I am trying to update MySQL Database via PHP. I am getting that the Update was successful, how ever MySQL is not being updated. I tried the query in MySQL and it is working but there but not via the PHP page. Why?
<?php
include("checksession.php");
$Id = $_POST['Id'];
$_SESSION['Id'] = $Id;
include("dbconnect.php");
$sql = "UPDATE part SET Available = 'Yes' WHERE Id = '$Id'";
$result = mysql_query($sql, $con);
if($result)
{
Header("Location: Item.php?eMsg=Made Available");
}
else
{
Header("Location: Item.php?eMsg=Unable to Make Available");
}
?>
Try this solution use native function mysql_affected_rows():
$Request = mysql_query($sql, $con);
$Result = mysql_affected_rows();
try this:
$sql = "UPDATE part SET Available = 'Yes' WHERE Id = '{$Id}'";
Related
Why MYSQLi does not update the DB record, but it does provide a successful message. Of course, with the following message: 0 records UPDATED successfully And no changes are made to the database.
my index php file code:
<?php
include 'connect.php';
$work = $_GET["work"];
if($work == "select"){
$query = "SELECT * FROM login ORDER BY City DESC";
$result = $connect->prepare($query);
$result ->execute();
$out = array();
while ($row = $result->fetch(PDO::FETCH_ASSOC)){
$record = array();
$record["InsID"] = $row["InsID"];
$record["Password"] = $row["Password"];
$record["Name"] = $row["Name"];
$record["City"] = $row["City"];
array_push($out,$record);
}
echo json_encode($out);
} elseif($work == "update"){
$name2 = $_REQUEST["Ali"];
$code2 = $_REQUEST["4779"];
$city2 = $_REQUEST["teh"];
$pass2 = $_REQUEST["123"];
$query2 = "UPDATE login SET Password='$pass2',Name='$name2',City='$city2' WHERE InsID = '$code2'";
$result2 = $connect->prepare($query2);
$result2 ->execute();
}
?>
I really do not know where my coding is wrong. Please help.
I don't get why you are updating InsID and also using 'where InsID like'
Also there is additional ; in query
You may try
$query2 = "UPDATE login SET Password='$pass2',Name='$name2',City='$city2' WHERE InsID like '$code2'";
Important = sanitize input data first**
if I understand what you're trying to accomplish then :
you don't have to set InsID again
you need to use = and not LIKE in the WHERE condition
i.e. this is the row you need :
$query2 = "UPDATE login SET Password='$pass2',Name='$name2',City='$city2' WHERE InsID = '$code2';";
also see Nico Haase's comment, it's super correct ! you must improve the code security, see : http://php.net/manual/en/security.database.sql-injection.php
Try this code
May be useful
$query2 = "UPDATE login SET Password='$pass2',Name='$name2',City='$city2' WHERE InsID = '$code2';
if(mysqli_affected_rows($connect)==1){
echo "updated successfully";
}
else{
echo "failed";
}
So I'm trying to delete a comment on the website and also from database, but it just works find on web site. After I click delete button, the comment is gone, but nothing changed in my database. After I refresh the page, the comments I deleted appear again.
So I think, somehow, ajax makes php disconnect to MySQL database anymore.
jquery:
$(".delete").each(function (index4) {
$(this).on("click",function (event) {
$(this).parent().parent().load("../public/form/delete_comments.php", {index4:index4}, function () {
$(this).remove();
});
})
php:
<?php
require_once "../../private/initialize.php";
$id = $_SESSION['id'];
$thread_clicked = isset($_POST['index4'])?$_POST['index4']:'';
$req_user = "SELECT * FROM log_in WHERE id='" .$id. "'";
$result_user = mysqli_query($db,$req_user);
$subject_user = mysqli_fetch_assoc($result_user);
$req = "DELETE FROM comments WHERE user=`" .$subject_user['account']. "` AND c_id=`" .$thread_clicked. "`";
$result = mysqli_query($db,$req);
UPDATE: i changed ajax to :$(this).parent().parent().load("/yyqGS/public/form/delete_comments.php",{index4:index4});
but still doesn't do any change to database.
UPDATE:
<?php
require_once "../../private/initialize.php";
session_start();
$id = $_SESSION['id'];
$thread_clicked = isset($_POST['index4'])?$_POST['index4']:'';
$thread_clicked = $thread_clicked +1;
$req_user = "SELECT * FROM log_in WHERE id='.$id.'";
$result_user = mysqli_query($db,$req_user);
$subject_user = mysqli_fetch_assoc($result_user);
$req = "DELETE FROM comments WHERE user='" .$subject_user['account']. "' AND c_id='" .$thread_clicked. "'";
$result = mysqli_query($db,$req);
if ( !$req ) {
printf("Error: %s\n", $mysqli_error($db));
}
else{
echo $result;
}
and i got 1 everytime i delete a comment, but database still doesn't change!
Magic just happened! I don't even know what have I done (I fixed quotation marks problem), but it just works know!
<?php
require_once "../../private/initialize.php";
session_start();
$id = $_SESSION['id'];
$thread_clicked = isset($_POST['index4'])?$_POST['index4']:'';
$thread_clicked = $thread_clicked +1;
$req_user = "SELECT * FROM log_in WHERE id='".$id."'";
$result_user = mysqli_query($db,$req_user);
$subject_user = mysqli_fetch_assoc($result_user);
$req = "DELETE FROM comments WHERE user='" .$subject_user['account']. "' AND c_id='" .$thread_clicked. "'";
$result = mysqli_query($db,$req);
if ( !$req ) {
printf("Error: %s\n", $mysqli_error($db));
}
else{
echo $req;
}
?>
<?php
require_once "../../private/initialize.php";
$id = $_SESSION['id'];
$thread_clicked = isset($_POST['index4'])?$_POST['index4']:'';
$req_user = "SELECT * FROM log_in WHERE id='$id'";
$result_user = mysqli_query($db,$req_user);
$subject_user = mysqli_fetch_assoc($result_user);
$req = $result = mysqli_query($db,$req);
$req = "DELETE FROM comments WHERE user='"$subject_user['account']"' AND c_id='"$thread_clicked"'";
$result = mysqli_query($db,$req);
Try this code for your php. If it works fine i will edit with explanation.
Your using the wrong quotes in your delete statement - your using back ticks which is used to identify fields, not surround values.
$req = "DELETE FROM comments WHERE user=`" .$subject_user['account']. "` AND c_id=`" .$thread_clicked. "`";
should be
$req = "DELETE FROM comments WHERE user='" .$subject_user['account']. "' AND c_id='" .$thread_clicked. "'";
with single quotes rather than backticks.
Edit: It's also useful to check the return values from queries...
if ( !$result ) {
printf("Error: %s\n", $mysqli_error($db));
}
Should let you know if there are any problems with the delete.
$sql = "UPDATE reservations SET status = '$this->status',remaining_time ='$this->remain',cost = '$this->cost' WHERE id = '$this->id'";
This code is not working although it's correct
I am using object oriented php.
$this->id is a variable passed by link from another page.
When I run the code it tells me it was successful but that there are zero affected rows.
The one line above is part of the following code:
<?php
class edit {
private $status;
private $remain;
private $cost;
private $id;
public function edit_data() {
$this->status = strtoupper(strip_tags($_POST['status']));
$this->remain = strip_tags($_POST['remain']);
$this->cost = strip_tags($_POST['cost']);
$submit = $_POST['submit'];
$this->id = $_GET['edit'];
$con = mysql_connect("localhost","root","")
or die("Failed to connect to the server: " . mysql_error());
mysql_select_db("Users")
or die("Failed to connect to the database: " . mysql_error());
if($submit) {
if($this->status and $this->remain and $this->cost) {
$sql = "UPDATE reservations SET status = '".$this->status."',remaining_time ='".$this->remain."',cost = '".$this->cost."' WHERE id = '".$this->id."'";
$query = mysql_query($sql,$con);
if(!$query) {
echo("Could not update data: " . mysql_error());
}
echo "<h4>Customer reservation data has been updated successfully.</h4>";
echo "Number of affected rows: " . mysql_affected_rows();
}
else {
echo "Please fill in all fields.";
}
}
mysql_close($con);
}
}
$edit = new edit();
echo $edit->edit_data();
?>
Are you sure about your concatenation?
$sql = "UPDATE reservations SET status = '$this->status',remaining_time ='$this->remain',cost = '$this->cost' WHERE id = '$this->id'";
Print $sql to see the value.
If your database is already updated, you will receive 0 affected lines.
I am not totally sure but try this,
"UPDATE reservations SET status = '".$this->status."',remaining_time ='".$this->remain."',cost = '".$this->cost."' WHERE id = '".$this->id."'";
It seems that your table doesn't contain a value which satisfies where condition.
You can check this by executing a simple query.
$sql = "select * from reservations where id='$this->id'";
So I'm making a usergroup function that allows me to block off pages to lower user levels. This is my function for grabbing info:
function grab_info($id, $requested_info){
$id = $_SESSION['user_id'];
$requested_info = $requested_info;
$con = new mysqli('localhost', 'root', '', 'login');
if ($con->connect_errno >0){
die("Handle your connection error here");
}
$sql = "SELECT * FROM `users` WHERE `id` = $id";
if (!$result = $con->query($sql)) {
die("There as a query error for some reason handle your query error");
}
while($row = $result-fetch_assoc()){
$info = $row[$requested_info];
return $info;
}
}
Right here:
$sql = "SELECT * FROM `users` WHERE `id` = $id";
if (!$result = $con->query($sql)) {
die("There as a query error for some reason handle your query error");
}
is where something is going wrong. This is my method for grabbing the info:
$id = $_SESSION['user_id'];
$rank = grab_info($id, 'rank');//Gets rank from our id
$meets = can_access($rank, 4, true);//We're saying our user has a rank of 1 to access this page you need a rank of 3 and only 3 hence strict
if ($meets == false){//user cant access page
header("Location: index.php");
die();
}
Basically, it just keeps giving me the "There as a query error for some reason handle your query error" and I'm stuck. New to php so sorry if it's messy.
Using prepared statements and cast the variable as an integer.
$stmt = $con->prepare("SELECT * FROM `users` WHERE `id` = ?");
$stmt->bind_param("i",$id);
$id = (int) $_SESSION['user_id'];
$stmt->execute();
$result = $stmt->get_result();
Check to make sure that $id is actually set. If it's null that will cause your query to explode.
$sql = "SELECT * FROM `users` WHERE `id`='{$id}'";
Try this :)
$query=mysql_query("SELECT * FROM user WHERE user_email='$user_email');
Please try this:
function grab_info($id, $requested_info){
$id = $_SESSION['user_id'];
$requested_info = $requested_info;
$con = new mysqli('localhost', 'root', '', 'login');
if ($con->connect_errno >0){
die("Handle your connection error here");
}
$sql = "SELECT * FROM users WHERE id =". $id;
if (!$result = $con->query($sql)) {
die("There as a query error for some reason handle your query error");
}
while($row = $result->fetch_assoc()){
$info = $row;
return $info;
}
}
I am using the JQuery Validation Plugin. I got the remote function working with the default php file.
I modified the php file to use my own version but mysql is returning
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/fastbluf/syatch/module/1.func.php on line 15
My PHP Code is the following. All my syntax looks correct.
<?php
// Last Edited: 4/23/12
$conn = mysql_connect('localhost','hidden','hidden') or die('Iam dying');
$rs = #mysql_select_db( "hidden", $conn) or die( "Err:Db" );
$do = $_REQUEST['do'];
$email= $_REQUEST['email'];
$user= $_REQUEST['user'];
function checkInfo($do,$email,$user){
switch ($do) {
case 1:
$sql = "select * from User_Base where Email_Address = $email";
$results = mysql_query($sql). mysql_error();
$nResults = mysql_num_rows($results);
if ($nResults > 0) {
$valid="false";
} else {
$valid="true";
}
break;
case 2:
//not yet
break;
}
return $valid;
}
echo checkInfo($do,$email,$user);
?>
The problem is that you're appending to your result, causing it to no longer be a valid result.
$results = mysql_query($sql). mysql_error();
Try changing this to be something like this:
$results = mysql_query($sql) or die(mysql_error());
Your query should also be changed to quote the email address, and the address should be escaped to prevent attacks (SQL Injection):
$email = mysql_real_escape_string($_REQUEST['email']);
$sql = "select * from User_Base where Email_Address = '$email'";
Fix your query to
$sql = "select * from User_Base where Email_Address = '".$email."'";