i have an issue with my update function on php, i have the code to make the function work how ever it only ever updates the last function.
<html>
<head>
<title>Update a Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['update']))
{
$dbhost = '';
$dbuser = '';
$dbpass = '';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$stock_1 = $_POST['stock_1'];
$stock_2 = $_POST['stock_2'];
$stock_3 = $_POST['stock_3'];
$stock_4 = $_POST['stock_4'];
$stock_5 = $_POST['stock_5'];
$stock_6 = $_POST['stock_6'];
$sql = "UPDATE products ".
"SET instock = $stock_1 ".
"WHERE productid = 1" ;
$sql = "UPDATE products ".
"SET instock = $stock_2 ".
"WHERE productid = 2" ;
$sql = "UPDATE products ".
"SET instock = $stock_3 ".
"WHERE productid = 3" ;
$sql = "UPDATE products ".
"SET instock = $stock_4 ".
"WHERE productid = 4" ;
$sql = "UPDATE products ".
"SET instock = $stock_5 ".
"WHERE productid = 5" ;
$sql = "UPDATE products ".
"SET instock = $stock_6 ".
"WHERE productid = 6" ;
mysql_select_db('db_k0903037');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}
else
{
?>
<form method="post" action="<?php $_PHP_SELF ?>">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="100">3.5" Seagate SATA 2TB</td>
<td><input name="stock_1" type="text" id="stock_1"></td>
</tr>
<tr>
<td width="100">Samsung 2.5" SATA Hard Drive</td>
<td><input name="stock_2" type="text" id="stock_2"></td>
</tr>
<tr>
<td width="100">8gb Kingston DDR3 RAM 1333mhz</td>
<td><input name="stock_3" type="text" id="stock_3"></td>
</tr>
<tr>
<td width="100">Apple MacBook Ram 8GB</td>
<td><input name="stock_4" type="text" id="stock_4"></td>
</tr>
<tr>
<td width="100">Gigabyte GA-970A-DS3</td>
<td><input name="stock_5" type="text" id="stock_5"></td>
</tr>
<tr>
<td width="100">Asus P8Z77-V PRO </td>
<td><input name="stock_6" type="text" id="stock_6"></td>
</tr>
<tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="update" type="submit" id="update" value="Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>
thats my code and im struggling to see why it doesnt update all of them? obviously i put in the correct username and password!
any help would be greatly appreciated.
Your mysql_select_db('db_k0903037'); must go at the top of the code, and then you have to do
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not update data: ' . mysql_error());
}
after each $sql = "...";.
The way you do it, is you set the $sql string to something different each time, but you don't actually execute that query. mysql_query does the actual executing :)
Why don't you do that in a loop?
for($i=1;$i<=6;++$i){
${'stock_'.$i} = $_POST['stock_'.$i];
$sql = "UPDATE products SET instock = ".${'stock_'.$i}." WHERE productid = ".$i ;
$retval = mysql_query( $sql, $conn );
// ...
}
or just
for($i=1;$i<=6;++$i){
$var = $_POST['stock_'.$i];
$sql = "UPDATE products SET instock = ".$var." WHERE productid = ".$i ;
$retval = mysql_query( $sql, $conn );
// ...
}
Related
Hi i use this php script to update some values in my database but it accepts only numbers when i put my email it says : Could not update data: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '#hotmail.com' at line 1
i want to update the values where by entering email and username
and increase the values because i have more than 5 values to update
any solution? :)
<html>
<head>
<title>Update a Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['update'])) {
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = 'root';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn ) {
die('Could not connect: ' . mysql_error());
}
$email = $_POST['email'];
$gold = $_POST['gold'];
$sql = "UPDATE userdata ". "SET gold = $gold ".
"WHERE email = $email" ;
mysql_select_db('chickenstories');
$retval = mysql_query( $sql, $conn );
if(! $retval ) {
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}else {
?>
<form method = "post" action = "<?php $_PHP_SELF ?>">
<table width = "400" border =" 0" cellspacing = "1"
cellpadding = "2">
<tr>
<td width = "100">Email : </td>
<td><input name = "email" type = "text"
id = "email"></td>
</tr>
<tr>
<td width = "100">Gold : </td>
<td><input name = "gold" type = "text"
id = "gold"></td>
</tr>
<tr>
<td width = "100"> </td>
<td> </td>
</tr>
<tr>
<td width = "100"> </td>
<td>
<input name = "update" type = "submit"
id = "update" value = "Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>
The problem is you are not putting email as string, you are passing it without escaping it, update this line:
$sql = "UPDATE userdata ". "SET gold = $gold ". "WHERE email = $email" ;
to Be:
$sql = "UPDATE userdata ". "SET gold = $gold ". "WHERE email = '$email'" ;
I also recommend you to escape all variable before putting them in database, to avoid SQL injection.
now it dont work again i have somewhere a syntax error on my query
Could not update data: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'email = 'test#hotmail.com' and username = 'TestName'' at line 1
<html>
<head>
<title>Update a Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['update'])) {
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = 'root';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn ) {
die('Could not connect: ' . mysql_error());
}
$email = $_POST['email'];
$username = $_POST['username'];
$gold = $_POST['gold'];
$chickens = $_POST['chickens'];
$sql = "UPDATE userdata ". "SET gold = $gold, chickens = $chickens". "WHERE email = '$email' and username = '$username'" ;
mysql_select_db('chickenstories');
$retval = mysql_query( $sql, $conn );
if(! $retval ) {
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}else {
?>
<form method = "post" action = "<?php $_PHP_SELF ?>">
<table width = "400" border =" 0" cellspacing = "1"
cellpadding = "2">
<tr>
<td width = "100">Email : </td>
<td><input name = "email" type = "text"
id = "email"></td>
</tr>
<tr>
<td width = "100">Username : </td>
<td><input name = "username" type = "text"
id = "username"></td>
</tr>
<tr>
<td width = "100">Gold : </td>
<td><input name = "gold" type = "text"
id = "gold"></td>
</tr>
<tr>
<td width = "100">Chickens : </td>
<td><input name = "chickens" type = "text"
id = "chickens"></td>
</tr>
<tr>
<td width = "100"> </td>
<td> </td>
</tr>
<tr>
<td width = "100"> </td>
<td>
<input name = "update" type = "submit"
id = "update" value = "Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>
I am writing out a form in php,html... witch should normally update to my database but the form isnt showing up on the screen. Help!!! I am not a very expirianced coder so pleases if you could tell meif there is any other probleme with my code. Thanks :-)
<html>
<head>
<title>help</title>
</head>
<body>
<?php
if(isset($_POST['update'])) {
$dbhost = 'localhost';
$dbuser = '*********';
$dbpass = '*****';
$conn = mysqli_connect($dbhost, $dbuser, $dbpass);
if(! $conn ) {
die('Could not connect: ' . mysqli_error());
}
$Userid = $_POST['UserID'];
$TableID = $_POST['tableID'];
$Life_points = $_POST['Life_points'];
$xp_points = $_POST['xp_points'];
$sql = "UPDATE points SET TableID = " . $TableID . " WHERE UserID = ". $Userid . " AND life_points = " . $Life_points . " AND xp_points= " . $xp_points;
mysqli_select_db('womath');
$retval = mysqli_query( $conn, $sql );
<?php echo $_SERVER['PHP_SERVER'] ?>
if(! $retval ) {
die('Could not update data: ' . mysqli_error());
}
echo "Updated data successfully\n";
mysqli_close($conn);
} else {
?>
<form method = "post" action = "<?php $_PHP_SELF ?>">
<table width = "400" border =" 0" cellspacing = "1" cellpadding = "2">
<tr>
<td width = "100">UserID</td>
<td><input name = "UserID" type = "number" id = "UserID"></td>
</tr>
<tr>
<td width = "100">TableID</td>
<td><input name = "TableID" type = "number" id = "TableID"></td>
</tr>
<tr>
<td width = "100">life_points</td>
<td><input name = "life_points" type = "number" id = "life_points"></td>
</tr>
<tr>
<td width = "100">xp_points</td>
<td><input name = "xp_points" type = "number" id = "xp_points"></td>
</tr>
<tr>
<td width = "100"> </td>
<td> </td>
</tr>
<tr>
<td width = "100"> </td>
<td><input name = "update" type = "submit" id = "update" value = "Update"></td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>
You have issued a query to the database for compilation and execution before you have told MYSQL which database you are trying to gain access to.
The mysqli_select_db('womath'); must happen before your first query
In fact that function is more for use when you want to switch from one database to another during a scripts execution, you can add the database name to the
$conn = mysqli_connect($dbhost, $dbuser, $dbpass);
like this
$conn = mysqli_connect($dbhost, $dbuser, $dbpass,'womath');
line if you like and forget about the line
mysqli_select_db('womath');
completely.
<html>
<head>
<title>help</title>
</head>
<body>
<?php
ini_set('display_errors', 1);
ini_set('log_errors',1);
error_reporting(E_ALL);
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
if(isset($_POST['update'])) {
$dbhost = 'localhost';
$dbuser = '*********';
$dbpass = '*****';
$conn = mysqli_connect($dbhost, $dbuser, $dbpass,'womath');
// --------------------------^^^^^^^^
if(! $conn ) {
die('Could not connect: ' . mysqli_error());
}
// move this calll to here or add database to the connect line
//mysqli_select_db('womath');
$Userid = $_POST['UserID'];
$TableID = $_POST['tableID'];
$Life_points = $_POST['Life_points'];
$xp_points = $_POST['xp_points'];
$sql = "UPDATE points SET TableID = '$TableID'
WHERE UserID = '$Userid'
AND life_points = '$Life_points'
AND xp_points = '$xp_points'";
$retval = mysqli_query( $conn, $sql );
// this following line also need a `;`
echo $_SERVER['PHP_SERVER'];
if(! $retval ) {
die('Could not update data: ' . mysqli_error());
}
echo "Updated data successfully\n";
mysqli_close($conn);
// remove this else, as with it in place
// you only show the form when you are NOT updating the database
// }else {
// just terminate the IF so the form will show after an update
// AND when page is first loaded and there is no user input
}
?>
<form method = "post" action = "<?php $_PHP_SELF ?>">
<table width = "400" border =" 0" cellspacing = "1"
cellpadding = "2">
<tr>
<td width = "100">UserID</td>
<td><input name = "UserID" type = "number"
id = "UserID"></td>
</tr>
<tr>
<td width = "100">TableID</td>
<td><input name = "TableID" type = "number" id = "TableID"></td>
</tr>
<tr>
<td width = "100">life_points</td>
<td><input name = "life_points" type = "number" id = "life_points"></td>
</tr>
<tr>
<td width = "100">xp_points</td>
<td><input name = "xp_points" type = "number" id = "xp_points"></td>
</tr>
<tr>
<td width = "100"> </td>
<td> </td>
</tr>
<tr>
<td width = "100"> </td>
<td>
<input name = "update" type = "submit" id = "update" value = "Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
Your script is at risk of SQL Injection Attack
Have a look at what happened to Little Bobby Tables Even
if you are escaping inputs, its not safe!
Use prepared parameterized statements
I am not sure why my database is not receiving information from my website. Also, no error messages are popping up so I'm not sure the data is going anywhere at all. It appears to be letting me connect to the database, but when I click add employee I just get a blank page. Any suggestions?
EDIT: I have changed my code to only input one variable, but am still only returning a blank page.
<html>
<head>
<title>Add New Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['add'])) {
$dbhost = '';
$dbuser = 'j';
$dbpass = 'os';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn ) {
die('Could not connect: ' . mysql_error());
}
if(! get_magic_quotes_gpc() ) {
$emp_name = addslashes ($_POST['employee_name']);
} else {
$emp_name = $_POST['employee_name'];
}
$sql = "INSERT INTO employee ". "(employee_name) ". "VALUES('$emp_name')";
mysql_select_db('test_db');
$retval = mysql_query( $sql, $conn );
if(! $retval ) {
die('Could not enter data: ' . mysql_error());
}
echo "Entered data successfully\n";
mysql_close($conn);
} else {
?>
<form method = "post" action = "<?php $_PHP_SELF ?>">
<table width = "400" border = "0" cellspacing = "1" cellpadding = "2">
<tr>
<td width = "100">
Employee Name
</td>
<td>
<input name = "employee_name" type = "text" id = "employee_name">
</td>
</tr>
<tr>
<td width = "100">
</td>
<td>
</td>
</tr>
<tr>
<td width = "100">
</td>
<td>
<input name = "add" type = "submit" id = "add" value = "Add Employee">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>
$sql = "INSERT INTO employee ". "(employee_name) ". "VALUES('$emp_name', NOW())";
You are passing 2 values in the sql, but only specifying one column. employee_name
you probably need to either remove the NOW() value or add another column (employee_name, date_added)
$sql = "INSERT INTO employee ". "(employee_name) ". "VALUES('$emp_name')";
$sql = "INSERT INTO employee ". "(employee_name, date_added) ". "VALUES('$emp_name', NOW())";
I have a simple MYSQL DB where field_3 is a varchar Key value. I am trying to update database posting to two TIME fields called start and end.
However I keep getting this error
Notice: Undefined variable: empd_end in C:\xampp\htdocs\b1\update.php on line 25
Could not update data: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ':12:00, end = WHERE field_3 = Berkay_Sebat#yahoo.com' at line 1
<html>
<head>
<title>Update a Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['update']))
{
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = 'root';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$emp_id = $_POST['emp_id'];
$emp_salary = $_POST['emp_salary'];
$emp_end= $_POST['emp_end'];
$sql = "UPDATE usezas ".
"SET start = $emp_salary, end = $empd_end".
"WHERE field_3 = $emp_id" ;
mysql_select_db('db1');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}
else
{
?>
<form method="post" action="<?php $_PHP_SELF ?>">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="100">EMAIL</td>
<td><input name="emp_id" type="text" id="emp_id"></td>
</tr>
<tr>
<td width="100">Start TIME</td>
<td><input name="emp_salary" type="text" id="emp_salary"></td>
</tr>
<tr>
<td width="100">END TIME</td>
<td><input name="emp_end" type="text" id="emp_end"></td>
</tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="update" type="submit" id="update" value="Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>
You are missing a space after the value of end also, you will need to wrap your variables with a quotes like the query below.
$sql = "UPDATE usezas ".
"SET start = '$emp_salary', end = '$empd_end' ".
"WHERE field_3 = $emp_id" ;
However, your code is vulnerable to SQL injections. You sure prepare your query and should be using either PDO or MySQLi extensions not the old mysql_query extension.
you need to put your php vals to ''
$sql = "UPDATE usezas ".
"SET start = '$emp_salary', end = '$empd_end'".
" WHERE field_3 = '$emp_id'" ;
everyone.
I have a problem with updating value into database.
Now, I have $SumTotal as a PHP variable. I want to update value in database by using value in $SumTotal.
I try it but it doesn't work. The value in database is 0.
here is my code
$strSQL3 = "UPDATE OrderCustomer SET TotalPrice = '".$SumTotal."' WHERE OrderCustomerID = '".$_SESSION["OrderCustomerID"]."' ";
Thank you very much.
Try using this code, this code should work for you.
{
$dbhost = 'localhost:3036';
$dbuser = 'root';
$dbpass = 'rootpassword';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$SumTotal="**Some value**";
//**QUERY**
$strSQL3= "UPDATE OrderCustomer".
"SET Totalprice= $SumTotal".
"WHERE emp_id = $emp_id" ;
mysql_select_db('test_db');
$retval = mysql_query( $strSQL3, $conn );
if(! $retval )
{
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}
First of all, I would make sure that $SumTotal and $_SESSION['OrderCustomerID'] are equal to what they are meant to be equal to.
I would do something like: echo "$SumTotal"; and echo $_SESSION['OrderCustomerID']; to check these variables.
Then, you could do the following:
Make sure that the database is actually selected (to select the database in your query, you can use UPDATE databasename.table (where table is equal to OrderCustomer in your case)
Check for errors in your query by adding or die(mysql_error()); to the end of your query.
Use the following at the very top of your PHP document to show all errors that have occurred: https://stackoverflow.com/a/6575502/3593228.
In addition to this, make sure that your query is actually being executed.
You can do this by using the mysql_query function as follows:
$strSQL3 = mysql_query("UPDATE databasename.OrderCustomer SET TotalPrice = '$SumTotal' WHERE OrderCustomerID = '" . $_SESSION["OrderCustomerID"] . "'");
Also, before someone beats me to it, you should be using PDO or MySQL Improved, yada yada yada.
You can have a look at this piece of code.
This will definitely work, i have tried this personally.
Edit: (Pulled from link)
<html>
<head>
<title>Update a Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['update']))
{
$dbhost = 'localhost:3036';
$dbuser = 'root';
$dbpass = 'rootpassword';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
die('Could not connect: ' . mysql_error());
}
$emp_id = $_POST['emp_id'];
$emp_salary = $_POST['emp_salary'];
$sql = "UPDATE employee ".
"SET emp_salary = $emp_salary ".
"WHERE emp_id = $emp_id" ;
mysql_select_db('test_db');
$retval = mysql_query( $sql, $conn );
if(! $retval )
{
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}
else
{
?>
<form method="post" action="<?php $_PHP_SELF ?>">
<table width="400" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="100">Employee ID</td>
<td><input name="emp_id" type="text" id="emp_id"></td>
</tr>
<tr>
<td width="100">Employee Salary</td>
<td><input name="emp_salary" type="text" id="emp_salary"></td>
</tr>
<tr>
<td width="100"> </td>
<td> </td>
</tr>
<tr>
<td width="100"> </td>
<td>
<input name="update" type="submit" id="update" value="Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>