Ok! I have a script that is part of a live auction and my code is not all working and I am at the end of my rope! The below code is the two ways I have tried with no luck:
<? if(isset($_GET['golive'])) {
$id = $_POST['id'];
$totalamount = $_POST['amount'];
$ordernumber = $_POST['ordernumber'];
mysql_connect("localhost","DBusername","DBpassword") or die(mysql_error());
mysql_select_db("DBname") or die(mysql_error(header('Location: live_auction.php?ordermun=error')));
mysql_query("INSERT INTO auction_bundle
(`purchaser_id`,`amount`,`order_number`,`date`) VALUES (".$id.",".$totalamount.",".$ordernumber.",NOW())
UPDATE auction_products SET order_number=".$ordernumber." WHERE on_now=1;
UPDATE auction_products SET sold=1 WHERE on_now=1;
UPDATE auction_products SET on_now=3 WHERE on_now=1");
header('Location: live_auction.php?ordermun='.$ordernumber.'');
}
?>
I Also Tried
<? if(isset($_GET['golive'])) {
$id = $_POST['id'];
$totalamount = $_POST['amount'];
$ordernumber = $_POST['ordernumber'];
mysql_connect("localhost","DBusername","DBpassword") or die(mysql_error());
mysql_select_db("DBname") or die(mysql_error(header('Location: live_auction.php?ordermun=error')));
mysql_query("INSERT INTO auction_bundle
(`purchaser_id`,`amount`,`order_number`,`date`) VALUES (".$id.",".$totalamount.",".$ordernumber.",NOW()");
mysql_query("UPDATE auction_products SET order_number=".$ordernumber." WHERE on_now=1");
mysql_query("UPDATE auction_products SET sold=1 WHERE on_now=1");
mysql_query("UPDATE auction_products SET on_now=3 WHERE on_now=1");
header('Location: live_auction.php?ordermun='.$ordernumber.'');
}
?>
This second one was able to change the auction_products table but still would not INSERT and other query. What am I missing. I need all four of those to happen at the time that the golive button is clicked.
Your insert query doesn't work because your forgot a ) at the end.
mysql_query("INSERT INTO auction_bundle
(`purchaser_id`,`amount`,`order_number`,`date`) VALUES (".$id.",".$totalamount.",".$ordernumber.",NOW()");
Should be:
mysql_query("INSERT INTO auction_bundle
(`purchaser_id`,`amount`,`order_number`,`date`) VALUES (".$id.",".$totalamount.",".$ordernumber.",NOW())");
Related
I've updated the post since I made a bit of change thanks to #user3282898! Though I still can't push the update to the DB.
The table column $id, $issue, $last_mod has already an existing content, I just need to update the content of issue andlast_modcolumn with respect to its$id`.
Here's what I have so far:
<?php
session_start();
session_regenerate_id();
if(!isset($_SESSION['username']))
{
header("Location: login.php");
}
?>
<?php
$conn = mysqli_connect("localhost", "root", "", "order");
if (isset($_GET['id']) && is_numeric($_GET['id']))
{
//id value
$id = $_GET['id'];
$last_mod = $_SESSION['username'];
mysqli_query($conn, "UPDATE order.coupon SET issue='Resolved', last_mod=".$last_mod." WHERE id=".$_POST['id']) //update won't work
or die(mysqli_error());
header("Location: form.php");
}
else
{
header("Location: form.php");
}
?>
I've tried omitting the $last_mod to isolate the issue of updating and find that this statement works:
mysqli_query($conn, "UPDATE order.coupon SET issue='Resolved' WHERE id=$id")
However it won't work with $last_mod in it:
mysqli_query($conn, "UPDATE order.coupon SET issue='Resolved', last_mod=".$last_mod." WHERE id=".$_POST['id'])
or
mysqli_query($conn, "UPDATE order.coupon SET issue='Resolved', last_mod=".$last_mod." WHERE job_id=$job_id")
Your suggestion/opinion is always welcome, thanks in advance guys!
$_SESSION['username']='$last_mod'
You are updating the $_SESSION['username'] field in your table which does not exist!
The $_SESSION['username'] is the username and the column to be updated is the last_mod.
You should do this as i said in my comment:
UPDATE order.coupon SET last_mod='$last_mod' WHERE id='".$_POST['id']."'");
This should work for you.
$last_mod = $_SESSION['username'];
$query = "INSERT INTO coupon(last_mod)
VALUES ($last_mod)";
that query does not seem to make any sense; so how about ...
$sql = "UPDATE `coupon` SET `last_mod` = NOW() WHERE `coupon_id` = ?";
because it appears, as if you were trying to insert a username as the last_mod (last modification) timestamp of a coupon. just add a die($sql); whenever being uncertain why generated SQL won't work. besides, using the user_id (or the coupon_id) instead of the username would be suggested; because indexed INT fields are way quicker to query by.
I am creating a CMS in in which when you ADD NEW PAGE, a display_order will automatically grab the next highest number according to the number of rows already present. Here's what I currently have:
<?php
if(isset($_POST['updateContent'])){
require ("connection.php");
$sql = "SELECT * FROM pages";
$result = $conn->query($sql) or die(mysqli_error());
$content = $_POST['content'];
$title = $_POST['title'];
$id = $_POST['id'];
$order = mysqli_num_rows($result);
if (empty($id)){
/** ADD NEW SLIDE*/
$sql = "INSERT INTO pages (title, content, display_order, visible) VALUES ('".$title."', '".$content.", '".$order.", 0)";
}else{
/** UPDATE SLIDE*/
$sql = "UPDATE pages SET content = '".$content."', title = '".$title."' WHERE id = '".$id."'";
}
if ($result){
header("Location: admin.php");
}
}
?>
What this code is doing is taking the HTML form that I'm using in a page called edit.php and determining if it is new page or simply a page that is being updated. The error that I am getting is that NOTHING is posting to the database at all. If I remove the $sql, $result and $order lines.. the script works fine, but the display_order variable will not be set to the next highest number.
There is an error in your query:
INSERT INTO pages (title, content, display_order, visible)
VALUES ('".$title."', '".$content.", '".$order.", 0)";
^-- here
Should be:
INSERT INTO pages (title, content, display_order, visible)
VALUES ('".$title."', '".$content."', ".$order.", 0)";
^-- quote goes here
Also, using mysqli doesn't magically protect you from SQL-insertion. Escape dat input!
The common way to solve the situation is to use AUTO_INCREMENT field in pages table.
Sequentially insert and then ask for LAST_INSERT_ID
php way: http://php.net/manual/en/function.mysql-insert-id.php
native mysql way: http://dev.mysql.com/doc/refman/5.0/en/information-functions.html#function_last-insert-id
Can someone please help me. I'm trying to create a basic like system by inserting the values into mysql and auto incrementing the number of times the column 'likes' has been updated.
Basically the script will insert where there is not currently any record and update if there is a record.
I am trying to insert 'user_id' as a value, aswell but only the liked_id is being inserted into the table. the 'likes' column is being auto incremented as it should be but i need to find out how i can insert the user_id which is the users session id aswel and this isn't being put in. also i am trying to update the column 'user_id_has_liked' from enum value 0 to 1 as a final result.
can someone please show me where i am going wrong. thanks
<?php
require_once('includes/session.php');
require_once('includes/functions.php');
require('includes/_config/connection.php');
session_start();
confirm_logged_in();
if (isset ($_GET['to'])) {
$user_to_id = $_GET['to'];
}
if (!isset($_GET['to']))
exit('No user specified.');
$user_id = $_GET['to'];
$result = mysql_query("SELECT * FROM ptb_likes WHERE liked_id ='".$user_to_id."' ");
if( mysql_num_rows($result) > 0) {
mysql_query("UPDATE ptb_likes SET likes = likes +1 WHERE liked_id = '".$user_to_id."' ");
$user_to_id = mysql_query("ALTER TABLE likes AUTO_INCREMENT = $id");
}
else
{
mysql_query("INSERT INTO ptb_likes (user_id,liked_id) VALUES ('".$_SESSION['user_id'].",".$user_to_id."') ");
}
$result1 = mysql_query("UPDATE ptb_likes SET user_id_has_liked='1' WHERE user_id=".$_SESSION['user_id']."")
or die(mysql_error());
if($result)
{
header("Location: {$_SERVER['HTTP_REFERER']}");
}
?>
As the others said, mysql_* statements are depricated, use mysqli_* statements...
The first issue is the code in the user id insert statement was missing some quotes, it should look like this:
mysql_query("INSERT INTO ptb_likes (user_id,liked_id) VALUES ('".$_SESSION['user_id']."','".$user_to_id."') ");
The user_id_has_liked query issue could be caused by the enum variable being an integer in mysql. you could also try saving your query to a query variable and passing the variable to your query function for readability...
$query = "UPDATE ptb_likes SET user_id_has_liked='1' WHERE user_id=".$_SESSION['user_id'];
$result1 = mysql_query($query) or die(mysql_error());
I have need help in the below coding, right now it update the image every time i insert new trough form, i need it should update/insert image in each row not update the same image, kindly help .. code is below
<?PHP
if(isset($_POST['add_value'])){
$sql ="INSERT INTO tb_special_offer (offer_price, offer_title, offer_desc, offer_link) VALUES ('"
.addslashes($_REQUEST['offer_price'])."', '"
.addslashes($_REQUEST['offer_title'])."', '"
.addslashes($_REQUEST['offer_desc'])."', '"
.addslashes($_REQUEST[offer_link])."')";
$qry = mysql_query($sql) or die (mysql_error());
//Image
if($_FILES['offer_img']['name']){
$uploaded_image = $_FILES['offer_img']['name'];
$imgpath = "userfiles/specialoffer/";
if(file_exists($imgpath.$uploaded_image)) unlink($imgpath.$uploaded_image);
if(!move_uploaded_file($_FILES['offer_img']['tmp_name'], $imgpath.$uploaded_image)){
$errMsg= "UPLOAD ERROR..!!!".$_FILES['offer_img']['name'];
}
else {
$sql = "update tb_special_offer set offer_img='$uploaded_image' ";
$qry = mysql_query($sql) or die (mysql_error());
}
}
header("Location: specialoffer?msg=Special Offer Added Successfully!");
exit;
}
?>
Your query means that all rows in your database get that image as value for the offer_img column. Update means just that: update a row.
If you want to update a specific row, not every row, do something like this:
update tb_special_offer set offer_img='$uploaded_image' where id=xxxx
But I suspect you want to use an INSERT query. As you've not provided any more info I cannot write it for you, but it should be easy. Just read the manual, but it boils down to something like
INSERT into tb_special_offer (offer_img) VALUES ('$uploaded_image')
i have a field in table opt named confirm of type tinyint. i want to insert value(1) by this statement but it is not working can any one help??
$connect= mysql_connect("localhost","root") or die ("Sorry, Can not connect to database");
mysql_select_db("login") or die (mysql_error());
$user=$_POST['staff'];
echo $user;
$query="SELECT * from users where username='$user' ";
$result=mysql_query($query,$connect) or die(mysql_error());
$row=mysql_fetch_array($result);
$uid=$row['userid'];
echo $uid;
$query="SELECT * from opt where userid='$uid' ";
$result=mysql_query($query,$connect) or die(mysql_error());
$row=mysql_fetch_array($result);
if($row['confirm']==0)
{
$query = "INSERT INTO opt (confirm) values(1)";
echo 'The user selected options has confirmed';
}
?>
You are not executing the query.
add an extra
$result=mysql_query($query,$connect) or die(mysql_error());
after the line
$query = "INSERT INTO opt (confirm) values(1)";
Apart from not executing the "InSERT STATEMENT",
You should probably be using an
"UPDATE OPT SET CONFIRM = '1' WHERE USERID = $user;"
as the row already exists ('cause you managed to select it!).
$query is a variable and there's no reason that it would cause a record to magically get inserted into the opt table.
You need to insert the following line after $query = "...":
mysql_query($query);
Also, I hopethat's not the code you're running in production.
You need to have the following somewhere:
$user = mysql_real_escape_string($user);
Why is not working? what error is throwing?
Check the other fields of the table...