MySQL Update Query

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
Getran
Forum Commoner
Posts: 59
Joined: Wed Aug 11, 2004 7:58 am
Location: UK
Contact:

MySQL Update Query

Post by Getran »

I can usually get these to work fine but for some reason this one won't work, can someone tell me what i'm doing wrong ?

Code: Select all

$Edit['name'] = $_REQUEST['editpost_name'];
$Edit['message'] = $_REQUEST['editpost_message'];
mysql_query("UPDATE table SET name='".$Edit['name']."' WHERE id='".$EditID."'") or die(mysql_error());
mysql_query("UPDATE table SET message='".$Edit['message']."' WHERE id='".$EditID."'") or die(mysql_error());
$EditID comes from ?id= in the url
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

where's $EditID coming from? (make sure to escape the contents of the strings ($_REQUEST))
Robert Plank
Forum Contributor
Posts: 110
Joined: Sun Dec 26, 2004 9:04 pm
Contact:

Post by Robert Plank »

Well first of all you can put those 2 queries into one...

Code: Select all

mysql_query("UPDATE table SET name='".$Edit['name']."', message='".$Edit['message']."' =  WHERE id='".$EditID."'") or die(mysql_error());
To figure out what's going wrong, temporarily change the "mysql_query" to "die" so that it prints out what query is being tried in the first place.
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Post by Weirdan »

and use [php_man]mysql_escape_string[/php_man] to escape user-supplied data:

Code: Select all

mysql_query("UPDATE table SET name='".mysql_escape_string($Edit['name'])."', message='".mysql_escape_string($Edit['message'])."' =  WHERE id='".mysql_escape_string($EditID)."'") or die(mysql_error());
Getran
Forum Commoner
Posts: 59
Joined: Wed Aug 11, 2004 7:58 am
Location: UK
Contact:

Post by Getran »

Sorry to say that neither of them work :\
User avatar
n00b Saibot
DevNet Resident
Posts: 1452
Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:

Post by n00b Saibot »

ur code looks alright 2 me.
maybe there is a bug sumwhere before the posted section of ur code.
have a close look above it
Robert Plank
Forum Contributor
Posts: 110
Joined: Sun Dec 26, 2004 9:04 pm
Contact:

Post by Robert Plank »

Getran, we didn't say those things would make them work, but your query is written pretty sloppily as it is. As I said you will have to replace the mysql_query with die to see what query is being done that is screwing up, you haven't given us enough to go on yet.
User avatar
n00b Saibot
DevNet Resident
Posts: 1452
Joined: Fri Dec 24, 2004 2:59 am
Location: Lucknow, UP, India
Contact:

Post by n00b Saibot »

That's wht I wanted to say :)
Post Reply