Page 1 of 1
MYSQL and PHP update problem
Posted: Fri Jul 18, 2003 8:06 pm
by lupercal
I wish to update the records in a db using the following code.
--------------------
Code: Select all
<?php
$sql= "UPDATE usedcar SET car_reg ="$car_reg" WHERE car_id ="$car_id""; $sql_result = mysql_query($sql, $connection) or die ("Couldnt execute query");?>
When I run this page I get the error message
Warning: Supplied argument is not a valid MySQL result resource in /Library/WebServer/Documents/skoda/mod_records3.php on line 34
Please can you help. I would like to know
What does this message mean, Is the problem in my sql or the php?[quote][/quote]
Posted: Sat Jul 19, 2003 12:04 am
by Stoker
Your SQL syntax or a table/column name is wrong... whenever you do a query ALWAYS check result and halt on errors...
$samadams = mysql_query ("SELECT drink FROM keg WHERE brand='samadams' AND type='lager'",$mydb);
if (!$samadams) die ('Query failed: '.mysql_error($mydb));
It is likely that one of your variables contain illegal characters, ALWAYS make sure ANY data used in a query from ANY other source that originates from user input is being escaoed properly, in mysql case you can use mysql_escape_string();
unknown column in 'field list
Posted: Sat Jul 19, 2003 9:28 am
by lupercal
Help. My code is better but the results in the error. What does this mean. How can I fix it,
Couldnt execute queryUnknown column 'Peter' in 'field list'UPDATE usedcar SET car_name=Peter WHERE car_id=6
The code is
Code: Select all
<?php
require('connection.php');
// write sql stament
$sql="UPDATE usedcar SET car_name=$car_name WHERE car_id=$car_id";
$escapedsql= mysql_escape_string($sql);
$sql_result = mysql_query($escapedsql,$connection) or die ('Couldnt execute query'. mysql_error($connection).$escapedsql);
if(!$sql_result) { echo "<p>Couldnt get record ";
} else {
// add code to display
// fetch row and give names to varibles
$row = mysql_fetch_array($sql_result);
$car_reg=$row["car_reg"];
$car_name=$row["car_name"];
$carId=$row["car_id"];
$car_photo_sm=$row["car_photo_sm"];
$car_photo_lg=$row["car_photo_lg"];
$car_price=$row["car_price"];
$car_color=$row["car_color"];
$car_bodystyle=$row["car_bodystyle"];
$car_insurance_cat=$row["car_insurance_cat"];
$car_sold_price=$row["car_sold_price"];
$car_sold=$row["car_sold"];
$date_car_bought=$row["date_car_bought"];
echo"
<html><head>Modify a product</head><body>
<h1>You have selected the following product to modify</h1>
<h3>$sql</h3>
<h3>hey: $car_name</h3>
?>
magic_quotes_gpc are On
Posted: Sat Jul 19, 2003 5:14 pm
by award
This is may help
Yuo have got -> $sql="UPDATE usedcar SET car_name=$car_name WHERE car_id=$car_id";
Try -> $sql="UPDATE usedcar SET car_name='$car_name' WHERE car_id=$car_id";
Adding the single quotes around the value if its a string, this may apply to $car_id if this is also a string if an number then the quotes arent needed.