Just a simple SQL question - Bbut i can't figure out whats wrong
"UPDATE veranstaltungen
SET name = '$nameV', SET Datum = '$DatumV', SET beschreibung = '$beschreibungV'
WHERE id = '$id'"
I want to update the table row where the id is $id. But nothing happens here?
the variables are all correct
give it like
"UPDATE veranstaltungen SET name = '$nameV', Datum = '$DatumV', beschreibung = '$beschreibungV' WHERE id = '$id'"
but i can't figure out whats wrong
Mysql has a wonderful feature, personally for you. It is called mysql_error()
run this function and echo it's output to see what your server will tell about this query.
I believe that you can trust to your server much more than someone who passed along this question.
Related
I try to update a row in a database, but I can't do that. Here is my sql:
$sql = "UPDATE `voting_nomination_counter`
SET `quantity`=quantity+1
WHERE `nid` = '$nid'
AND nominee = '$nominee'";
I suspect the problem is here - AND nominee = '$nominee'"; because when I remove this from the query all works and updates fine. Help, please.
Try this:
$sql = "UPDATE voting_nomination_counter SET quantity=quantity+1 WHERE nid = '$nid' AND nominee = '$nominee'";
I solve this problem, if I want to update WHERE string = string I just need to use this statement UPDATE table SET field = REPLACE(field, 'string', 'anothervalue') WHERE field LIKE '%string%';, thanks guys!)
#excluded_once Looks like you were able to solve your issue. So in future do not ever use variable names directly into SQL string. Always use db_query or db_select and then always bind the variables into SQL, it will help you prevent from SQL injections and other attacks.
I have looked all over and at tons of code and examples.. This is such a small bit of code but I just can't seem to get it to work.
I have dbo.accounts which contains the id, username, password, createtime..
I have a simple form, you type in the username, and I need the select query to return the ID based on the username.
$result = mssql_query('SELECT id FROM dbo.account WHERE name = $username');
The dbo.gamemoney table will just insert some hardcoded info such as an amount of coins for the game..
My problem is that if I use a query as ID = 123, it works, but when I try to grab the id of dbo.accounts by using the username, I get nothing back.
I know it has to be something small, But I have tried to figure it out for so many hours now that I'm honestly lost..
Thanks for your time,
Chris
Since, $username is string type, you have to enclose it in quotes.
$result = mssql_query("SELECT id FROM dbo.account WHERE name = '$username'");
As a better practice would suggest use a try-catch scenario so that you get the exact error log. Try -
$result = mssql_query('SELECT id FROM dbo.account WHERE name = "'.$username.'"') or die('MSSQL error: ' . mssql_get_last_message());
Thanks everyone for the help!
I was able to get it working. Now I'll make sure it's the right way. I had forgot to add,
while($row = mssql_fetch_array($result)) {
$id = $row['id'];
$ip = $row['ip'];
}
Thats why the id was blank. I was missing some code.
Chris
In a worker shift monitoring/accounting system I've built, there is an option to delete Staff Members. This works fine but I would like to archive shifts for staff members who are deleted.
I looked into it and it seemed the best way to do this would be to update my shift table, before the delete, into another table. I looked up how to do this via another Stack Overflow post however I'm getting an error: fatal error call to member function on a non-object.
Based on what I can find, this error is caused when you try to pass a null value, which has left me confused as the value I'm trying to pass is a GET and is working fine when I test it.
$sql = "
UPDATE table_archive
SET table_shift.shift_date = table_archive.shift_date,
table_shift.start_time = table_archive.start_time,
table_shift.end_time = table_archive.end_time,
table_shift.total_hours = table_archive.total_hours,
table_shift.rate_of_pay = table_archive.rate_of_pay,
table_shift.uniqueid = table_archive.uniqueid,
table_shift.addedBy = table_archive.addedBy,
table_shift.paidRate = table_archive.paidRate,
table_shift.totalPaid = table_archive.totalPaid
FROM table_shift, table_archive
WHERE table_shift.uniqueid = ?
";
$stmt = $connection->prepare($sql);
$deleteid = htmlentities($_GET['id']);
$stmt->bind_param('s', $deleteid);
$stmt->execute();
I'm stuck as to why this wont pass, the GET cant be a null value as the test delete I'm using at the moment passes the same variable and works fine. mysqli_query($connection,"DELETE FROM table_staff WHERE uniqueid='$deleteid'")
It may be that I'm using the SQL code wrongly or there is some silly thing I've forgotten but this has me stumped. Failing to fix this code, any other suggestions as to how to achieve the intended function are welcome.
You can't UPDATE FROM. Your syntax is wrong.
Instead, use this:
INSERT INTO table_archive
SELECT * FROM table_shift WHERE table_shift.uniqueid = ?
Is the use of bindParam correct?
If you use a ? it should look like this:
SELECT ...
WHERE column_name = ?
$sth->bindParam(1, $value_in_php, PDO::PARAM_INT);
If it's not ? but :param_name use this:
SELECT ...
WHERE column_name = :param
$sth->bindParam(':param', $value_in_php, PDO::PARAM_INT);
Your error sounds not like an SQL error, but a PHP error.
And if you want to update the table_archive table the SQL doesn't look correct. It should imho be like this:
UPDATE table_archive
SET table_archive.shift_date = table_shift.shift_date
, to_table_that_should_be_updated = from_table_with_value_to_update
FROM table_shift
WHERE table_shift.uniqueid = ?
I'm trying to retrieve a filename from a database from table HORSE and column HORSE_IMAGE
$path = "horse_images/".$row["HORSE_IMAGE"];
$query = "DELETE FROM HORSE WHERE HORSE_ID=".$_GET["horseno"]." AND HORSE_IMAGE=".$row["HORSE_IMAGE"];
Currently HORSE_IMAGE returns nothing, but if I change it to HORSE_ID or HORSE_NAME, it works.
i.e. If i echo $row["HORSE_NAME"] it returns "You Beauty".
If I look up the row in the database I can see the filename shop-1.jpg is there.
Any ideas?
If you want to change a single column of a row, use an UPDATE statement. DELETE is for removing complete rows only. And yes, escape anything before using it in your query.
"UPDATE HORSE SET HORSE_IMAGE = NULL WHERE HORSE_ID=".(int)$_GET["horseno"];
As far as I understood the question, ToBe's answer might be correct, but you really should consider using PDO for MySql queries, in order to prevent Sql injection.
Try:
<?php
$query = "UPDATE HORSE SET HORSE_IMAGE = NULL WHERE HORSE_ID = ?";
$db = new PDO(dsn, username, password);
$prep = $db->prepare($query);
$res = $prep->execute(array((int)$_GET["horseno"]));
?>
Take a look at the documentation: http://php.net/manual/de/book.pdo.php
I am trying to update a column in a row in a MySQL table. The column is the 'votes' column and when someone submits an HTML form there is a hidden input with a value of "1" that gets submit and posted. This is the code I am using to try to update the vote count:
if(isset($_POST['image_id']) && isset($_POST['vote'])){
$image_id = $mysqli->real_escape_string($_POST['image_id']);
$vote = $mysqli->real_escape_string($_POST['vote']);
$sql_users_vote = "SELECT * FROM users WHERE id='$image_id'";
$result_users_vote = $mysqli->query($sql_users_vote);
$row_vote = mysqli_fetch_array($result_users_vote);
$votes_count = $row_vote['votes'];
$new_votes = $votes_count + $vote;
$sql_vote = "UPDATE users WHERE id='$image_id' SET votes=$new_votes";
$result_vote = $mysqli->query($sql_vote);
}
I have echo'ed out the variable up until $sql_vote and $image_id, $vote, $votes_count and $new_votes all echo out the correct values. I'm guessing that there is a problem in the UPDATE syntax. I've checked it over and over but can't seem to find anything. I know that I don't have quotes around $new_votes in the UPDATE because I believe that is correct syntax. I've tried it with quotes and it doesn't work that way either.
Can someone help me identify the problem? Thanks!
Doesn't the SET come before the WHERE?
$sql_vote = "UPDATE users SET votes = $new_votes WHERE id = '$image_id'"
Or does it not matter?
$sql_vote = "UPDATE users SET votes=$new_votes WHERE id='$image_id'";