kpetsche20 Posted July 25, 2008 Share Posted July 25, 2008 I can't get this code to update the mysql database. Both challengeid is the name of the table and a column, I'm not sure if that has anyhting to do with it though. Any help is appreciated. if(isset($_POST['go'])) { $select = "SELECT * FROM challengeid WHERE challengeid = '".$_POST['id']."' AND username != '".$_SESSION['login']."'"; $select2 = mysql_query($select); while($array = mysql_fetch_array($select2)) { if($array['userresult'] == $_POST['result']) { echo "A ".$array['userresult']." has already been reported for this challenge"; } else { $update = "UPDATE challengeid SET userresult = '".$_POST['result']."' WHERE challengeid = '".$_POST['id']."' AND username = '".$_SESSION['login']."'"; mysql_query($update) or die(mysql_error()); echo "Insert Win"; } } Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted July 25, 2008 Share Posted July 25, 2008 add die to all your querys Quote Link to comment Share on other sites More sharing options...
turkman Posted July 25, 2008 Share Posted July 25, 2008 $update = "UPDATE challengeid SET userresult = '".$_POST['result']."' WHERE challengeid = '".$_POST['id']."' AND username = '".$_SESSION['login']."'"; mysql_query($update) or die(mysql_error()); Try like this $update = sprintf("UPDATE challengeid SET userresult = \"%s\" WHERE challengeid = \"%s\" AND username = \"%s\"",$_POST['result'],$_POST['id'],$_SESSION['login']); mysql_query($update) or die (mysql_error()); Quote Link to comment Share on other sites More sharing options...
JonnoTheDev Posted July 25, 2008 Share Posted July 25, 2008 Im guessing that you are checking if a record exists in the database with a certain value and if not then update it. Some similar code but it may not fit entirely: if(isset($_POST['go'])) { // escape server vars for database query $_POST['id'] = mysql_escape_string($_POST['id']); $_SESSION['login'] = mysql_escape_string($_SESSION['login']); $result = mysql_query("SELECT * FROM challengeid WHERE challengeid = '".$_POST['id']."' AND username != '".$_SESSION['login']."' LIMIT 1"); // secord already exists if(mysql_num_rows($result)) { print "Record already exists"; } else { $_POST['result'] = mysql_escape_string($_POST['result']); mysql_query("UPDATE challengeid SET userresult = '".$_POST['result']."' WHERE challengeid = '".$_POST['id']."' AND username = '".$_SESSION['login']."'"); print "Record Updated"; } } Your first step in debugging is to check that your POST values are actually created from your form. You should always test/escape your post values before placing in any database query otherwise you are wide open to attack and could end up with unexpected results. Has there been a value entered for $_POST['result'] and $_POST['id']? Is there a value set for $_POST['go'], I assume this is a hidden form field. Rather than running the initial query, change your code to print it to the screen and then test with mysql. Is the query correct with the correct values? The first query that you have written is running through a loop indicating that there may be more than 1 record in the challengeid table with a challengeid of x and a username of X, is this the case? If not using a loop is incorrect, check for a single record as in my example. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.