed. If you have InnoDB tables, you can use primary and foreign keys to indicate that deviceID in the EventData, NotifyQueue... tables is a foreign key linked to the primary key in the Device table. Then if you set changes to cascade on update, all you would need to do is change the ID in the Device table and the DB will take care of changing it everywhere else. Here is a quick intro to the concept.
I have a variable $id which gives me the id of the current article and this can help me to make an update query in my database on current article.
This is my code:
$vizualizari = $current_views+1;
$sql1= "UPDATE detalii_cantari SET viz = viz WHERE id = {$id};";
$q1 = $dbh->prepare($sql1);
$q1->execute(array(':viz'=>$vizualizari));
I don't get any errors but my code is still not working...
Your correct code is here:
$vizualizari = $current_views+1;
$sql1= "UPDATE detalii_cantari SET viz = :viz WHERE id = {$id}";
$q1 = $dbh->prepare($sql1);
$q1->execute(array(':viz'=>$vizualizari));
; from the end of sql is not needed here and viz = viz must become viz = :viz because of PDO.
It seems you have to get rid of the previous query and make it in a single statement
$sql = "UPDATE detalii_cantari SET viz = viz + 1 WHERE id = ?";
$stm = $dbh->prepare($sql);
$stm->execute(array($id));
I'm trying to create a function for my forum that will increment my user's "Posts" attribute by 1. For whatever reason, the following PHP does not work.
function postCountIncrease($username) {
//get the connection variable
global $con;
//change to the users database (this function works correctly)
sqlconnect_users();
//get current post number (this is also working)
$getCurrentPosts = "SELECT Posts\n"
. "FROM users\n"
. "WHERE Username='".$username."'";
$query1 = mysqli_query($con, $getCurrentPosts) or die(mysqli_error($con));
$currentPosts = mysqli_fetch_array($query1);
//here is the problematic post. Assume that $username is a valid value, and that I've already done mysqli_real_escape_string() on it
$incrementPostsQuery = "UPDATE users.users SET Posts=". $currentPosts[0]+1 ." WHERE Username='". $username ."'";
$query2 = mysqli_query($con, $incrementPostsQuery) or die(mysqli_error($con));
//return the result
$result = mysqli_fetch_array($query2);
return $result;
}
I honestly don't see what I'm doing wrong, because the SQL works fine. If I use UPDATE users.users SET Posts=1 WHERE Username='Lampitosgames' in the console, it works with no errors. Help is much appriciated. Also, here is the error it is throwing at me:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1 WHERE Username='Lampitosgames''
You can not concatenate that way "toto ".$var+1, you have to surround with brackets "toto ".($var+1)
In your case, this is declaration of var $incrementPostsQuery which fails
Look at your errors, your syntax is off
$getCurrentPosts = "SELECT Posts
FROM users
WHERE Username='$username'";
The error is in the building of your query.
$incrementPostsQuery = "UPDATE users.users SET Posts=". $currentPosts[0]+1 ." WHERE Username='". $username ."'";
I'll suggest you some tips to create query like this:
"update table set field = value"; // you can write the value directly
"update table set field = ". $value; // easy
"update table set field = ". ($a+$b); // ...
"update table set field = {$value}"; // you can add a variable with curly braces
"update table set field = {$va[3]}"; // more compless way
"update table set field = {$a->b}"; // an object field