I'm working with MySQLi and I wanted now I made a form to edit some entries in the database and of course I want to update the data in the database. But for some reason nothing happen. No error either.. I allready used var_dump to see if the php script is getting the data from the form, works fine.
Maybe someone can find any mistakes at the update code.
$con->query("UPDATE anime SET
epcount = '".$eps."',
original_title = '".$otitle."',
japan_title = '".$jtitle."',
english_title = '".$etitle."',
genres = '".$genres."',
studio = '".$studio."',
season = '".$season."',
year = '".$year."',
state = '".$status."',
type = '".$type."',
manifestations = '".$manif."',
trailer = '".$trailer."',
description = '".$des."' WHERE id = '$animeId");
The problem in the last line
$con->query("UPDATE anime SET
epcount = '".$eps."',
original_title = '".$otitle."',
japan_title = '".$jtitle."',
english_title = '".$etitle."',
genres = '".$genres."',
studio = '".$studio."',
season = '".$season."',
year = '".$year."',
state = '".$status."',
type = '".$type."',
manifestations = '".$manif."',
trailer = '".$trailer."',
description = '".$des."' WHERE id = '".$animeId."'");
Also making the query in this style is a bad practice
Related
I am writing a Php 5 and Mysql 5 page counter script. When a student having id as 'visitorid' visits a page having id 'pageid' (both int(11)) the page counter tries to log the visit in 'visitors' database. But counter is not updating in mysql db, instead the visit_counter int(4) turns to 0.Whats wrong with my code? visitdate is datetime.
<?php
$pageid = 101;
$visitorid = 234;
$sql = "SELECT * FROM visitors
WHERE pageid = ".$pageid."
AND visitorid = ".$visitorid;
$temp = mysql_query($sql) or die("Error 1.<br>".mysql_error());
$data = mysql_fetch_array($temp);
// visit_counter is a field in table
if(($data['visit_counter']) != NULL){
echo "Entery exists <br>";
// Tried below version also
$visit = " SET visit_counter = visit_counter+1";
//$visit_counter = $data['visit_counter'];
//$visit = " SET visit_counter = ".$visit_counter++ ;
// Valid SQL
// UPDATE `visitors`
// SET visit_counter = visit_counter+1
// WHERE pageid = 101 and visitorid=234
// This manual sql query updates in phpmyadmin
$sql = "UPDATE visitors ".$visit."
AND visitdate = NOW()
WHERE pageid = ".$pageid."
AND visitorid = ".$visitorid;
$temp = mysql_query($sql) or die("ERROR 3.<br>".mysql_error());
//No error is displayed on above query.
} else {
//first entry
$visit_count = "1";
$sql = "INSERT INTO visitors
(`pageid`,`visitorid`, `visitdate`, `visit_counter`)
VALUES ('".$pageid."','".$visitorid."', NOW(), '".$visit_count."')";
$temp = mysql_query($sql);
//first entry is inserted successfully
//and visit_counter shows 1 as entry.
}
?>
Can anyone tell me whats wrong with this code?
Oh! I got answer by myself. Sometimes just little errors make us go crazy..
I made a mistake in udate query.. rather than using and I should have user a comma instead. .. working well now!
im busy trying to set multiple fields in my DB and it is not working for some reason. Can you take a look and let me know where i have gone wrong? Thank you
<?php
error_reporting('E_ALL');
include 'db_header.php';
$id = $_GET['ID'];
$bronzeTokens = $_GET['bronzeTokens'];
$silverTokens = $_GET['silverTokens'];
$goldTokens = $_GET['goldTokens'];
$platinumTokens = $_GET['platinumTokens'];
$sql = "UPDATE Player SET bronzeTokens = $bronzeTokens, goldTokens = $goldTokens, silverTokens = $silverTokens, platinumTokens = $platinumTokens WHERE ID = $id";
$result = $conn->query($sql);
?>
I don't know why, but for some reason the code below is not working as intended
$SQL = "UPDATE characters SET
name = '$char_name',
status = '$char_status',
gender = $char_gender,
pos.x = $char_posx,
pos.y = $char_posz,
shards = $char_money,
level = $char_level,
exp = $char_exp,
hair = $char_hair,
color.r = $char_color_r,
color.g = $char_color_g,
color.b = $char_color_b,
spawn = $char_spawn
WHERE username = '$nick'";
mysql_query($SQL) or die("ERRORCODE 04 - DB QUERY FAIL");
echo "saved";
it's always giving me the "ERRORCODE 04.." meaning that the query failed..
FYI: setting pos.y db value to the char_posz is correct as the axes are different from the Form to the actual database
EDIT: code now changed a bit due to some comments, looks now like this:
$SQL = "UPDATE characters SET
name = '$char_name',
status = '$char_status',
gender = $char_gender,
pos_x = $char_posx,
pos_y = $char_posz,
shards = $char_money,
level = $char_level,
exp = $char_exp,
hair = $char_hair,
color_r = $char_color_r,
color_g = $char_color_g,
color_b = $char_color_b,
spawn = $char_spawn
WHERE username = '$nick'";
mysqli_query($dbcon, $SQL) or die(mysqli_error($dbcon));
echo "saved";
this is the error I get:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '
pos_x = ,
pos_y = ,
shards = ,
' at line 4
Try to put single quotes around all variables in the query
I am trying to update a patient's record its saying its complete but its not updating phpmyadmin. When I press save and update button it shows Save was successful. Any Ideas ?
<?php
include 'connect.php';
$id1 = $_POST['PatientID']; //Text box the user searches in
mysql_query("UPDATE PatientRecords SET
PatientID = '".$_POST['PatientID']."',
FirstName = '".$_POST['FirstName']."',
LastName = '".$_POST['LastName']."',
DOB = '".$_POST['DOB']."',
IDNumber1 = '".$_POST['IDNumber1']."',
Medication1 = '".$_POST['Medication1']."',
Medication1Dosage = '".$_POST['Medication1Dosage']."',
IDNumber2 = '".$_POST['IDNumber2']."',
Medication2 = '".$_POST['Medication2']."',
Medication2Dosage = '".$_POST['Medication2Dosage']."',
IDNumber3 = '".$_POST['IDNumber3']."',
Medication3 = '".$_POST['Medication3']."',
Medication3Dosage = '".$_POST['Medication3Dosage']."',
MedicalNotes = '".$_POST['MedicalNotes']."'
WHERE PatientID = '$id1');
echo"Patient Information has been updated successfully";
mysql_close($con);
?>
Your query is wrong to begin with. If you're UPDATING an existing row, leave the VALUES (... out and end the query after WHERE PatientID = '$id1'. If you're INSERTING a new row, use INSERT table (column, column, ...) VALUES (value, value, ...) and don't use WHERE.
I am creating a browser statistics script in PHP.
When PHP finds a match in a table how do I retrieve the row and pull all three fields of the table into separate variables.
My table rows are (browser, version, amount)
so I want to select everything from the TB were
browser = $browser and version = $version.
But when this happens how do I add one to the amount field and resubmit the row. Without altering anything else. Below is the code I have.
$browser_name= "MSIE";
$version = "7";
$query = ("SELECT * FROM $TB
WERE browser = '$browser_name' AND version = '$version'");
$result = mysql_query($query);
$count = mysql_num_rows($result);
if($count == 1)
{
$mysql = ("SELECT * FROM $TB
WERE browser = '$browser_name' AND version = '$version'");
//code to add 1 to amount would be here
}
else
{
//if browser is not detected insert fresh row.
$mysql = "INSERT INTO $TB (browser, version, amount)
VALUES ('$browser_name', '$version', 1)";
}
I have been looking around for answers for ages but they just tell me how to select information out of a DB as a whole.
update table set amount_field = amount_field + 1 where browser = '$browser_name' and version = '$version'
I don't understand why you make twice the same select.
$browser_name= "MSIE";
$version = "7";
$query = "SELECT * FROM $TB WHERE browser = '$browser_name' AND version = '$version'";
$result = mysql_query($query);
if($data = mysql_fetch_assoc($result))
{
print_r($data);
//use UPDATE from other answers if you need one here.
}
else
{
//if browser is not detected insert fresh row.
mysql_query("INSERT INTO $TB (browser, version, amount)
VALUES ('$browser_name', '$version', 1)");
}
Beware of SQL injections!
SELECT * FROM $TB WHERE browser
you have a mistake it must be WHERE instead of WERE.
You update query will be like this
UPDATE $TB SET ammount = 1 WHERE browser = $browser and version = $version
There are hundreds of issues with your query like sanitization etc. I suggest you read a good mySQL book to improve the queries. But to answer your question:
//code to add 1 to ammount would be here
mysql_query("update $TB set amount = amount + 1 where browser = '".mysql_real_escape_string($browser_name)."' and version = '".mysql_real_escape_string($version)."'");
First of all, you should connect to db using
$db = new mysqli('host','user','pass','dbname');
Then, your query isn't right. You have a sql syntax error.
SELECT * FROM table WHERE column = value
So, without prepare, your code should look like:
$tb = 'table_name'; // to avoid sql injections use addslashes() to your input
$browserName = addslashes('browser_name'); // like this
$version = '7';
$db = new mysqli('host','user','pass','dbname');
$result = $db->query("SELECT * FROM $tb WERE browser = '$browserName' AND version = '$version'");
// Than, you can fetch it.
while ($result->fetch as $row) {
echo $row['yourColumn']; // will display value of your row.
}
$db->query("INSERT INTO $tb (browser, version) VALUES ('$browser_name', '$version')";
}");
And, that's all. You can count your records using mysql count() method. Your code will work. I advice you, at first go to php.net and check the doc. There are many examples.