Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 8 years ago.
Improve this question
I want to store my JSON string into database but when i give json string it is not working but when i give simple value it work
this is what i am doing
// $data contain json string
// info is a TEXT type in mysql
$q = "Update user set info = $data where userid = $id";
$sql= $this->db->query($q);
You should really check your error log or enable display_errors to see where the query is failing, but my guess is you probably just need to wrap the data field in quotes. Try this:
// $data contain json string
// info is a TEXT type in mysql
$q = "Update user set info = '$data' where userid = $id";
$sql= $this->db->query($q)
You are missing the quotes around $data and $id. And you need to close the string before concatenating variables, like this:
$q = "Update user set info = '". $data."' where userid = '". $id."'";
$sql= $this->db->query($q);
Related
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 1 year ago.
Improve this question
Why is this working:
$sql_query = "SELECT * FROM Content WHERE id IN (1,5,7,9)";
But this isn't:
$array_values = "1,5,7,9";
$sql_query = "SELECT * FROM Content WHERE id IN ('$array_values')";
I want to select data from the database based on the integers in the $array_values string.
How can I do it?
because there are ` s in your code here
$sql_query = "SELECT * FROM Content WHERE id IN ('$array_values')";
use :
$sql_query = "SELECT * FROM Content WHERE id IN ( $array_values )";
or
$sql_query = "SELECT * FROM Content WHERE id IN (".$array_values.")";
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 2 years ago.
Improve this question
I am attempting to create an autofill info button that retrieves the last inserted information from MySQL and coupled with a $_GET autofills the page with the latest update. I am able to insert and update the data base just fine however upon retrieval of the information my variables remain empty.
I have verified the project-fill button is being posted. I also didnt get any error when checking the query's.
below is a snippet of the section that isnt working. It prints my header but the variables remain empty.
Apologies for sloppy code pretty green.
if(isset($_POST['project-fill'])) {
require "dbh.inc.php";
//select the last inserted row the one with the highest id
$proj1 = mysqli_query($conn, "SELECT * FROM updates WHERE id = MAX");
$proj2 = mysqli_query($conn, "SELECT * FROM updates WHERE id = MAX");
$proj3 = mysqli_query($conn, "SELECT * FROM updates WHERE id = MAX");
//select the column out of that row
$result1 = mysqli_fetch_row($proj1['Project1']);
$result2 = mysqli_fetch_row($proj2['Project2']);
$result3 = mysqli_fetch_row($proj3['Project3']);
//transfer to project variable
$project1 = $result1;
$project2 = $result2;
$project3 = $result3;
//print header to allow for the $_GET method on the project page
header (Location: ../update.php?update=sucessful&p1=".$project1."&p2=".$project2."&p3="$.project3);
}
This is not the correct way to fetch a row from a result:
$result1 = mysqli_fetch_row($proj1['Project1']);
$proj1 is a mysqli_result object, not an array, so you can't subscript it. You need to pass the object to mysqli_fetch_assoc(), and it returns an associative array with an element for each column.
$proj = mysqli_query($conn, "
SELECT Project1, Project2, Project3
FROM updates
ORDER BY id DESC
LIMIT 1");
$row = mysqli_fetch_assoc($proj);
$project1 = $row['Project1'];
$project2 = $row['Project2'];
$project3 = $row['Project3'];
You don't need to query 3 times to fetch different columns from the same row.
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 7 years ago.
Improve this question
I have an SQL piece of code that every time a user inserts a name creates a new column with the name (and this part works fine). I also want it to add a row to that column with the respective comment given by the user. I don't see why this add row statement won't work.
$value = mysql_real_escape_string($_POST['name']);
$comment = mysql_real_escape_string($_POST['comment']);
$add = mysql_query("ALTER TABLE Names ADD $value Text NOT NULL");
$sql = mysql_query("INSERT INTO Names VALUES $comment");
Try with
$sql = mysql_query("INSERT INTO Names (`$value`) VALUES ('$comment')") or die(mysql_error());
You need to specify the column list.
Ideally you should start using PDO or an ORM to be able to work and debug easier
Try this:
$value = mysqli_real_escape_string($db, $_POST['name']);
$comment = mysqli_real_escape_string($db, $_POST['comment']);
$add = mysqli_query($db, "ALTER TABLE Names ADD '{$value}' Text NOT NULL");
$sql = mysqli_query($db, "INSERT INTO Names({$value}) VALUES('{$comment}')");
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 8 years ago.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Improve this question
I'm trying to do in-place editing way in my site.
Now I set up all the things I need.
When the user clicks Submit, it will send the id of the div element (what kind of content) and the new value to update.
Here's my code:
if($pedit = $mysqli->prepare("UPDATE `accounts` SET ? = ? WHERE `id`= ? ")){
$pedit->bind_param("sss", $id, $value, $_SESSION["user_id"]);
$pedit->execute();
$pedit->free_result();
$pedit->close();
}
I don't know why it doesn't update the information.
$id = the row that change: description, fullname, email etc.
$value = the new information about $id. User can update his profile information.
The code doesn't show me any kind of error but still doesn't update.
You can't specify a column name as a parameter in a prepared statement. You'll instead have to substitute column names into the statement before preparing it. Don't forget to whitelist editable column names to make sure no unwanted SQL gets executed.
<?php
$accounts_editable_cols = array(
'name'=>true, 'street'=>true, 'city'=>true,
'region'=>true, 'postal'=>true, 'phone'=>true
);
// prevent SQL injection by whitelisting column names
if (!array_key_exists($id, $accounts_editable_cols)) return false;
$pedit = $mysqli->prepare("UPDATE `accounts` SET $id = ? WHERE `id`= ? ")
if ($pedit) {
$pedit->bind_param("ss", $value, $_SESSION["user_id"]);
$pedit->execute();
$pedit->free_result();
$pedit->close();
}
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 9 years ago.
Improve this question
Ok so i store the column i want to update in side a variable so i need to put the variable in side the main query i try and do it like so
$sqlltyryrt = "UPDATE user_items SET :fggdgdf = :fggdgdf +1 WHERE username=?";
$qqqqq = $db->prepare($sqlltyryrt);
$qqqqq->execute(array('fggdgdf'=>$fggdgdf),$_SESSION['username']);
I have searched for an answer and have found a thread here on the site doing the same:
Using a passed variable in a query using PDO (Oct 2011; by Don S)
$sqlltyryrt = "UPDATE user_items SET :fggdgdf = :fggdgdf +1 WHERE username=?";
$qqqqq = $db->prepare($sqlltyryrt);
$qqqqq->execute(array('fggdgdf'=>$fggdgdf),$_SESSION['username']);
You can't bind the names of columns; so that isn't going to work. There's no way to use a bound variable for a column or table name, so the only way to do this is to actually interpolate the variables into the string:
$sqlltyryrt = "UPDATE user_items SET $fggdgdf = $fggdgdf +1 WHERE username=?";
$qqqqq = $db->prepare($sqlltyryrt);
$qqqqq->execute(array($_SESSION['username']));
But you need to be very sure that you've sanitized the variables, else you're open to SQL injection. You can use whitelisting for this, as you should be able to generate an array of possible column names and can check that the variables are present in that array.
But the fact that you're trying to bind the names of comments implies that your database design could do with looking at.