I am trying to update my long text mysql field. It has been working previously with no issues what-so-ever, but all of sudden now it won't update. Here is the code
$productTitle = $_POST['product_title'];
$productDesc = $_POST['product_desc'];
$updateProductDesc = "UPDATE product_desc SET product_desc='$productDesc'
WHERE product_sku='$productSku' ";
mysql_query($updateProductDesc, $db_custom);
I know I should be using mysqli but other than that all the syntax is correct. Or am I completely missing something.
many reasons your code will not work:
Step 1
Change
$productDesc = $_POST['product_desc'];
Into
$productDesc = addslashes($_POST['product_desc']);
Step 2
Before update, add mysql_real_escape_string($productDesc);
Check your database and put product_desc type on TEXT
Step 3
Verify if product_sku='$productSku' is viable.
Extra step
mysql_query() is depreciated. Go for mysqli
If all has been well before, odds are that your description field has some offending character. Yogesh Suthar is right that you should check the error. Try escaping the value with mysql_escape_string()
Related
I'm trying to add +1 in custom row. Example:
UPDATE `users` SET `MVP` = `MVP` + 1 WHERE `steam_id` = `%s`;
But nothing. What's wrong? Syntax looks good i think.
%s is a value so remove `
You can usually omit that everywhere unless you are using some "unlucky" column names
UPDATE `users` SET `MVP` = `MVP` + 1 WHERE `steam_id` = %s;
Take the ' away from the MVP you are incrementing.
UPDATE `users` SET `MVP` = MVP+1 WHERE `steam_id` = `%s`;
Post the entire code snipped. Can´t really help you like that. What is steam_id? What is %s. When do you replace it with an actual value? You should also just use prepared statements and not DYI that. %s is not how they look like in PDO or MYSQLI, but sure looks like a placeholder for a string.
You also marked this as insert, yet you´re doing an update.
Those `` are kinda unnecessary, never used them for column/table names, but appears to work at least in mysql console.
The sql snipped looks right, assuming MPV is numeric and the id is a string/varchar and equals %s, or you´re replacing it with something.
EDIT: As some have said the %s is the problem use nothing if it´s a int. Use single or double quotes if it´s a string. And you don´t need to use anything anywhere else, but if you wish to do so you can.
My code is
$this->db->like('postcoderegion','Brighton And Hove');
$query = $this->db->get('postcode');
$result = $query->result();
Mysql query
SELECT * FROM `postcode` WHERE postcoderegion LIKE '%Brighton And Hove%' ESCAPE '!'
When i see mysql query then i got an extra space between 'AND' or 'Hove'. Please let me know how can i remove this extra space. when i not set Hove then it not produced any space.
UPD: it's fixed in 3.0.2 (https://github.com/bcit-ci/CodeIgniter/issues/4093), so please update to the latest version (3.0.5 currently).
(Below is a previous answer, not relevant.)
I think it's a bug in CI's query builder, so I've submitted an isuue — https://github.com/bcit-ci/CodeIgniter/issues/4551
See here — https://github.com/bcit-ci/CodeIgniter/blob/3.0.5/system/database/DB_query_builder.php#L2378 (it's for 3.0.5, but this part of code is the same as for 3.0.1).
You can try to fix it yourself or wait till it's fixed from CI team.
I have a form where the fields are filled in and the are submitted which adds all this to a table in an SQL database. To do this I have a short PHP script that takes all the post values and then inserts them to the database. One of the fields in the submitted form is over 7000 letters long and it will not submit. It will submit if I clear the description box which is the 1 where the text is over 7k characters. I can add all these details manually to the database and they are displaying on the website as they should. The problem is with the description being this long. Is there a way to sort this out or is there a limit on the amount of letters there can be?
this is the code from the insertpost.php. This is the page that gets called when the form is submitted
$Title = $_POST['title'];
$LinkTitle = $_POST['linktitle'];
$Category = $_POST['category'];
$SubCategory = $_POST['subcategory'];
$MainPic = $_POST['mainpic'];
$Description = $_POST['Description'];
$Main = $_POST['maintext'];
$Featured = $_POST['featured'];
$thumb = $_POST['thumbnail'];
include 'phpincludes/dbconnection.php';
$insertSQL = "INSERT INTO Posts (ID,Title,LinkTitle,MainPicture,ViewCount,Description,Maintext,Type,Featured,category,thumbnail)
VALUES('','$Title','$LinkTitle','$MainPic','0','$Description','$Main','$SubCategory','$Featured','$Category','$thumb')";
$db->query($insertSQL)
Yes there is a limit, you find it documented in the PHP manual for string http://php.net/string :
Note: string can be as large as 2GB.
This requires that you have allowed PHP to use that much memory. Which is not always possible to configure based on operating system. For more details, I can suggest the beginning of my blog post: Protocol of some PHP Memory Stretching Fun.
As haskre suggests, the is a limit on a string in PHP however its quite big and 7000 characters should not be causing an issue. There is also a more stringent limit on field sizes in MySQL however we can ignore this as you said you can save the entries directly into MySQL and they display fine.
You need to find out why it's not inserting. I suspect that you have a character in your 7000 characters that is breaking it, maybe a quote symbol or something that you need to escape.
Run your script again with 7000 characters in the and print out the MySQL error so that you can debug and resolve.
To print out the error from MySQL you can use *mysql_error()*. More information on this can be found in the php manual.
I am trying to make an update query to update a user to have a password. The update statement is extremely easy and it has been baffling me for about 12 hours now.
I have read everything having to do with this on 3.5 pages of google searches. but for some reason, none of the suggestions work for me!
Here is the UPDATE query in its 'original' form:
$sql_update = "UPDATE users_sensitive SET password = '$password_hash', ch_password = '$password_hash' WHERE email_hash = '$email_hash'";
$result_update = mysql_query($sql_update) or die(mysql_error());
When I do this update Query, I get no errors or anything back. It also just does not update.
Here's another rendition of the same code:
$sql_update = "UPDATE users_sensitive SET password = '" . $password_hash . "', ch_password = '" . $password_hash. "' WHERE email_hash = '" . $email_hash . "'";
$result_update = mysql_query($sql_update) or die(mysql_error());
Again, nothing happens.
When I put the actual numbers in here instead of the php variables:
$sql_update = "UPDATE users_sensitive SET password = '700b5b23b511d974fe9eeb17ad350b33', ch_password = '700b5b23b511d974fe9eeb17ad350b33' WHERE email_hash = 'ac24dab060a172d8c0b3679d8ae61cac'";
$result_update = mysql_query($sql_update) or die(mysql_error());
(don't worry, it's not sensitive info) It does actually update...
So, I'm assuming my syntax is wrong? I know these are Strings instead of just numbers, so I need the single quotes around them. I have the two variables I need echoed and they are both showing exactly what they should be. I have even tried to use backticks around the column name but that didn't do anything?
I did a var_dump and it came back "true".
When I do a print on my $sql_update, I get:
UPDATE users_sensitive SET password = '700b5b23b511d974fe9eeb17ad350b33', ch_password = '700b5b23b511d974fe9eeb17ad350b33' WHERE email_hash = 'ac24dab060a172d8c0b3679d8ae61cac'
There is no whitespace here.
When I print the $result_update, it comes up with: 1
ANSWER
Thank you to bemace, James Anderson, VolkerK, alex and the others!
The problem was that there was a strange line break in the code creating whitespace that was not the same as on the database.
After backtracking, I noticed at the very beginning of my code on this page, I used a GET to get a hash number from the URL. While making a variable, during testing, I added a line break to the variable for testing purposes only. I (stupidly) left the line break in there. When using that variable in a hidden form field, it included the line break.
After taking the line break out of the first line, everything matched up and all is good.
If you are reading this and plan on posting later, Posting the entire code is probably worth it. This problem would have been fixed earlier if I had.
Again, Thank you to the quick responses and trouble shooting!
No errors and no updates tells me that your where clause isn't matching anything. Make sure $email_hash doesn't have any leading or trailing whitespace and isn't being truncated.
A less likely possibility is that the update is part of a transaction that is being rolled back.
Another less likely possibility: are you connected to the right server?
Thank you to bemace, James Anderson, VolkerK, alex and the others!
The problem was that there was a strange line break in the code creating whitespace that was not the same as on the database.
After backtracking, I noticed at the very beginning of my code on this page, I used a GET to get a hash number from the URL. While making a variable, during testing, I added a line break to the variable for testing purposes only. I (stupidly) left the line break in there. When using that variable in a hidden form field, it included the line break.
After taking the line break out of the first line, everything matched up and all is good.
If you are reading this and plan on posting later, Posting the entire code is probably worth it. This problem would have been fixed earlier if I had.
Again, Thank you to the quick responses and trouble shooting!
i need to select the variable 'duration' from a database where the eventID equals $idnumber. Im using the query bellow but am not having any luck. Can anyone see any flaws.
$duration = mysql_query("SELECT `bs_reservations`.`duration`FROM bs_reservations WHERE (`bs_reservations`.`eventID` '$idnumber')");
Small change :
$duration = mysql_query("SELECT `bs_reservations`.`duration`FROM bs_reservations WHERE (`bs_reservations`.`eventID` = " . $idnumber . ")");
UPDATE :
$data = mysql_fetch_array($duration );
Try to print this $data......
I assume you're missing an = when comparing the 2 IDs at the end.
$duration = mysql_query("SELECT `bs_reservations`.`duration`FROM bs_reservations WHERE (`bs_reservations`.`eventID` = '$idnumber')");
Try this:
SELECT `bs_reservations`.`duration`
FROM `bs_reservations`
WHERE `bs_reservations`.`eventID` = '{$idnumber}'
I've added whitespace before the from, added an = before idnumber, added a backtick after the where and for good measure also added the { and } though they are not really needed, but good practice.
While the obvious problem is the missing operator "=" (most adequately answered by #Dave IMO), perhaps you're having difficulty using the data once the MySql query has been properly executed. One would think you could then take your variable "$duration" and use it. Not true. $duration is now a resource, and you need to extract the information from it. If you know you're only going to get one piece of data back, consider the following code after your query:
list($duration)=mysql_fetch_array($duration);
This of course resets $duration to the value retrieved by the query and is no longer usable as a mysql resource, but it gets what you're looking for.
If this was not your problem, my answer would be the same as #Dave
Edit: Sorry, after reviewing the questions and answers again, my answer would be as follows:
$duration=mysql_query("select `duration` from `bs_reservations` where `eventID`='$idnumber'");