I tried to update a MySQL database table (online) with a php function, but everytime that i click on "button update" it answers me:
Could not update data: Unknown column '$username' in 'where clause'
can somebody help me with this error or only suggest me the correct way to resolve it?
here is it the code:
<html>
<head>
<title>Update Name of my_table in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['update']))
{
$dbhost = 'localhost';
$dbuser = 'dbuser';
$dbpass = 'dbpassword';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$username = $_POST['username'];
$name = $_POST['name'];
$sql = 'UPDATE tbl_user SET name = $name WHERE username = $username';
mysql_select_db('my_table');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}
else
{
?>
<form method="post" action="<?php $_PHP_SELF ?>">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="100">Usrename</td>
<td><input name="username" type="text" id="username"></td>
</tr>
<tr>
<td width="100">Name</td>
<td><input name="name" type="text" id="name"></td>
</tr>
<tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="update" type="submit" id="update" value="Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>
and here is it my_table columns:
id | username | password | email | name
Chane this line of query You missing single quete around your variable.
$sql = 'UPDATE tbl_user SET name = $name WHERE username = $username';
to this
$sql = "UPDATE tbl_user SET name = '$name' WHERE username = '$username'";
$sql="UPDATE tbl_user SET name = '".$name."' WHERE username = '".$username."'"
There is matter of quotes i think so this will work better because name and username fields contain string. concating string is better solution when you work with string
Related
<html>
<head>
<title>Add New Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['add'])) {
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = 'password';
$conn = mysqli_connect($dbhost, $dbuser, $dbpass);
if(! $conn ) {
die('Could not connect: ' . mysql_error());
}
if(! get_magic_quotes_gpc() ) {
$emp_name = addslashes ($_POST['emp_name']);
$emp_address = addslashes ($_POST['emp_address']);
}else {
$emp_name = $_POST['emp_name'];
$emp_address = $_POST['emp_address'];
}
$emp_salary = $_POST['emp_salary'];
$sql = "insert into employee(emp_name,emp_address, emp_salary)values('$emp_name','$emp_address','$emp_salary')";
mysqli_select_db($conn,"test_db");
$retval = mysqli_query($conn,$sql);
if(!$retval) {
die('Could not enter data: ' . mysql_error());
}
echo "Entered data successfully\n";
mysql_close($conn);
}else {
?>
<form method = "post" action = "<?php $_PHP_SELF ?>">
<table width = "400" border = "0" cellspacing = "1"
cellpadding = "2">
<tr>
<td width = "100">Employee Name</td>
<td><input name = "emp_name" type = "text"
id = "emp_name"></td>
</tr>
<tr>
<td width = "100">Employee Address</td>
<td><input name = "emp_address" type = "text"
id = "emp_address"></td>
</tr>
<tr>
<td width = "100">Employee Salary</td>
<td><input name = "emp_salary" type = "text"
id = "emp_salary"></td>
</tr>
<tr>
<td width = "100"> </td>
<td> </td>
</tr>
<tr>
<td width = "100"> </td>
<td>
<input name = "add" type = "submit" id = "add"
value = "Add Employee">
</td>
</tr>
</table>
</form>
<?php
}
?>
when I am trying to enter the value and pressing the submit button at this time I am not getting any error but I cannot be able to enter the value in database.
The problem is I am getting text as "Could not enter data: Table 'employee' is read only".Can anyone please help me to sort out this problem ?
I have created the database (test_db) and table (employee ) in wamp server.
Your problem is solved. Even though, I will strongly recommend you to use Prepared Statements, otherwise your code is open for SQL injection and possible quoting issues.
You're mixing mysql and mysqli. Stop it. Since you're using mysqli,
take advantage of prepared statements and bind_param, otherwise you're
open for SQL injection and possible quoting issues. – #aynber
Changes
Change die('Could not connect: ' . mysql_error()); To die('Could not connect: ' . mysqli_connect_error());
Change mysql_close($conn); To mysqli_close($conn);
Change action = "<?php $_PHP_SELF ?>" To action = "<?php echo $_SERVER['PHP_SELF']; ?>"
Use Prepared Statements.
Updated Code
<html>
<head>
<title>Add New Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['add'])) {
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = 'password';
$db = "test_db";
$conn = mysqli_connect($dbhost, $dbuser, $dbpass, $db);
if(! $conn ) {
die('Could not connect: ' . mysqli_connect_error());
}
$stmt = mysqli_prepare($conn, "INSERT INTO employee(emp_name,emp_address, emp_salary) VALUES (?, ?, ?)");
mysqli_stmt_bind_param($stmt, 'sss', $_POST['emp_name'], $_POST['emp_address'], $_POST['emp_salary']);
if(!mysqli_stmt_execute($stmt)) {
die('Could not enter data: ' . mysqli_error($conn));
}
echo "Entered data successfully\n";
mysqli_close($conn);
} else {
?>
<form method = "post" action = "<?php echo $_SERVER['PHP_SELF']; ?>">
<table width = "400" border = "0" cellspacing = "1" cellpadding = "2">
<tr>
<td width = "100">Employee Name</td>
<td><input name = "emp_name" type = "text" id = "emp_name"></td>
</tr>
<tr>
<td width = "100">Employee Address</td>
<td><input name = "emp_address" type = "text" id = "emp_address"></td>
</tr>
<tr>
<td width = "100">Employee Salary</td>
<td><input name = "emp_salary" type = "text" id = "emp_salary"></td>
</tr>
<tr>
<td width = "100"> </td>
<td> </td>
</tr>
<tr>
<td width = "100"> </td>
<td><input name = "add" type = "submit" id = "add" value = "Add Employee"></td>
</tr>
</table>
</form>
<?php
}
?>
Quick Look
mysqli_stmt_bind_param
PHP_SELF
Table is 'read only' : [Solved]
I'm sure you user is not granted to enter data into you table
Please edit schema_name, and execute query on you DB:
GRANT ALL ON TABLE schema_name.employee TO root;
Also you can try without schema:
GRANT ALL ON TABLE employee TO root;
I'm trying to have a form to update a table in my SQL database but I'm getting this error
If my Client ID field has "7020" as the value and the Proof field as "test" I get this error: Could not update data: Unknown column 'test' in 'field list'
</head>
<body>
<?php
if(isset($_POST['update']))
{
$dbhost = 'xxxxxxxx';
$dbuser = 'xxxxx';
$dbpass = 'xxxxxxxxxxxxxxxxxxxxxxxx';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$clientid = $_POST['clientid'];
$proof = $_POST['proof'];
$sql = "UPDATE penalties ". "SET Proof = $proof " ."WHERE client_id = $clientid AND type='ban'";
mysql_select_db('b3bot');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}
else
{
?>
<form method="post" action="<?php $_PHP_SELF ?>">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="100">Client ID</td>
<td><input name="clientid" type="text" id="clientid"></td>
</tr>
<tr>
<td width="100">Proof</td>
<td><input name="proof" type="text" id="proof"></td>
</tr>
<tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="update" type="submit" id="update" value="Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>
The sql query you are trying to execute should be wrong. As I see, the query right now looks like:
UPDATE penalties SET Proof = sth WHERE client_id = test AND type='ban'
should be like:
UPDATE penalties SET Proof = 'sth' WHERE client_id = 'test' AND type='ban'
(note the quotes)
I have a simple MYSQL DB where field_3 is a varchar Key value. I am trying to update database posting to two TIME fields called start and end.
However I keep getting this error
Notice: Undefined variable: empd_end in C:\xampp\htdocs\b1\update.php on line 25
Could not update data: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ':12:00, end = WHERE field_3 = Berkay_Sebat#yahoo.com' at line 1
<html>
<head>
<title>Update a Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['update']))
{
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = 'root';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$emp_id = $_POST['emp_id'];
$emp_salary = $_POST['emp_salary'];
$emp_end= $_POST['emp_end'];
$sql = "UPDATE usezas ".
"SET start = $emp_salary, end = $empd_end".
"WHERE field_3 = $emp_id" ;
mysql_select_db('db1');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}
else
{
?>
<form method="post" action="<?php $_PHP_SELF ?>">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="100">EMAIL</td>
<td><input name="emp_id" type="text" id="emp_id"></td>
</tr>
<tr>
<td width="100">Start TIME</td>
<td><input name="emp_salary" type="text" id="emp_salary"></td>
</tr>
<tr>
<td width="100">END TIME</td>
<td><input name="emp_end" type="text" id="emp_end"></td>
</tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="update" type="submit" id="update" value="Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>
You are missing a space after the value of end also, you will need to wrap your variables with a quotes like the query below.
$sql = "UPDATE usezas ".
"SET start = '$emp_salary', end = '$empd_end' ".
"WHERE field_3 = $emp_id" ;
However, your code is vulnerable to SQL injections. You sure prepare your query and should be using either PDO or MySQLi extensions not the old mysql_query extension.
you need to put your php vals to ''
$sql = "UPDATE usezas ".
"SET start = '$emp_salary', end = '$empd_end'".
" WHERE field_3 = '$emp_id'" ;
everyone.
I have a problem with updating value into database.
Now, I have $SumTotal as a PHP variable. I want to update value in database by using value in $SumTotal.
I try it but it doesn't work. The value in database is 0.
here is my code
$strSQL3 = "UPDATE OrderCustomer SET TotalPrice = '".$SumTotal."' WHERE OrderCustomerID = '".$_SESSION["OrderCustomerID"]."' ";
Thank you very much.
Try using this code, this code should work for you.
{
$dbhost = 'localhost:3036';
$dbuser = 'root';
$dbpass = 'rootpassword';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$SumTotal="**Some value**";
//**QUERY**
$strSQL3= "UPDATE OrderCustomer".
"SET Totalprice= $SumTotal".
"WHERE emp_id = $emp_id" ;
mysql_select_db('test_db');
$retval = mysql_query( $strSQL3, $conn );
if(! $retval )
{
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}
First of all, I would make sure that $SumTotal and $_SESSION['OrderCustomerID'] are equal to what they are meant to be equal to.
I would do something like: echo "$SumTotal"; and echo $_SESSION['OrderCustomerID']; to check these variables.
Then, you could do the following:
Make sure that the database is actually selected (to select the database in your query, you can use UPDATE databasename.table (where table is equal to OrderCustomer in your case)
Check for errors in your query by adding or die(mysql_error()); to the end of your query.
Use the following at the very top of your PHP document to show all errors that have occurred: https://stackoverflow.com/a/6575502/3593228.
In addition to this, make sure that your query is actually being executed.
You can do this by using the mysql_query function as follows:
$strSQL3 = mysql_query("UPDATE databasename.OrderCustomer SET TotalPrice = '$SumTotal' WHERE OrderCustomerID = '" . $_SESSION["OrderCustomerID"] . "'");
Also, before someone beats me to it, you should be using PDO or MySQL Improved, yada yada yada.
You can have a look at this piece of code.
This will definitely work, i have tried this personally.
Edit: (Pulled from link)
<html>
<head>
<title>Update a Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['update']))
{
$dbhost = 'localhost:3036';
$dbuser = 'root';
$dbpass = 'rootpassword';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$emp_id = $_POST['emp_id'];
$emp_salary = $_POST['emp_salary'];
$sql = "UPDATE employee ".
"SET emp_salary = $emp_salary ".
"WHERE emp_id = $emp_id" ;
mysql_select_db('test_db');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}
else
{
?>
<form method="post" action="<?php $_PHP_SELF ?>">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="100">Employee ID</td>
<td><input name="emp_id" type="text" id="emp_id"></td>
</tr>
<tr>
<td width="100">Employee Salary</td>
<td><input name="emp_salary" type="text" id="emp_salary"></td>
</tr>
<tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="update" type="submit" id="update" value="Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>
I am trying to delete information from a database via a php script but am am getting an error.
When we enter the employee ID, the ID should be deleted. However, it doesn't delete and I get an error.
<html>
<head>
<title>Delete a Record from MySQL Database</title>
</head>
<body>
<?php
if (isset($_POST['delete'])) {
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = '';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if (!$conn) {
die('Could not connect: ' . mysql_error());
}
$emp_id = $_POST['emp_id'];
$sql = "DELETE employee " .
"WHERE emp_id = $emp_id";
mysql_select_db('test');
$retval = mysql_query($sql, $conn);
if (!$retval) {
die('Could not delete data: ' . mysql_error());
}
echo "Deleted data successfully\n";
mysql_close($conn);
} else { ?>
<form method="post" action="<?php $_PHP_SELF ?>">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="100">Employee ID</td>
<td><input name="emp_id" type="text" id="emp_id"></td>
</tr>
<tr>
<td width="100"></td>
<td></td>
</tr>
<tr>
<td width="100"></td>
<td>
<input name="delete" type="submit" id="delete"
value="Delete">
</td>
</tr>
</table>
</form>
<?php } ?>
</body>
The error I get is:
Could not delete data: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE emp_id = 1' at line 1
The right syntax is here: http://dev.mysql.com/doc/refman/5.0/en/delete.html
You need to say delete from
$sql = "DELETE **from** employee ".
"WHERE emp_id = $emp_id" ;
It should be
$sql = "DELETE from employee ".
"WHERE emp_id = $emp_id" ;
Your query is DELETE EMPLOYEE
What you need is DELETE FROM EMPLOYEE, that should do if the table structure is normal.
It's just a syntax error!
Look, you don't want to DELETE ALL the table employee, but just one line where emp_id = $emp_id"
So that's why you need to say that you want to DELETE FROM the TABLE employee, all the rows where emp_id = $emp_id" !