Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 8 years ago.
Improve this question
I have a bit of a problem with a script I'm writing.
$sql ="UPDATE users SET adagio = 1 WHERE username = '$_SESSION[username]'";
The main problem here is that, while I've tested that
this part of the code will run
I've successfully connected to the correct server
3) $_SESSION[username] gives me the the correct username,
the database isn't updated when I run the code. adagio is a boolean (well, a tinybit, really), and I've uploaded my phpMyAdmin screen of the database here:
(http://imgur.com/HUFdx0p)
I'm not entirely sure why it isn't working, and although I've searched online and found similar threads, there wasn't a fix in any thread that worked for me. I'm wondering if one of you could possibly see what I'm doing wrong here?
Edit extra:
if(($_POST['adagio']) == 1){
$sql ="UPDATE users SET adagio = 1 WHERE username = '$_SESSION[username]'";
}
$_SESSION[username] is almost certainly a string so it must be in quotes:
$sql ="UPDATE users SET adagio = 1 WHERE username = '$_SESSION[username]'";
FYI, MySQL would be happy to tell you about SQL errors if you check for them. You should be using the appropriate error reporting functions in whatever MySQL library you are using.
Can you try this.
if (1 == $_POST['adagio']) {
$sql = sprintf ( "UPDATE users SET adagio = 1 WHERE username = '%s'", mysql_escape_string($_SESSION['username']) );
}
Related
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 1 year ago.
Improve this question
When I put a number myself the database gets updated to Success but when I try to access the same number from $_POST It complete the transaction but doesn't affect the rows even thought it's using the same number.
Example of a query that works perfectly and updates the database
$sql = "UPDATE `transactions` SET `status` ='Success' WHERE `transactions`.`txn_id` = 65765756";
Example of a query that doesn't work
$sql = "UPDATE `transactions` SET `status` ='Success' WHERE `transactions`.`txn_id` = ".$_POST['m_payment_id'];
First, check what's in the value, and make sure it is the same as what you are manually entering.
var_dump($_POST['m_payment_id'])
Second, the code without any other checks is a SQL injection vulnerability.
You could convert the value into an integer to protect against this, e.g. intval($_POST['m_payment_id'])
Ideally though, you would be using bindings.
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 4 years ago.
Improve this question
$statement = $pdo->prepare("UPDATE config SET (name, value) VALUES(:name, :value) WHERE id = 1");
Hello, i need your Help, i know her is a syntax error but i dont know what is the syntax error.
Can you Help
Separate assignments for the set:
UPDATE config
SET name = :name,
value = :value
WHERE id = 1;
The syntax for UPDATE has not changed in MySQL and has never (to the best of my knowledge) included a VALUES clause. The documentation is pretty clear on the subject. If you don't think the documentation is clear, you can provide feedback on it.
Here is a full code:
$id = 1;
$sql = "UPDATE config SET `name`=?, `value`=? WHERE id=?";
$stmt= $dpo->prepare($sql);
$stmt->execute([$name, $value, $id]);
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 7 years ago.
Improve this question
I believe it has to be simple, but I'm totally green in SQL.
I will include pictures of the database so it will be easier to imagine.
I use it in my PHP code that is accessed by Flash to enter data into the database.
This is my code which doesn't work:
$sql = "SELECT * FROM users
WHERE username = '$username' AND password = '$password'
INSERT INTO users (contactlist) VALUES ('$xmlcontactlist1')";
I want the data from variable $xmlcontaclist1 were entered to 'contactlist' column but to specific User (based on their Name and Password). Somehow when the code was doing something it was creating NEW empty space in the database with just contactlist instead of adding it for each user.
Database Screenshot
Try this one:
$sql = "UPDATE users
SET contactlist = '$xmlcontactlist1'
WHERE username = '$username'
AND password = '$password'";
But this is a bad practice. You can get SQL injections with this code. Read this post here to prevent this: How can I prevent SQL injection in PHP?
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 5 months ago.
Improve this question
I have this code
$SQL = "UPDATE cart SET a = ? WHERE b = ? AND c = ?";
if($stmt2 = mysqli_prepare($conn, $SQL )){
mysqli_stmt_bind_param($stmt2, "iii", $a1, $b1, $c1);
mysqli_stmt_execute($stmt2);
if(mysqli_affected_rows($conn)){
echo "updated";
mysqli_stmt_close($stmt2);
}
else
echo "nope";
}
I was figuring out why above code never work. I have debug every way that I know.
Lastly I delete the if condition. Somehow, it is working. Tried to browse on the internet to figure out what is the cause but did not find any. Can somebody please explain to me why does it happen so?
You should be using
mysqli_stmt_affected_rows($stmt2);
mysqli_stmt::$affected_rows -- mysqli_stmt_affected_rows — Returns the total number of rows changed, deleted, or inserted by the last executed statement
Instead of
mysqli_affected_rows($conn);
which is for plain query executions.
Manual
Edit
I just noticed that your question title mentions the right function name, and your code uses the wrong one.
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 8 years ago.
Improve this question
I need to insert image row from table 'users2' to 'allbets'. But suddenlly this code don't working and I don't know why.. What is wrong with this?
$q2 = $pdo->prepare('INSERT INTO allbets (image) SELECT users2.image FROM users2 WHERE username = ?');
$q2->bindValue(1, $_SESSION['name']);
$q2 -> execute();
This code did not suddenly stop working, it never could have worked with its present query syntax. Change the query to this -
$q2 = $pdo -> prepare('INSERT INTO allbets (user, bet, komanda, teams, cof, data, image) VALUES ($user, $bet, $komanda, $teams, $cof, $data, (SELECT `users2`.`image` FROM `users2` WHERE `username` = ?));
Do yourself a service and error checking to your PHP code and to your PDO. This will let you know where to look when errors occur.