Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 8 years ago.
Improve this question
im tryting to look where did do wrong but i cant find the problem, i cant update my database, can someone see my code whats missing? Is always saying me "database error"
Code:
<?php
if(isset($_POST['enviar'])) {
$types="";
for ($i=0; $i<count($_POST['texames']);$i++)
$types=$types.$_POST['texames'][$i].',';
$meta_desc=$_POST['meta_desc'];
$meta_info=$_POST['meta_info'];
$id_meta=$_POST['id_meta'];
if($meta_desc && $meta_info) {
$sql="update metainfo set meta_desc, meta_info='$meta_desc', '$meta_info' where id_meta=$id_meta";
mysql_query($sql) or die("DAtabase Error ...");
header("Location: list.php");
} else {
echo '<script language="javascript">alert("Fill Form!");</script>';
}
}
?>
You are setting two columns simultaneously;
set meta_desc, meta_info='$meta_desc', '$meta_info' where
Change your query to:
update metainfo set meta_desc = '$meta_desc', meta_info = '$meta_info'
where id_meta = $id_meta
The problem with with your query :
update metainfo set meta_desc, meta_info='$meta_desc', '$meta_info'
should be
update metainfo set meta_desc='$meta_desc', meta_info='$meta_info'
you cannot set multiple columns simultaneously in the manner you were doing
There are quite a few things you need to consider changing in your code, but firstly try changing
mysql_query($sql) or die("DAtabase Error ...");
to
mysql_query($sql) or die("Database Error - " . mysql_error());
this will provide you with a proper error message.
You should also have a read about SQL Injection and consider updating your code to either mysqli or PDO
Try
$sql="update metainfo set meta_desc='$meta_desc', meta_info='$meta_info' where id_meta=$id_meta";
also if you echo out the error in your die statement youll have better debug info
your problem seesm to be invalid sql-syntax:
update metainfo set meta_desc, ...
you've messed up the field/value-syntax. there's no values for meta_desc and $meta_info isn't applied to a field, it should be like this:
update metainfo set meta_desc = '$meta_desc', meta_info = '$meta_info'
where id_meta = $id_meta
you are missing an "=" on your query after "meta_desc":
$sql="update metainfo set meta_desc=, meta_info='$meta_desc', '$meta_info' where id_meta=$id_meta";
and I'm not sure if it should be like the above or like this:
$sql="update metainfo set meta_desc='$meta_desc', meta_info='$meta_info' where id_meta=$id_meta";
You could alternatively try this:
$sql="UPDATE metainfo SET (meta_desc, meta_info) VALUES ('" . $meta_desc . "', '" . $meta_info . "') WHERE id_meta = " . $id_meta;
Related
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 5 years ago.
Improve this question
I am doing a system with php code,But delete function with SQL is not working.I don't know why it happens.
Below is my code:
function deleteEmployee($params)
{
$tid = $_SESSION['tmid'];
$data = array();
//print_R($_POST);die;
$sql = "delete from `cusinfo` WHERE TICKET_ID='".$params["id"]."' AND AGENT_CODE_STAFF_ID IN (SELECT id FROM `users` where tm_groupid = '$tid')";
echo $result = mysqli_query($this->conn, $sql) or die("error to delete employee data");
}
The problem probably is in the line echo $result = mysqli_query($this->conn, $sql) or die("error to delete employee data");
As I said in one comment, replacing the die string with mysqli_error($this->conn) should display an error.
However after some testing I found that assigning a variable in a echo might give strange results, i test echo $test = "hello" or die("test"); and found that neither hello nor test was displayed on the screen, but 1 was displayed, which probably was the boolean true.
A better way to see if the query was executed could be:
//other code that stayed the same
$statement = mysqli_prepare($this->conn, "delete from `cusinfo` WHERE TICKET_ID=? AND AGENT_CODE_STAFF_ID IN (SELECT id FROM `users` where tm_groupid = ?)");
$statement = mysqli_stmt_bind_param($this->conn, $params['id'], $tid); //
$sql = msyqli_stmt_execute($statement); // returns either true or false
if ($sql === true) {
echo "Successfull"; // executing successfull code
}
else {
var_dump(mysqli_stmt_error_list($statement)); // handling error
die;
}
This will handle some sql errors in a way that is expected(they are 'dumped and died').
Using prepared statements the correct way will mean that most sql injections are able to be stopped, and with a DELETE query, you want to make sure that sql injections are stopped.
Note: I am no expert on sql injections
Note 2: I would have used PDO for prepared statements though, it seems to me to be much more logical to work with
echo $result = mysqli_query($this->conn, $sql) or die("error to delete employee data");
In above line you are execution query and echo it. But if it is not executed you are echo your own message. This will prevent you from actual error message. And if the row that you are going to delete from TICKET_ID not exsist you cannot see it, you only see your message "error to delete employee data".
To solve this:
echo mysqli_error($this->conn);
This will give you connection error.
Or:
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
if ($result) {
echo "Record deleted successfully";
} else {
echo "Error deleting record: " . $conn->error;
}
Many many function have to handle these errors. stackoverflow question, php manual and this.
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 7 years ago.
Improve this question
i have the following php:
<?php
$connection=mysqli_connect("host","user","pass","db");
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
}
$result = mysqli_query($connection,"SELECT ID FROM tbname");
while($row = mysqli_fetch_array($result))
{
mysqli_query($connection,"UPDATE tbname SET amount= (amount+ 1) WHERE ID='$row[ID]' ");
}
mysqli_close($connection);
echo 'OK'; ?>
I want to 'corelate' the pressing of a button to update the associated row value from the table but when i use this code i get all my values updated. Can anyone help me ?
This assumes that your ajax request is passing an 'id' parameter. Note that this code is open to SQL injection attacks. I am assuming that you know how to properly sanitize your inputs and parameterize your queries to protect yourself. If you don't, Jay's answer includes some good links that you should check.
<?php
if(!empty($_POST["id"]))
{
$id = $_POST["id"];
$connection=mysqli_connect("host","user","pass","db");
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
exit;
}
mysqli_query($connection,"UPDATE tbname SET amount= (amount+ 1) WHERE ID = '" . $id . "'");
mysqli_close($connection);
echo 'OK';
}
else
{
echo 'NO ID PASSED';
}
?>
You have to properly identify the variable in the array and concatenate the variable in the query:
mysqli_query($connection,"UPDATE tbname SET amount = amount+ 1 WHERE ID='" . $row['ID']. "' ");
you also do not need the parentheses around the calculation in the SET clause.
Since you're selecting all of the rows in your table and then looping through all of the rows and changing the value, which is not what you want, you have to select with a filter:
SELECT ID FROM tbname WHERE *some condition is met*
Once you do that you'll be able to update a subset of your records as you desire.
Since you're using MySQLi you should learn about prepared statements for MySQLi to guard yourself from potential SQL Injection Attacks.
in addition you should employ error checking, such as or die(mysqli_error()) to your connection and queries. If not you'll have to look in your error logs to fish out any problems that you could have with these.
Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 8 years ago.
Improve this question
I'm using PHP to display what is in my MySQL database in a table. I think it is working but the output is still "ERROR". I need to delete all records in a row.
<?php
require_once ('config.inc.php');
$id=$_POST['id'];
$sql = "DELETE `subject_information` WHERE `id`='$id'";
$result = mysql_query($sql);
if ($result)
{
echo "Deleted Successfully";
}
else
{
echo "ERROR!";
mysql_close();
}
?>
You forgot your FROM keyword. The proper syntax is:
DELETE FROM table_name
WHERE some_column=some_value;
So your code should be like this:
$sql = "DELETE FROM `subject_information` WHERE `id`='$id'";
you should change this line :
$sql = "DELETE `subject_information` WHERE `id`='$id'";
to
$sql = "DELETE FROM `subject_information` WHERE `id`='".$id."'";
First you should output the error that is returned from the database:
if ($result)
{
echo "Deleted Successfully";
}
else
{
echo mysql_error();
}
Second: the mysql_xxxx functions will be removed from PHP in future version. You should have a look at PDO to connect to your database
Syntax of your query has to be changed for deleting a row from table use following syntax
$sql = "DELETE FROM tablename WHERE id='$id'";
off topic, but please read http://php.net/manual/security.database.sql-injection.php
this type of query is vulnerable for SQL-Injections, because you don't check/quote your $id.
As a hint, these functions may help you:
mysql_real_escape_string
ctype_digit
is_numeric
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
MySQL - when to use single quotes, double quotes, and backticks?
i have this piece of code, i can't get to work properly.
require_once("../Packages/Connection.php");
$text = mysql_real_escape_string($_POST["articleText"]);
$method = $_POST['method'];
$articleId = $_POST['articleId'];
if($method == "update")
{
mysql_query("UPDATE Articles SET 'text'='".$text."' WHERE 'id'='".$articleId."'") or die(mysql_error());
}
It is annoying me so much,
This is the error i get - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''text'='tester2' WHERE 'id'='29'' at line 1...
Thank in advance
Why do you have 'text' in your SQL...
It should simply be text as is and thats all: (Same thing for ID)
mysql_query("UPDATE Articles SET text = '".$text."' WHERE id='".$articleId."'") or die(mysql_error());
What you might have confused the "'" with, is the backtick or "`" that escapes characters and are good for reserved keywords...
mysql_query("UPDATE Articles SET text='".$text."' WHERE id='".$articleId."'") or die(mysql_error());
try
mysql_query("UPDATE Articles SET `text`='".$text."' WHERE `id`='".$articleId."'")
First build the query, then execute it:
$sql = "UPDATE Articles SET 'text'='".$text."' WHERE 'id'='".$articleId."'";
$r = mysql_query($sql);
if (!$r) {
echo "Query: ", $sql, "\n";
echo "Error: ", mysql_error();
die();
}
This will allow you to better review what exactly you've send to the database so that you can actually check the syntax as was suggested to you by the error message.
you should use this
mysql_query("UPDATE Articles SET text ={$text} WHERE id ={$articleId}") or die(mysql_error ());
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I'm having trouble getting a mysql transaction to work through PHP. I'm fairly new to PHP and very new to mysql.
If I take the var_dump of $query and try to run it through phpmyadmin it works fine.
$description =
mysql_real_escape_string($_REQUEST['description']);
$query = 'BEGIN;
INSERT INTO indiespark.tasks
(description, owner_user_id)
VALUES ("' . $description . '", '
. $user->user_id . ');
SET #task_id = LAST_INSERT_ID();
INSERT INTO indiespark.projecttasks
(task_id, project_id)
VALUES (#task_id, ' . $project->project_id . ');
COMMIT;';
$result = mysql_query($query);
var_dump($query);
var_dump($result);
if ($result) {
return viewproject();
} else {
throw new Exception('database error');
}
mysql_query doesn't support sending multiple queries in one call. Use separate calls.