Updating mysql database through php with HTTP POST methods - php

It executes on application perfectly I double checked it. It sends all parameters properly and the problem is in php script it doesn't execute the query (update,delete) it execute the insert query properly. The php script works perfect with html form but I don't know where the problem is.
Here is my php script:
$mysql_host = "localhost";
$mysql_database = "locator";
$mysql_user = "root";
$mysql_password = "";
mysql_connect($mysql_host,$mysql_user,$mysql_password) or die(mysql_error());
mysql_select_db($mysql_database);
$uMail = $_POST['u_mail'];
$uIMEI = $_POST['u_IMEI'];
$uName = $_POST['u_name'];
$uPass = $_POST['u_pass'];
$tName = $_POST['t_names'];
$tIMEI = $_POST['t_IMEIs'];
$tDesc = $_POST['t_desc'];
mysql_query("UPDATE user_master SET t_names='$tName',t_IMEIs='$tIMEI',t_desc= '$tDesc' WHERE u_mail = '$uMail' AND u_IMEI = '$uIMEI'");
mysql_close();
?>

maybe you should escape your strings with mysql_real_escape_string()
$uMail = mysql_real_escape_string($_POST['u_mail']);
$uIMEI = mysql_real_escape_string($_POST['u_IMEI']);
$uName = mysql_real_escape_string($_POST['u_name']);
$uPass = mysql_real_escape_string($_POST['u_pass']);
$tName = mysql_real_escape_string($_POST['t_names']);
$tIMEI = mysql_real_escape_string($_POST['t_IMEIs']);
$tDesc = mysql_real_escape_string($_POST['t_desc']);
mysql_query("UPDATE user_master SET t_names='$tName',t_IMEIs='$tIMEI',t_desc= '$tDesc' WHERE u_mail = '$uMail' AND u_IMEI = '$uIMEI'");
and make sure $uMail and $uIMEI are set correctly

Related

Is there any error in my sql query?

I want to update my user_info table but it's not working. In my user_info I have already taken some values from one activity and from another activity I want to take some more values but it's not working. I'm pretty sure that there is no error in my Java code.. is there any error in my query?
$db_name = "db";
$mysql_user = "root";
$mysql_pass = "";
$server_name = "localhost";
$con = mysqli_connect($server_name, $mysql_user, $mysql_pass, $db_name);
$name = $_POST["user"];
$user_email = $_POST["user_email"];
$Gender = $_POST["Gender"];
$contact = $_POST["contact"];
$address = $_POST["address"];
$sql_query = "UPDATE user_info SET name='$name', Gender='$Gender', contact='$contact', address='$address' WHERE user_email='$user_email'";
mysqli_query($con,$sql_query)
mysqli_close($con);
Im not sure without seeing you database table but "Gender" is capitalized while the other field names are lowercase. Just a shot in the dark here, otherwise your query looks fine.

How to Connect two data base mysql in same time

I use this in a file called connect.php:
$username_mysql = "root";
$password_mysql = "";
$database_mysql = "bdd_imvert";
//$database_mysql = "imprimvert_renouvellement";
$db = #mysql_connect($hostname_mysql, $username_mysql, $password_mysql) or die(mysql_error());
mysql_select_db($database_mysql,$db);
$hostnameivert_mysql = "localhost";
$usernameivert_mysql = "root";
$passwordivert_mysql = "";
$databaseivert_mysql = "ivert";
//$database_mysql = "imprimvert_renouvellement";
$db1 = #mysql_connect($hostnameivert_mysql, $usernameivert_mysql, $passwordivert_mysql) or die(mysql_error());
mysql_select_db($databaseivert_mysql,$db1);`
I include it in the a page containing:
$sql = "select * from ivert_users where id=".GetSQLValueString($user_id,"int");
$re = #mysql_query($sql,$db)
I get an error when I do this however:
'ivert.ivert_users' does not exist
I am not sure why I get this error, any help would be appreciated.
There is no problem with your code. I tried the same and it is working for me. There must be some problem with your query. Because your error message shows that connection happened but your query returned an error. Refer this It might help.
Or the second reason it can be is you haven't defined host for the first DB.
<?php
$hostnameivert_mysql = "localhost";
$username_mysql = "root";
$password_mysql = "pma";
$database_mysql = "olivenation";
$db = #mysql_connect($hostname_mysql, $username_mysql, $password_mysql) or die(mysql_error());
mysql_select_db($database_mysql,$db);
echo ("<pre>");print_r($db);echo("</pre>");
$hostnameivert_mysql = "localhost";
$usernameivert_mysql = "root";
$passwordivert_mysql = "pma";
$databaseivert_mysql = "practical";
$db1=#mysql_connect($hostnameivert_mysql, $usernameivert_mysql, $passwordivert_mysql) or die(mysql_error());
mysql_select_db($databaseivert_mysql,$db1);
echo ("<pre>");print_r($db1);echo("</pre>");
$sql = "select * from product_master where id=1";
$re = #mysql_query($sql,$db);
echo ("<pre>");print_r(mysql_fetch_array($re));echo("</pre>");
$sql = "select * from users";
$re = #mysql_query($sql,$db1);
echo ("<pre>");print_r(mysql_fetch_array($re));echo("</pre>");
?>

SQL Update with form values not working

I'm trying to update a table with the form values although it doesn't seem to be updating in the database and there are no errors either.
<?php
session_start();
if(!isset($_SESSION["user"]) or !is_array($_SESSION["user"]) or empty($_SESSION["user"])) {
// redirect to login page
}
$dbhost = "localhost";
$dbname = "***";
$dbuser = "***";
$dbpass = "***";
// database connection
$conn = new PDO("mysql:host=$dbhost;dbname=$dbname",$dbuser,$dbpass);
// new data
$date = date('Y-m-d') ."\n";
$now = time(); $utc_time = $now - intval(date('Z', $now));
$time = date('H:i:s', $now);
$pname = $_POST['pname'];
$pdetails = $_POST['pdetails'];
$pabout = $_POST['pabout'];
$pwebsite = $_POST['pwebsite'];
$pyoutube = $_POST['pyoutube'];
$pfacebook = $_POST['pfacebook'];
$uID = $_POST['uID'];
$id = $_POST['id'];
$seshID = $_SESSION['user']['id'];
$conn->prepare($sql = "UPDATE pages SET pname='$pname', pdetails='$pdetails', pabout='$pabout', pwebsite='$pwebsite', pyoutube='$pyoutube', pfacebook='$pfacebook' WHERE id='$id' AND author_id='$seshID'");
?>
Make sure that you are getting all the data from POST method. For that you can echo all the variables... The basic reason for your script not working is that you are not sending the query to the database.. Use a script like this:
$stmt = $conn->prepare("UPDATE pages SET pname='$pname', pdetails='$pdetails', pabout='$pabout', pwebsite='$pwebsite', pyoutube='$pyoutube', pfacebook='$pfacebook' WHERE id='$id' AND author_id='$seshID'");
$stmt->execute();

What is wrong with my sql query? (PHP)

What is wrong with this code? Why can't I get the username from the members table in website database. Here's the screenshot of database information:
I am trying to make a function for it so that I can use it later. Here's the code:
<?php
function get_username($username){
$host = 'localhost';
$username = 'root';
$password = '';
$database = 'website';
$con = mysqli_connect($host, $username, $password, $database);
$query = "SELECT * FROM members WHERE username = '{$username}'";
$result = mysqli_query($con, $query);
$row = mysqli_fetch_array($result);
return $row['name'];
mysqli_close($con);
}
echo get_username('iamfaizahmed');
?>
Your username is overwritten in the function
$username = 'root'; // here
So no matter what you pass in the function argument it will always use
where username = 'root'
So use a different variable name
you are mixing between $username of the function and $username of your connect variable
change this
function get_username($username){
to
function get_username($user){
and do your query like that
$query = "SELECT * FROM members WHERE username = '$user'";
First thing, your $username variable.
You're passing it through the function and also using it for db connection.
Change your dbusername in the function as $dbusername
Second, the query. Keep it as:
$query = "SELECT * FROM members WHERE username = '$username'";
Now, once you're done with the basics, I recommend you to visit this link: Click Here
That should get your somewhere!

New $_SESSION variable not created after query?

I'm trying to build a login process where, by using $_SESSION variables, the login credentials of the user are stored and used to show their relevant data from the database on screen (i.e. they will only see the school data that they work for).
<?php
session_start();
if(!isset($_SESSION['Initials'], $_SESSION['Surname']))
{
$host = "xxx";
$username = "xxx";
$password = "xxx";
$database_name = "xxx";
$table_name = "xxx";
mysql_connect($host, $username, $password) OR die("Can't
connect");
mysql_select_db($database_name) OR die("Can't connect to
Database");
$query = "SELECT Class FROM $table_name WHERE Initials = '".
$_SESSION['Initials']."' AND staff LIKE '%".$_SESSION['Surname']."'";
$result = mysql_query($query);
$class = mysql_fetch_array($result);
$count = mysql_num_rows($result);
if($count === NULL)
{
echo "ERROR";
}
else
{
$_SESSION['Class'] = $result;
echo "Class added to sessions";
}
}
?>
My initial problem where the query couldn't recognize the session variables was easily solved by adding the correct brackets for the if-statement. My next problem that has arisen here is that even though the query should be successfull (I don't receive an error message saying 'ERROR' when the $count is either FALSE or NULL) it's not creating the result array into a new session, because when I print the session array on a new page it's still only carrying over the 'Initials' and 'Surname' sessions.
What do I need to change to my query, or post-query process in order for that array (because it's bound to throw up multiple results) to be made into a new session?
Many thanks for the answers to my initial problem!
if(!isset($_SESSION['Initials'], $_SESSION['Surname'])) {
// code
}
u need { } brackets
if(!isset($_SESSION['Initials'], $_SESSION['Surname']))
$host = "xxxxx"; $username = "xxxxx"; $password = "xxxxx";
is
if(!isset($_SESSION['Initials'], $_SESSION['Surname'])) {
$host = "xxxxx";
}
$username = "xxxxx";
$password = "xxxxx";
I've found the answer - it turned out that I wasn't treating one of the session variables as a proper array and thus wouldn't load properly. I've added my script below so that people with similar problems in the future can use it as a reference point:
<?php
session_start();
// Server Details //
$host = "---";
$username = "---";
$password = "---";
$database_name = "---";
$table_name = "---";
// Connect Command //
mysql_connect($host, $username, $password) OR die("Can't
connect");
mysql_select_db($database_name) OR die("Can't connect to
Database");
// Query to call up the unique school name //
$query_school = mysql_query("SELECT DISTINCT School FROM $table_name
WHERE Initials = '".$_SESSION['---']."'
AND staff LIKE '%".$_SESSION['---']."'") or die( mysql_error());
$result_school = mysql_result($query_school, 0);
// Query to call up the unique centre no //
$query_centreno = mysql_query("SELECT DISTINCT CentreNo FROM
$table_name WHERE Initials = '".$_SESSION['---']."'
AND staff LIKE '%".$_SESSION['---']."'") or die( mysql_error());
$result_centreno = mysql_result($query_centreno, 0);
// The newly created sessions for school info //
$_SESSION['---'] = $result_school;
$_SESSION['---'] = $result_centreno;
// Query to call up the array of classes //
$query_class = mysql_query("SELECT Class FROM $table_name WHERE
Initials = '".$_SESSION['---']."'
AND staff LIKE '%".$_SESSION['---']."'") or die( mysql_error());
$query_class__array = array();
while($row = mysql_fetch_assoc($query_class))
$query_class_array[] = $row;
$_SESSION['---'] = $query_class_array;
?>

Categories