PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Hey its me again I have some odd issues coming up with an SQL query thats acting funny. I'm setting it up to where it pulls the questions up in a drop down list. Once the question is selected you can edit it which will fill the text box in the next page with the value selected so you can edit it or change the entire question. The issue appears when you submit the edited question. Once you do it blanks out that part of the record HOWEVER if you go in and do the exact same process now that its blank and type in the question it saves it perfectly fine.
$newquestion = $_POST['newquestion'];
$originalquestion = $_SESSION['question'];
$editsql = "UPDATE tblQuestions SET Question ='$newquestion' WHERE Question ='$originalquestion'";
$editresult = odbc_exec($link,$editsql);
this is my code to update the record from the best I can tell everything is in order but I cannot explain why its only updating every other time data is entered its just odd.
maybe it doesn't like that you are using the same field on both sides of the WHERE clause. Why not use the record ID? At any rate, you could have a security problem with just using posted data without any filtering/validation ... read through the security forum for details on how to help prevent SQL injection.
yeah I can see the injection error happening I havent gotten so far as to do security on this thing which is going to be another nightmare to overcome. I'm not using the same field on both sides because I'm changing it from one value to another value and using the record ID would require me to do two odbc_exec commands one to find the record and pull the record ID and the other to insert it which I suppose is a solution but it would be easier overall if I could use the two seperate values. I mean I dont fully understand the usefulness of a "update" feature if you cant search for one value and replace it with another.