Jump to content

MySQL query not updating

kpetsche20

By kpetsche20
in PHP Coding Help

 Share

Recommended Posts

kpetsche20 Regular Member

kpetsche20

Posted
Posted

I can't get this code to update the mysql database. Both challengeid is the name of the table and a column, I'm not sure if that has anyhting to do with it though. Any help is appreciated.

 

 

if(isset($_POST['go']))
{

$select = "SELECT * FROM challengeid WHERE challengeid = '".$_POST['id']."' AND username != '".$_SESSION['login']."'";
$select2 = mysql_query($select);
while($array = mysql_fetch_array($select2))
{
if($array['userresult'] == $_POST['result'])
	{
	echo "A ".$array['userresult']." has already been reported for this challenge";
	} else {
	$update = "UPDATE challengeid SET userresult = '".$_POST['result']."' WHERE challengeid = '".$_POST['id']."' AND username = '".$_SESSION['login']."'";
	mysql_query($update) or die(mysql_error());
	echo "Insert Win";
	}
}

Link to comment
Share on other sites
turkman Regular Member

turkman

Posted
Posted
$update = "UPDATE challengeid SET userresult = '".$_POST['result']."' WHERE challengeid = '".$_POST['id']."' AND username = '".$_SESSION['login']."'";

mysql_query($update) or die(mysql_error());

 

Try like this

 

$update = sprintf("UPDATE challengeid SET userresult = \"%s\" WHERE challengeid = \"%s\" AND username = \"%s\"",$_POST['result'],$_POST['id'],$_SESSION['login']);

 

mysql_query($update) or die (mysql_error());

 

 

Link to comment
Share on other sites
JonnoTheDev Regular Member

JonnoTheDev

Posted
Posted

Im guessing that you are checking if a record exists in the database with a certain value and if not then update it.

Some similar code but it may not fit entirely:

 

if(isset($_POST['go'])) {
// escape server vars for database query
$_POST['id'] = mysql_escape_string($_POST['id']);
$_SESSION['login']	= mysql_escape_string($_SESSION['login']);

$result = mysql_query("SELECT * FROM challengeid WHERE challengeid = '".$_POST['id']."' AND username != '".$_SESSION['login']."' LIMIT 1");
// secord already exists
if(mysql_num_rows($result)) {
	print "Record already exists";
}	
else {
	$_POST['result'] = mysql_escape_string($_POST['result']);
	mysql_query("UPDATE challengeid SET userresult = '".$_POST['result']."' WHERE challengeid = '".$_POST['id']."' AND username = '".$_SESSION['login']."'");
	print "Record Updated";
}
}

 

Your first step in debugging is to check that your POST values are actually created from your form. You should always test/escape your post values before placing in any database query otherwise you are wide open to attack and could end up with unexpected results. Has there been a value entered for $_POST['result'] and $_POST['id']? Is there a value set for $_POST['go'], I assume this is a hidden form field. Rather than running the initial query, change your code to print it to the screen and then test with mysql. Is the query correct with the correct values? The first query that you have written is running through a loop indicating that there may be more than 1 record in the challengeid table with a challengeid of x and a username of X, is this the case? If not using a loop is incorrect, check for a single record as in my example.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.