bluez34me
-
Posts
2 -
Joined
-
Last visited
Never
Posts posted by bluez34me
-
-
Hey all,
I'm certain that one of the PHP masters here on PHP freaks will quickly find and point out my mistake... I have a site where some of the links are stored in MySQL and am trying to update a table that contains the link "names" (display text) and "links" (URLs). The code snippet below is called from my link update page. I know that the variables are being correctly passed, because the "print" statement prints out the updated values. However, the table isn't being updated.
I can make this work if I put actual values in place of the variables (i.e. [color=green]SET 'name'=\'Some link\', 'link=\'url.com\' WHERE 'key'=2 LIMIT 1[/color]), and I'm not getting any errors.
Much fruitless googling and searches of forums (like this one) has not produced any insight. Any assistance in troubleshooting this would be grately appreciated.
[color=green]
//Set the values from the POST
$key = $_POST['ud_key'];
$name = $_POST['ud_name'];
$link = $_POST['ud_link'];
//Check that the values were passed and variables set correctly by printing them
print "Key: $key \n Name: $name \n Link: $link \n";
// Create the query string using the variables
$query='UPDATE `links` SET `name`=$name, `link`=$link WHERE `key`=$key LIMIT 1;';
// Connect to the DB and run query
@mysql_select_db($database) or die( "Unable to select database");
mysql_query($query);
[/color]
Question about using "POST" and MySQL in PHP
in PHP Coding Help
Posted
I will also take your advice and read up on SQL injection. I do have a function that's supposed to validate/escape the variables before submitting, but it never hurts to be double sure.
Thanks again--you all rock! :-)