Update table using variables - php

I want to update a table using a array but I can't get it to work. It inserts the date in the table but the update query doesn't work.
<?php
session_start();
$dateinsert = $_SESSION['aanwezigheidsdatum'];
$nameninsertarr = $_SESSION['namen'];
for ($i =2 ; $i<$_SESSION['totaalpersoneel'];$i++){
$test = $_GET["ureninsert".$i];
if ($test == ""){$test = X;}
$ureninsertarray[$i-2] = $nameninsertarr[$i-2]." = '".$test."'";
}
$ureninsertarr = implode(' , ',$ureninsertarray);
echo $ureninsertarr;
include("connectdb.php");
$query = "INSERT INTO Aanwezigheidslijst (dag) VALUES ('$dateinsert')";
mysql_query($query);
$query = "UPDATE 'Aanwezigheidslijst' SET $ureninsertarr WHERE dag = '$dateinsert'";
echo "<br>".$query;
$putquery = mysql_query($query);
if (!$putquery) echo "error";
?>


thats because u have written update syntax wrong.u have to specify column name in 'set'.fix this issue and ur update query will work.
$query = "UPDATE Aanwezigheidslijst
SET column_name=$ureninsertarr
WHERE dag = $dateinsert";
update syntax:
UPDATE [LOW_PRIORITY] [IGNORE] table_reference
SET col_name1={expr1|DEFAULT} [, col_name2={expr2|DEFAULT}] ...
[WHERE where_condition]
[ORDER BY ...]
[LIMIT row_count]


$query = "UPDATE 'Aanwezigheidslijst' SET $ureninsertarr WHERE dag = '$dateinsert'";
should be changed in
$query = "UPDATE `Aanwezigheidslijst` SET $ureninsertarr WHERE dag = '$dateinsert'";
But should use another way to talk with your database. (PDO?)
In PDO it would look like
$stmt = $dbh->prepare("UPDATE `Aanwezigheidslijst` SET $ureninsertarr WHERE `dag` = ?");
$dbh->execute(array($dateinsert));
You should also take care or params used in $ureninsertarr. Getting them directly from $_GET means that you don't really know what is beeing inserted into you DB. (!SQL Injection!)
PDO Manual
EDIT: as posted before, $ureninsertarr needs to be a string that also cointains the columns nam. Not only the values...

Related

Mysqli Multi Query

So besides the DB connector that I haven't included what could cause me to get this error?
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'UPDATE EventData SET deviceID = "631403956MB21" WHERE deviceID = "4631403956MB' at line 1"
This is my php mysqli multi query.
$sql = "UPDATE Device SET deviceID = \"631403956MB21\" WHERE
deviceID = \"4631403956MB2\" ";
$sql .= "UPDATE EventData SET deviceID = \"631403956MB21\" WHERE
deviceID = \"4631403956MB2\" ";
$sql .= "UPDATE NotifyQueue SET deviceID = \"631403956MB21\" WHERE
deviceID = \"4631403956MB2\" ";
$sql .= "UPDATE RuleTrigger SET deviceID = \"631403956MB21\" WHERE
deviceID = \"4631403956MB2\" ";
$sql .= "UPDATE RuleList SET deviceID = \"631403956MB21\" WHERE
deviceID = \"4631403956MB2\" ";
$result = mysqli_multi_query($db, $sql);
if ($result) {
echo 'true';
} else {
echo 'false';
echo mysqli_error($db);
}
mysqli_close($db);
Thanks,
Mike

Disable auto commit when inserting/updating multiple queries and use a loop:
$mysqli = dbConnect(); // Connect with database
$mysqli->autocommit(FALSE); // Set autocommit off
// You can prepare and bind outside the foreach loop, so you don't
// have to write and bind each query individually.
$sql = "UPDATE RuleList SET deviceID = ? WHERE deviceID = ?";
$stmt = $mysqli->prepare($sql);
$stmt->bind_param('ii', $deviceID1, $deviceID2);
foreach($ids as $id):
$deviceId1 = $id;
$stmt->execute();
endforeach;
$stmt->close();
$mysqli->commit(); // Commit all queries
$mysqli->close();
The above is an example

Correct query:
UPDATE Device SET deviceID = '631403956MB21' WHERE deviceID = '4631403956MB2';
UPDATE EventData SET deviceID = '631403956MB21' WHERE deviceID = '4631403956MB2';
...
So, finally, you did not assign ";" at the end of each query. You assign only one ";" at the end of php code.
$sql = "UPDATE Device SET deviceID = \"631403956MB21\" WHERE
deviceID = \"4631403956MB2\" ";
$sql .= "UPDATE EventData SET deviceID = \"631403956MB21\" WHERE
deviceID = \"4631403956MB2\" ";
...
↓↓↓
$sql = "UPDATE Device SET deviceID = '631403956MB21' WHERE
deviceID = '4631403956MB2'; ";
$sql .= "UPDATE EventData SET deviceID = '631403956MB21' WHERE
deviceID = '4631403956MB2'; ";
...
Please try and hope it helps.

you should not have multiple UPDATE clauses in the same query. You're attempting to use mysqli_multi_query but you need to separate your queries with a semi-colon:
First create an array:
$queries = [
"UPDATE Device...",
"UPDATE EventData...",
"UPDATE NotifyQueue...",
];
From there you have two options. First is to loop through and execute the queries one at a time
foreach($queries as $sql):
$result = mysqli_query($db, $sql);
...
endforeach;
This isn't a great idea though because it requires many trips to the DB. The better option is what you're actually trying to do: execute a multi-query statement
$multi_query = implode('; ',$queries);
mysqli_multi_query($db, $multi_query);
...
Important Note
multi_query does not use prepared statements, so if you're not careful, you will be vulnerable to SQL-injection attacks. With this approach, be sure to escape your strings and to cast all numerical values as numbers (eg: $var = (int)$var) before you include them in the queries.
By the way, I notice that you're making the same change in deviceID on multiple tables. This may be a sign that your architecture is poorly designed. If you have InnoDB tables, you can use primary and foreign keys to indicate that deviceID in the EventData, NotifyQueue... tables is a foreign key linked to the primary key in the Device table. Then if you set changes to cascade on update, all you would need to do is change the ID in the Device table and the DB will take care of changing it everywhere else. Here is a quick intro to the concept.

updating the data using implode in php

please help me out and sorry for my bad English,
I have fetch data , on basis of that data I want to update the rows,
Follows my code
I fetched data to connect API parameters
<?php
$stmt = $db->stmt_init();
/* publish store for icube*/
$stmt->prepare( "SELECT id,offer_id,name,net_provider,date,visible,apikey,networkid FROM " ."affilate_offer_findall_icube WHERE visible='1' ");
$stmt->execute();
mysqli_stmt_execute($stmt); // <--------- currently missing!!!
mysqli_stmt_store_result($stmt);
$rows = mysqli_stmt_num_rows($stmt);
$stmt->bind_result( $id, $offer_id, $name, $net_provider, $date, $visible,$apikey,$networkid);
$sql = array();
if($rows>0)
{
while($info = $stmt->fetch() ) {
$jsondataicube = file_get_contents('filename/json?NetworkId='.$networkid.'&Target=Affiliate_Offer&Method=getThumbnail&api_key='.$apikey.'&ids%5B%5D='.$offer_id.'');
$dataicube = json_decode($jsondataicube, true);
foreach($dataicube['response']['data'][0]['Thumbnail'] as $key=>$val)
{
$offer_id = $dataicube['response']['data'][0]['Thumbnail']["$key"]['offer_id'];
$display = $dataicube['response']['data'][0]['Thumbnail']["$key"]['display'];
$filename = $dataicube['response']['data'][0]['Thumbnail']["$key"]['filename'];
$url = $dataicube['response']['data'][0]['Thumbnail']["$key"]['url'];
$thumbnail = $dataicube['response']['data'][0]['Thumbnail']["$key"]['thumbnail'];
$_filename = mysqli_real_escape_string($db,$filename);
$_url = mysqli_real_escape_string($db,$url);
$_thumbnail = mysqli_real_escape_string($db,$thumbnail);
$sql[] = '("'.$offer_id.'","icube","'.$_thumbnail.'","'.$_url.'")';
}
}
As I store values which have to be inserted in 'sql'
now
$stmt->prepare( "SELECT offer_id FROM " ."affilate_offer_getthumbnail_icube ORDER BY 'offer_id' ASC");
$stmt->execute();
mysqli_stmt_execute($stmt); // <--------- currently missing!!!
mysqli_stmt_store_result($stmt);
$rows = mysqli_stmt_num_rows($stmt);
$stmt->bind_result($offer_id);
$sqlimplode = implode(',', $sql);
if($rows>0)
{
$query = "UPDATE affilate_offer_getthumbnail_icube WHERE offer_id='".$offer_id."' SET '".$sqlimplode."'";
$stmt->prepare( $query);
$execute = $stmt->execute();
}
else
{
$query= "INSERT INTO affilate_offer_getthumbnail_icube(offer_id, net_provider,logo2020,logo100) VALUES".$sqlimplode;
$stmt->prepare( $query);
$execute = $stmt->execute();
}`
`
Insert query working well,but how can I update all the data like insert query ?

My Answer is refering to a "set and forget"-strategy. I dont want to look for an existing row first - probably using PHP. I just want to create the right SQL-Command and send it.
There are several ways to update data which already had been entered (or are missing). First you should alter your table to set a problem-specific UNIQUE-Key. This is setting up a little more intelligence for your table to check on already inserted data by its own. The following change would mean there can be no second row with the same value twice in this UNIQUE-set column.
If that would occur, you would get some error or special behaviour.
Instead of using PHPMyAdmin you can use this command to set a column unique:
ALTER TABLE `TestTable` ADD UNIQUE(`tablecolumn`);
After setting up your table with this additional intelligence, you alter your Insert-Command a little bit:
Instead of Insert you can drop and overwrite your Datarow with
REPLACE:
$query= "REPLACE INTO affilate_offer_getthumbnail_icube
(offer_id, net_provider,logo2020,logo100) VALUES (".$sqlimplode.")";
See: Replace Into Query Syntax
Secondly you can do this with the "On Duplicate Key"-Commando.
https://dev.mysql.com/doc/refman/5.0/en/insert-on-duplicate.html
$query= "INSERT INTO affilate_offer_getthumbnail_icube
(offer_id, net_provider,logo2020,logo100)
VALUES (".$sqlimplode.")
ON DUPLICATE KEY UPDATE net_provider = ".$newnetprovider.",
logo2020 = ".$newlogo2020.",
logo100 = ".$newlogo100.";";
Note: I think you missed some ( and ) around your $sqlimplode. I always put them around your implode. Maybe you are missing ' ' around strings as well.

Syntax of UPDATE query is
UPDATE table SET field1 = value1, field2 = value2 ...
So, you cannot pass your imploded array $sql to UPDATE query. You have to generate another sql-string for UPDATE query.

This is clearly incorrect:
$query = "UPDATE affilate_offer_getthumbnail_icube
WHERE offer_id='".$offer_id."' SET '".$sqlimplode."'";
If the intention is to INSERT offer_id='".$offer_id."' and then UPDATE ... SET offer_id = '".$sqlimplode."'";
You have to use two separate queries, one for INSERT and then another one for UPDATE
An Example:
$query = "INSERT INTO affilate_offer_getthumbnail_icube
(col_name) VALUES('".$col_Value."')";
//(execute it first);
$query2 = "UPDATE affilate_offer_getthumbnail_icube SET
col_name= '".$col_Value."'" WHERE if_any_col = 'if_any_Value';
//(execute this next);

Try this:
$sqlimplode = implode(',', $sql);
if($rows>0)
{
/*$fields_values = explode(',',trim(array_shift($sql), "()"));
$combined_arr = array_combine(['offer_id','net_provider','logo2020','logo100'],$fields_values);
$sqlimplode = implode(', ', array_map(function ($v, $k) { return $k . '=' . $v; }, $combined_arr, array_keys($combined_arr))); */
$query = "INSERT INTO affilate_offer_getthumbnail_icube(offer_id, net_provider,logo2020,logo100) VALUES".$sqlimplode." ON duplicate key update net_provider = values(net_provider),logo2020 = values(logo2020),logo100 = values(logo100)";
$stmt->prepare( $query);
$execute = $stmt->execute();
}
else
{
$sqlimplode = implode(',', $sql);
$query= "INSERT INTO affilate_offer_getthumbnail_icube(offer_id, net_provider,logo2020,logo100) VALUES".$sqlimplode;
$stmt->prepare( $query);
$execute = $stmt->execute();
}

PHP MySQL Update Query not working with vars

$ID = trim($_GET["uid"]);
$Name = trim($_GET["name"]);
$result = $mysqli->query("UPDATE `Benutzer` SET `R_NAME`='$Name' WHERE `ID` = '$ID'");
The Result returns fine, but the Database is not updated. If I replace the vars with static values the Database IS updated.

Use mysqli prepare statement.
$stmt = $mysqli->prepare("UPDATE Benutzer SET R_NAME = ? WHERE ID = ?");
$stmt->bind_param($Name,$ID);
$stmt->execute();
$stmt->close();

Follow these steps:
Remove "trim" & use "mysql_escape_string".
Echo Check the values of Name & ID. Once you are getting them then follow up with the 3rd step.
Concatinate the sql string as shown by removing the tild operators:
$result = $mysqli->query("UPDATE Benutzer SET R_NAME ='".$Name."' WHERE ID = '".$ID."'");

What we pass in the query arguments is a string or we can say query in the form of string. you can change the query like below.
$result = $mysqli->query("UPDATE `Benutzer` SET `R_NAME`='".$Name."' WHERE `ID` = '".$ID."'");

SQL Multiple Statements

I am using php and mysql to update rows in my DB. I have 4 update statements in a row, yet only the last one works. I have confirmed that the statements work if they are used alone, but when I have them executed one after another only the last one executed works. I am receiving no error messages. Any help? Thanks!
$sql = "UPDATE comlog SET name='$name1', message='$message1' WHERE id=1";
$sql = "UPDATE comlog SET name='$name2', message='$message2' WHERE id=2";
$sql = "UPDATE comlog SET name='$name3', message='$message3' WHERE id=3";
$sql = "UPDATE comlog SET name='$name', message='$message' WHERE id=4";
In the above code, only the row with id 4 is being updated.

The answer is simple.
You are declaring the same variable for EACH sql string.
You need to declare it something like:
$sql1 = "";
$sql2 = "";
$sql3 = "";
$sql4 = "";

PHP SQL Views counter using PDO prepare()

I have a variable $id which gives me the id of the current article and this can help me to make an update query in my database on current article.
This is my code:
$vizualizari = $current_views+1;
$sql1= "UPDATE detalii_cantari SET viz = viz WHERE id = {$id};";
$q1 = $dbh->prepare($sql1);
$q1->execute(array(':viz'=>$vizualizari));
I don't get any errors but my code is still not working...

Your correct code is here:
$vizualizari = $current_views+1;
$sql1= "UPDATE detalii_cantari SET viz = :viz WHERE id = {$id}";
$q1 = $dbh->prepare($sql1);
$q1->execute(array(':viz'=>$vizualizari));
; from the end of sql is not needed here and viz = viz must become viz = :viz because of PDO.

It seems you have to get rid of the previous query and make it in a single statement
$sql = "UPDATE detalii_cantari SET viz = viz + 1 WHERE id = ?";
$stm = $dbh->prepare($sql);
$stm->execute(array($id));

Categories