I have the following code and it works fine when updating the score and date. But it won't update the row's name or country. Does this have something to do with the php string??? Very confused!
$userName = "John";
$userCountry = "USA";
$lowestScoreId = 99;
$userPoints = 500;
include 'config.php';
$currentTime = time();
mysql_query("UPDATE highScores SET name = $userName WHERE id='$lowestScoreId'");
mysql_query("UPDATE highScores SET score = $userPoints WHERE id='$lowestScoreId'");
mysql_query("UPDATE highScores SET country =$userCountry WHERE id='$lowestScoreId'");
mysql_query("UPDATE highScores SET date = $currentTime WHERE id='$lowestScoreId'");
You forgot the quotes around the values you set. And you can do that in 1 query.
UPDATE highScores
SET `name` = '$userName',
`score` = '$userPoints',
`country` = '$userCountry',
`date` = '$currentTime'
WHERE id='$lowestScoreId'"
You should do this in one statement.
$userName = "John";
$userCountry = "USA";
$lowestScoreId = 99;
$userPoints = 500;
include 'config.php';
$currentTime = time();
mysql_query("UPDATE highScores SET name = '$userName', score = '$userPoints', country = '$userCountry', date = '$currentTime' WHERE id='$lowestScoreId'");
Also, you shouldn't use the PHP mysql_ functions anymore. Have a look at MySQLi which is newer, faster and has more features.
Related
I want to select the highest value in a table:
$max = "SELECT MAX(pid) FROM pic";
Then pass that value into a PHP variable:
$results_max = $conn->query($max);
$highest_val = $results_max->fetch_assoc();
To then use again in a SQL insert statement:
$sql_update = "UPDATE users
SET username = '$username', pid = '$highest_val'
WHERE username = '$username'";
However i tested out the value i got from my first select statement ($highest_val) and it returns "Array". Does anyone know what I am doing wrong?
Edit:
$sql_update = "UPDATE users
SET username = '$username', pic_id = '$highest_val[pid]'
WHERE username = '$username'" ;
You need to create alias of MAX(pid);
$max = "SELECT MAX(pid) as pid FROM pic";
Now you fetch max pid using
$results_max = $conn->query($max);
$highest = $results_max->fetch_assoc();
$highest_val =$highest['pid'];// pass column name here
And your Update query would be
$sql_update = "UPDATE users
SET username = '".$username."', pid = '".$highest_val."'
WHERE username = '".$username."'";
I have a problem with an query that won't work.
The one that needs to set the rank to 2 works, but the one that needs to set vip to 1 doesn't work.
I just get an white page.
What is the problem?
<?php
session_start();
include ("includes/config.php");
$lid = $_SESSION['lid'];
$uQuery = mysql_query("SELECT * FROM users WHERE id = '".$lid."'");
while($uFetch = mysql_fetch_array($uQuery)){
$uuser = $uFetch['username'];
$umotto = $uFetch['motto'];
$ucredits = $uFetch['credits'];
$upixels = $uFetch['activity_points'];
$ubelcr = $uFetch['belcredits'];
$urank = $uFetch['rank'];
$ufigure = $uFetch['look'];
}
if($urank < '2'){
mysql_query("UPDATE users SET rank = 2 WHERE id = '".$lid."'");
mysql_query("UPDATE users SET vip = 1 WHERE id = '".$lid."'");
}
Header("vip.php?succes=1");
?>
mysql_query("UPDATE users SET rank = 2,vip = '1' WHERE id = '".$lid."'");
Not exactly what you're looking for, but looking at the queries you could simplify to:
session_start();
include ("includes/config.php");
if(isset($_SESSION['lid'])){
$lid = $_SESSION['lid'];
$query = "UPDATE users SET rank = 2, vip = '1' WHERE rank < 2 AND id = ".intval($lid);
$result = mysql_query($query) or die(mysql_error());
header('Location: vip.php?succes=1');
exit;
}
I have the following code: its purpose is very clear => at login update db with +1 logins for totallogins and record the time of the very last login. The only downside is that it wont work.
<?php
date_default_timezone_set('Europe/Amsterdam');
if (isset($_POST['formsubmitted'])) {
$Timesloggedin = "SELECT * FROM members.Timesloggedin WHERE Email='$email'";
$time = date("Y-m-d H:i:s");
$query1 = "UPDATE members SET Timesloggedin = $Timesloggedin + 1, Lastloggedin = $time WHERE Email ='$email'";
$result_insert_loggedins = mysql_query($query1);
if (!$result_insert_loggedins) {
echo 'Query failed';
}
if (mysql_affected_rows($dbc) == 1)
{
//If the Insert Query was successfull.
}
?>
$query1 = "UPDATE members SET Timesloggedin = Timesloggedin + 1, Lastloggedin = '$time' WHERE Email ='$email'";
Remember that $time is a string and needs the quotes. Also, $Timesloggedin would be an object (if you actually ran the query which you don't) so just remove the $ and it will just increment the field.
Also, you don't even need the first query. Nor do you need the date calculation. Just use mysql's NOW()...
$query1 = "UPDATE members SET Timesloggedin = Timesloggedin + 1, Lastloggedin = NOW() WHERE Email ='$email'";
you can just use
Timesloggedin = Timesloggedin + 1
Instead of the variable.
I want to update a mysql database. That has become a common practice for me, but for some reason with no error, it just doesn't work. The only thing I have never done is compare against 2 variables(in this case, ID && Name)
$name = $_POST['name'];
$duty = $_POST['duty'];
$number = $_POST['number'];
$url = $_POST['url'];
$insert = "UPDATE vendors SET name = '$_POST[name]', duty = '$_POST[duty]', number = '$_POST[number]', url = '$_POST[url]' WHERE id = '$id' && name = '$name'";
$result=mysql_query($insert) or die(mysql_error());
if ($result) {
header("location:**HIDDEN**");
Any help would be appreciated.
Instead of &&, you should use AND to add another where-condition.
Write this instead:
$name = $_POST['name'];
$duty = $_POST['duty'];
$number = $_POST['number'];
$url = $_POST['url'];
$insert = "UPDATE `vendors` SET `name` = '{$_POST['name']}', `duty` = '{$_POST['duty']}', `number` = '{$_POST['number']}', `url` = '{$_POST['url']}' WHERE (`id` = '$id' AND `name` = '$name')";
$result = #mysql_query($insert) or die(mysql_error());
header("location:**HIDDEN**");
It should now work. Notify me if there still is a problem.
replace && with AND and you should be good
Your Query is wrong. Following is the correct one.
The way you have used the variables is wrong.
You had not written any code for $id. What is that?
$insert = "UPDATE vendors SET name = '".$_POST['name']."', duty = '".$_POST['duty']."', number = '".$_POST['number']."', url = '".$_POST['url']."' WHERE id = '$id' AND name = '$name'";
The function is supposed to update the values in the database.
Here is the code:
//Functions
//Function to Update users networth
function update_net($name)
{
//Get worth & balance at the time
$sql_to_get_worth_balance = "SELECT * FROM user WHERE username = '$name'";
$sql_query = mysql_query($sql_to_get_worth_balance);
while ($rows = mysql_fetch_assoc($sql_query))
{
$worth = $rows['worth'];
$balance_ = $rows['cash_balance'];
}
//Get net_worth now
$new_net_worth = $worth + $balance;
//Update net_worth
$sql_for_new_worth = "UPDATE user SET net_worth = '$new_net_worth'";
$sql_worth_query = mysql_query($sql_worth);
}
It is used here:
//Get username
$username = $_SESSION['username'];
if (isset($username))
{
//Update networth
$update_worth = update_net($username);
You probably want a WHERE clause on the end of this query:-
$sql_for_new_worth = "UPDATE user SET net_worth = '$new_net_worth'";
e.g.
$sql_for_new_worth = "UPDATE user SET net_worth = '$new_net_worth' WHERE username = '$name';
You're forgetting the where name=$name part in the update query (which will update the entire table!)
I hope your $name can never hold user entered data because your sql is vulnarable to injection.
Maybe:
//Update net_worth
$sql_for_new_worth = "UPDATE user SET net_worth = '$new_net_worth'";
$sql_worth_query = mysql_query($sql_worth);
Should Read:
//Update net_worth
$sql_for_new_worth = "UPDATE user SET net_worth = '$new_net_worth'";
$sql_worth_query = mysql_query($sql_for_new_worth);
May be you should commit transaction?