Having this code:
$query = "INSERT INTO table1 SET posted='".mysql_real_escape_string(time())."'";
#mysql_query($query);
....
$q = "UPDATE table2 SET activated='".mysql_real_escape_string(time())."'";
#mysql_query($q);
Then, when I look in the database, the posted value in table2 is less than the posted value in table1.
How could this possible or am I doing something wrong?
this query is wrong
$query = "INSERT INTO table1 SET posted='".mysql_real_escape_string(time())."'";
#mysql_query($query);
it should be
$query = "update table1 SET posted='".mysql_real_escape_string(time())."'";
#mysql_query($query);
and try to store the time in variable and use it in query..
Related
$query = "UPDATE INTO Sanctions SET (idNumber, lastName,firstName, section,sanction,expireDate) VALUES('$idNumber','$lastName', '$firstName','$section','$sanction', '$dueDate') WHERE id= '$id'";
Wrong
$query = "UPDATE INTO Sanctions
SET (idNumber, lastName,firstName, section,sanction,expireDate)
VALUES('$idNumber','$lastName', '$firstName','$section','$sanction', '$dueDate')
WHERE id= '$id'";
Correct way:
$query = "UPDATE Sanctions
SET idNumber = '{$idNumber}',
lastName = '{$lastName}', ....
WHERE id = '{$id}'";
The INTO command is not valid for UPDATE query. You need to assign the table equals to (=) values for every column you want to edit.
Notes:
These query are not well secured, please use prepared statement insted. :)
I'm trying to sum/add another value to the actual value in the database but this is not working. Any suggestions?
$suplies=15;
$user_id="100234";
$sql = "UPDATE table SET suplies=suplies+".$suplies." WHERE user_id=?";
$q = $conn->prepare($sql);
$q->execute(array(':suplies'=>$suplies,':user_id'=>$user_id));
Just use the named placeholder all through out.
$sql = "UPDATE table SET suplies = suplies + :suplies WHERE user_id = :user_id";
I am trying to insert values into a database table, a row is inserted but blank no values are inserted. Only the order_id which is the primary key with auto increment increase.
php code:
<?php
$user_get = mysql_query("SELECT * FROM users");
while($row_user = mysql_fetch_assoc($user_get)){
if($row_user['username'] == $_SESSION['username']){
$row_user['first_name'] = $res1;
$row_user['last_name'] = $res2;
$store_order ="INSERT INTO oko (user, product) VALUES ('$res1', '$res2')";
mysql_query($store_order);
}
}
?>
Your assignments are backwards. I think you meant to:
$res1 = $row_user['first_name'];
$res2 = $row_user['last_name'];
Don't you mean:
$res1 = $row_user['first_name'];
$res2 = $row_user['last_name'];
You could also update the SELECT to have a WHERE clause that checks $_SESSION['username'].
You could also just do an INSERT/SELECT:
INSERT INTO oko (user, product)
SELECT
first_name, last_name
FROM
users
WHERE
username = '$_SESSION["username"]'
Your code is vulnerable to injection. You should use properly parameterized queries with PDO/mysqli
At the moment I have a script where I add data to the database.
Once the data is entered I would like to get the get the row straight away.
For example if I have a query like this where I have two seperate:
$sql = "INSERT INTO table SET columnA '".$this->db->escape($columnA)."'";
$query = $this->db->query($sql);
$sql = "SELECT * FROM table";
$query = $this->db->query($sql);
return $query->db->row;
I want to be able to make get that database row instantly after inserting it. Will I have to make a whole new query or is there a quicker way? I am using OpenCarts API if that helps.
Thanks
Peter
INSERT INTO table (a,b,c) VALUES ('a','b','c');
SELECT * FROM table WHERE your_table_primary_key = LAST_INSERT_ID();
PHP:
$sql = "INSERT INTO table SET columnA '".$this->db->escape($columnA)."';";
$sql .= "SELECT * FROM table WHERE your_table_primary_key = LAST_INSERT_ID();"
$query = $this->db->query($sql);
return $query->db->row;
I am taking a calendar feed with a PHP file and I need to compare it to my database. If the $lastEdited variable is different than what is in the database, I need to change the record. I'm really new to SQL, so I'm not sure what to do. I just have Date_Edited set as a VARCHAR so I just need to compare the strings. I have this:
$query = "SELECT * FROM myTable WHERE Event_ID='$id'";
$result = mysql_query($query);
if (!mysql_num_rows($result)) {
mysql_query("INSERT INTO myTable (Event_ID, Date_added, Date_edited, Title)
VALUES ('$id', '$dateAdded', '$lastEdited', '$title')");
}
How do I compare $lastEdited to Date_edited and change the row if they are different?
you need to do something like
$row = mysql_fetch_array($result, MYSQL_ASSOC);
if($lastEdited != $row['Date_added']){
# run update query
mysql_query("update myTable set
// here insert all update fields you need like
Date_added = '$dateAdded', Date_edited = '$lastEdited' , Title = '$title'
WHERE Event_ID='$id' ");
}
You probably want to use the UPDATE statement.