Im having trouble trying to find out why my script wont delete a row in my table.
Each user has a randomkey assigned to them. I need to say delete row in table where random key equals that to the user...
<?php
$userRand = $_GET['Rand'];
$delUser = mysql_query("DELETE from users WHERE randomkey = '" . mysql_real_escape_string($userRand));
if(! $qResult )
{
die('Could not delete data: ' . mysql_error());
}
elseif($qResult )
{
echo "deleted";
}
?>
the following outputs...
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''111111111' at line 1
You're missing the closing ' in your PHP code.
$delUser = mysql_query("DELETE from users WHERE randomkey = '" . mysql_real_escape_string($userRand) . "'");
You are not closing the SQL-String.
$delUser = mysql_query(
sprintf("DELETE from users WHERE randomkey = '%d'", mysql_real_escape_string($userRand)
);
Related
Below is my table which is similar to another existing table. But I get one error when executing the query.
//
public function addFirstChild() {
$this->db->query("INSERT INTO " . $this->db->table("genealogy") . "
WHERE parent_id = '" . (int)$this->getSponsorID() . "'
SET first_child = '" . (int)$this->getId()."',
genealogy_id = '" . (int)$this->getId() ."'");
}
When executed I get the below Error:
SQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE parent_id = '1' SET first_child = '2', ' at line 2
Error No: 1064
SQL: INSERT INTO ci_genealogy WHERE parent_id = '1' SET first_child = '2', genealogy_id = '2' in C:\wamp64\www\s1nb2\core\database\amysqli.php on line 108
There's no other way that I can think of to pull of this function and I have searched online and read multiple posts with the same error but still no solution. Please help. I spent over 4 hours trying to get this right.
Since you're using a WHERE it appears that you want to change an existing record. You want an UPDATE, not an INSERT
"UPDATE " . $this->db->table("genealogy") . "
SET first_child = '" . (int)$this->getId()."', genealogy_id = '" . (int)$this->getId() ."'
WHERE parent_id = '" . (int)$this->getSponsorID() . "'"
$sql = "SELECT post_title, post_body, post_author FROM forum_post WHERE post_id='".$pid."' forum_id='".$id."' AND post_type='o'";
if($topicPost = $mysql->prepare($sql)) {
$topicPost->bind_param('ss',$pid,$id);
$topicPost->bind_result($post_title, $post_body, $post_author);
$topicPost->execute();
$topicPost->store_result();
} else {
echo "ErrorinSQLLL, ".$mysql->error;
exit();
}
So there is my SQL query statement.
I get this printed on my page :
ErrorinSQLLL, You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'forum_id='1'' at line 1
If needed I can post more of my code.
You are missing AND in your query, here post_id='$pid' forum_id='$id'.
You missed one AND, after post_id key:
"SELECT
post_title,
post_body,
post_author
FROM
forum_post
WHERE
post_id = " . $pid . "
AND
forum_id= " . $id . "
AND
post_type = 'o'";
Missing and in where condition
... WHERE post_id = " . (int)$pid . " AND forum_id = " . (int)$id . " ...
Ids are number, so without quotes.
This is definitely a beginner's question. There are two issues. The id in my MYSQL table (set to autoincrement) keeps going up, even though I delete rows from my table (I'm using phpmyadmin). As for the other issue, I can't seem to find a way to work with the row most recently entered by the user. The code echos all existing rows from MYSQL.
I've bolded the most pertinent section of code.
<?php
//establish connection to mysql
$con = mysql_connect("localhost","root","");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
/*retrieve user input from input form
and initialize variables */
$Word1 = $_POST["Word1"];
$Word2 = $_POST["Word2"];
$Word3 = $_POST["Word3"];
$Word4 = $_POST["Word4"];
$Word5 = $_POST["Word5"];
//select db
mysql_select_db("madlibs", $con);
//insert user input for word 1
$sql = "INSERT INTO test (Word1, Word2, Word3, Word4, Word5)
VALUES
('$Word1', '$Word2', '$Word3', '$Word4', '$Word5')";
if(!mysql_query($sql,$con))
{
die('Error: ' . mysql_error());
}
$result = mysql_query ("SELECT * FROM test");
/* take note here */
while($row = mysql_fetch_array($result))
{
echo $row['Word1'] . " " . $row['Word2'] . " " . $row['Word3'] . " " .
$row['Word4'] . " " . $row['Word5'] . " " . $row['id'];
echo "<br />";
} /* take note here */
mysql_close($con);
?>
$result = mysql_query ("SELECT * FROM test order by id desc limit 1");
As for your id question...that's how ids work. They don't fill in gaps.
On a side note: Never ever put user submitted data directly into the query string. Always escape them with mysql_real_escape_string().
SELECT * FROM test ORDER BY Id DESC LIMIT 1
I want to be able to switch from the current db to multiple dbs though a loop:
$query = mysql_query("SELECT * FROM `linkedin` ORDER BY id", $CON ) or die( mysql_error() );
if( mysql_num_rows( $query ) != 0 ) {
$last_update = time() / 60;
while( $rows = mysql_fetch_array( $query ) ) {
$contacts_db = "NNJN_" . $rows['email'];
// switch to the contacts db
mysql_select_db( $contacts_db, $CON );
$query = mysql_query("SELECT * FROM `linkedin` WHERE token = '" . TOKEN . "'", $CON ) or die( mysql_error() );
if( mysql_num_rows( $query ) != 0 ) {
mysql_query("UPDATE `linkedin` SET last_update = '{$last_update}' WHERE token = '" . TOKEN . "'", $CON ) or die( mysql_error() );
}else{
mysql_query("INSERT INTO `linkedin` (email, token, username, online, away, last_update) VALUES ('" . EMAIL . "', '" . TOKEN . "', '" . USERNAME . "', 'true', 'false', '$last_update')", $CON ) or die( mysql_error() );
}
}
mysql_free_result( $query );
}
// switch back to your own
mysql_select_db( USER_DB, $CON );
It does insert and update details from the other databases but it also inserts and edits data from the current users database which I dont want. Any ideas?
Never use the php mysql_select_db() fundtion - as you've discovered the code (and the coder) gets very confused very quickly.
Explicitly state the DB in the queries:
SELECT * FROM main_database.a_table....
UPDATE alternate_db.a_table SET...
REPLACE INTO third_db.a_table...
C.
You're probably have wrong database design.
one improve that i see is that you can use one query to duplicate or update
the syntax is like :
INSERT INTO mytable (field_list.....) VALUES (values_list...)
ON DUPLICATE KEY
UPDATE field1 = val1 ...
you are reassigning $query during your while loop. this will give strange results. use $query2 for the query inside the loop
this script have to update things on every refresh but not working. lend me a hand
$yp = mysql_query("select id from yyy where twitterid = '$tid'");
$qq = "update yyy set twitterid = '$tid',
twitterkullanici = '$twk',
tweetsayisi = '$tws',
takipettigi = '$tkpettigi',
takipeden = '$tkpeden',
nerden = '$nerden',
bio = '" . mysql_real_escape_string($bio) . "',
profilresmi ='$img',
ismi = '$isim'
where id = '$yp'";
$xx = mysql_query($qq);
Looks like you are not getting the value out of the variable $yp.
You need to do
$row = mysql_fetch_row($yp);
then
id = '.$row[0] .'
in your update query
$yp - is a result of mysql_query (resource). You have to read id from database (mysql_fetch_array or mysql_fetch_row).
$yp = mysql_query("select id from yyy where twitterid = '$tid'");
if ($yp)
{
if ($row = mysql_fetch_array($yp,MYSQL_ASSOC))
$id = $row["id"];
}
Now use $id in WHERE clause.
To make debugging SQL easier in PHP add the following after to your mysql_query(0 call.
mysql_query($qq) or die("A MySQL error has occurred.<br />Your Query: " . $qq. "<br /> Error: (" . mysql_errno() . ") " . mysql_error())
Just make sure you remove it before you go into prod, as it can give useful info away to any hackers attempting Sql Injection.