Jump to content

sometimes works and sometimes not


NorthWind

Recommended Posts

Hello
i have a problem with a code. the problem is very weird because this code actually works but sometimes it doesnt. I checked the code for hrs but could not find a problem with it.
The code basicly does some database updates on the recent data. updates a few fields...
The code actually says that it has updated but sometimes when you go check it from the database, it did not!
I'm using MS SQL 2000 on a windows 2003 server, installed 4.4.0.
I'm giving all these info because i started to think that its a database problem since the code sometimes work. Did anyone experienced this kind of problem, pls let me know. thanks

[code]

<?php
        echo "<table align='center' border='0' cellpadding='6' cellspacing='3'>";
        echo "<td height='406' valign='center' align='center'>";
        require_once("config.php");

        $itemCode = $_GET['itemCode'];
        $custID = $_GET['custID'];
        $jobID = $_GET['jobID'];
        $serial = $_GET['serial'];
        $eqid = $_GET['eqid'];
        //$myobno = $_GET["myob"];
        $custname = $_GET["custname"];
        $custref = $_GET["custref"];
        //$pdate = $_GET["purchaseDate"];
        
        echo $itemCode; echo "<br>";
        echo $jobID;echo "<br>";
        echo $serial;echo "<br>";
        echo $eqid;echo "<br>";
        echo $custname;echo "<br>";
        //$jobInvoiceStatus = $_GET['jobInvoiceStatus'];

        // Query database
        $query = "Update JobEquipment SET jobID='$jobID', jobInvoiceStatus='Not Yet Invoiced', custname='$custname', custreference='$custref', sold='1' where (itemCode = '$itemCode') and (serial = '$serial') and (equipID = '$eqid')";
        $result = mssql_query($query, $link);
        //$row = @mssql_fetch_array($result);

            
        //if there were no errors ($result  == true or has a value)
        if ($result)
            {
            echo "<h3>Success ! \n";
            echo "<p>Item( $itemCode ) with serial: $serial has been added to the job.";
            echo "<p><a href='serials.php'>To Equipment/Serials Page</a> \n";
            echo "<p><a href='job.php?jobID=$jobID'>Back to Job</a> \n";
            

        //start of decrease quantity

        if ($jobID!="")
        {
        $querysee = "SELECT * FROM Inventory where (itemCode = '$itemCode')";
            $resultsee = mssql_query($querysee, $link);
            //$rowsee = @mssql_fetch_array($resultsee);
            //$quantity=$rowsee["quantity"];
            
            
            while ($rowsee = @mssql_fetch_array($resultsee))
                    {
                        $quantity=$rowsee["quantity"];
                    //    if ($itemCode==$row["itemCode"])
                    //    {    
                            $quantity--;
                            $queryminus = "UPDATE Inventory SET quantity='$quantity' where itemCode='$itemCode'";
                            $resultminus = mssql_query($queryminus, $link);
                    
                    }
        }            
            // end of decrease quantity
        
            
            
            }
        else
            {
            echo "<h2>Database encountered errors with what was input<br>";
            }
        echo "</td>";
        echo "</table>";
?>

[/code]
Link to comment
Share on other sites

I don't know what your problem is, but you shouldn't update your database with your variables like that. first off, you should be using $_POST['blah'] instead of $_GET['blah'] and you should be passing your vars with method='post' in your form.

2nd, you should sanitize your variables before using them in queries, with something like this:

$blah = msyql_real_escape_string($_POST['blah']);

a simpler method if you have a lot of variables is to do like this:

[code]
foreach($_POST as $key => $var) {
   $$key = mysql_real_escape_string($var);
}
[/code]



Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.