[Resolved] Updating data to an exisiting table.

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
aredden
Forum Commoner
Posts: 29
Joined: Fri May 25, 2007 7:10 am

[Resolved] Updating data to an exisiting table.

Post by aredden »

Hey. On the final leg of my project here. I have to find a way to append data to a from a form to a pre exisiting table.

Heres what im trying now...

Code: Select all

<?php

@session_start();

$con = mysql_connect("*","*","*");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("*", $con);

$id4 = $_SESSION['id2'];
$fquote1 = $_POST['fquote'];
$fbasis1 = $_POST['fbasis'];

mysql_query("UPDATE main2.id SET fquote='$fquote1', fbasis='$fbasis1'] WHERE main2.id = $id4");
mysql_close($con);

?>

Looks right but I cant just seem to get it to work..

Any help would be awesome. Thanks.
Last edited by aredden on Wed Jun 06, 2007 1:20 pm, edited 2 times in total.
User avatar
superdezign
DevNet Master
Posts: 4135
Joined: Sat Jan 20, 2007 11:06 pm

Post by superdezign »

Theres a random closing bracket in your update query... And you don't choose a column to update, you choose a table.

Code: Select all

UPDATE `tableName` SET ...
aredden
Forum Commoner
Posts: 29
Joined: Fri May 25, 2007 7:10 am

Post by aredden »

whoops, I gave you the unupdated version sorry folks :S.. at work here so im a bit sluggish.

Code: Select all

<?php
//include("mailout.php");

session_start();

$con = mysql_connect("*","*","*");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("*", $con);

$id4 = $_SESSION['id2'];
$fquote = "111.3";
$fbasis = "$basis";

$fquote1 = $_POST['fquote'];
$fbasis1 = $_POST['fbasis'];

mysql_query("UPDATE main2 SET fquote='$fquote1', fbasis='$fbasis1' WHERE main2.id= $id4");
mysql_close($con);

?>
Last edited by aredden on Wed Jun 06, 2007 12:54 pm, edited 1 time in total.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

Do you want to append data, i.e. insert a new record, or do you want to modify existsing records, i.e. update the values of existing records?
aredden
Forum Commoner
Posts: 29
Joined: Fri May 25, 2007 7:10 am

Post by aredden »

heh, append is the wrong choice of words it appears, I want to update an entry. calling it by an its id number.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

let the script start with

Code: Select all

<?php
//include("mailout.php");
error_reporting(E_ALL);
ini_set('display_errors', true);
ini_set('mysql.trace_mode', true);
and also have a read of http://de2.php.net/security.database.sql-injection
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

You have a handful of problems in your code...

Code: Select all

<?php 
/*
FOR SOME REASON YOU ARE NOT INCLUDING THIS FILE
IF YOU DONT WANT IT HERE DELETE THE LINE
*/
//include("mailout.php"); 

session_start(); 

$con = mysql_connect("*","*","*"); 
if (!$con) 
  { 
  die('Could not connect: ' . mysql_error()); 
  } 

mysql_select_db("*", $con); 

/*
YOU DO ABSOLUTELY NO EXISTENCE CHECKS HERE
WHAT HAPPENS IF THIS SESSION VAR HAS NOT YET BEEN SET?
*/
$id4 = $_SESSION['id2']; 
$fquote = "111.3"; 

/*
WHERE DOE THE VAR $basis GET SET?
WRAPPING THIS STRING IN DOUBLE QUOTES TELLS
PHP TO PARSE THE STRING FOR VARS
*/
$fbasis = "$basis"; 

/*
AGAIN THERE ARE NO EXISTENCE CHECKS FOR THESE
VARS. WHAT HAPPENS IF THERE IS NOT POST ARRAY?
*/
$fquote1 = $_POST['fquote']; 
$fbasis1 = $_POST['fbasis']; 

/*
IF THE ABOVE VARS ARENT'T SET THEN THIS 
QUERY WILL USE NULL VALUES FOR UPDATES
*/
mysql_query("UPDATE main2 SET fquote='$fquote1', fbasis='$fbasis1' WHERE main2.id= $id4"); 
mysql_close($con); 
?>
The general syntax you want to follow for updates is:

Code: Select all

UPDATE `table` SET 
  `fieldName` = NEW_VALUE
WHERE `knownField` = FIELD_IDENTIFIER;
Sort of like you have it now. Just make sure you are passing it the right variables, which at the moment you are not checking.
aredden
Forum Commoner
Posts: 29
Joined: Fri May 25, 2007 7:10 am

Post by aredden »

so starts. this page is not publicly assible. so A not a problem about sql injection.

secondly all variables will be set because inoder to get to this page they need to enter in the correct information.

This script is jsut so that I can update a simple database. even if i set fquote1 and fbasis1 to a number or string i cant get them to input.

so question is, is my update query in the improper format? i cant figure out what im doing wrong.

Code: Select all

<?php
session_start();

$con = mysql_connect("*","*","*");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("*", $con);

$id4 = $_SESSION['id2'];

$fquote1 = $_POST['fquote'];
$fbasis1 = $_POST['fbasis'];

mysql_query("UPDATE main2 SET fquote='$fquote1', fbasis='$fbasis1' WHERE main2.id= $id4");
mysql_close($con);

?>
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

This is in the correct format, yes:

Code: Select all

UPDATE main2 SET fquote='$fquote1', fbasis='$fbasis1' WHERE main2.id= $id4
Post Reply