database update not working?

shadiadiph · December 24, 2008

I have a database when I write to it the first time with the foirst code it works but when i update with the second it doesn't any ideas why?

first code

<? 
session_start();
error_reporting(7);
require("../../global/admin_functions.php");
$sid = $_SESSION['LOGINID'];
$adid  = ($_POST["adid"]);
if($sid!="")

{

    if ((($_FILES["form_data"]["type"] == "image/gif")
|| ($_FILES["form_data"]["type"] == "image/jpeg")
|| ($_FILES["form_data"]["type"] == "image/pjpeg"))
&& ($_FILES["form_data"]["size"] < 250000))
  {
  if ($_FILES["form_data"]["error"] > 0)
    {
    echo "Error: " . $_FILES["form_data"]["error"] . "<br />";
    }
  else
    {
$data = addslashes(fread(fopen($form_data, "r"), filesize($form_data))); 
$result=MYSQL_QUERY("INSERT INTO zloads (description1,intProductID,data1,filename1,filesize1,filetype1) ". "VALUES 

('$form_description','$adid' ,'$data',  '$form_data_name','$form_data_size','$form_data_type')"); 
$id= mysql_insert_id();

that one workd when i first write to the database but this one doesn't

<? 
session_start();
error_reporting(7);
require("../../global/admin_functions.php");
$sid = $_SESSION['LOGINID'];
$adid  = ($_POST["adid"]);
if($sid!="")

{

    if ((($_FILES["form_data"]["type"] == "image/gif")
|| ($_FILES["form_data"]["type"] == "image/jpeg")
|| ($_FILES["form_data"]["type"] == "image/pjpeg"))
&& ($_FILES["form_data"]["size"] < 250000))
  {
  if ($_FILES["form_data"]["error"] > 0)
    {
    echo "Error: " . $_FILES["form_data"]["error"] . "<br />";
    }
  else
    {
$data = addslashes(fread(fopen($form_data, "r"), filesize($form_data))); 
$result=mysql_query("update zloads set description2 =('$form_description'),data2= ('$data'),filename2= ('$form_data_name'),$filesize2= ('$form_data_size'),$filetype2= ('$form_data_type') where `intProductID`= '$adid'");

trq · December 24, 2008

Try wrapping your call to mysql_query in some error handling.

$sql = "update zloads set description2 =('$form_description'),data2= ('$data'),filename2= ('$form_data_name'),$filesize2= ('$form_data_size'),$filetype2= ('$form_data_type') where `intProductID`= '$adid'";
if (!mysql_query($sql)) {
  echo mysql_error() . "<br />$sql<br />";
}

What does that produce?

Also, where are all those variables used in your query defined?

shadiadiph · December 24, 2008

mmm produced this

Parse error: syntax error, unexpected T_ELSE in /home/hmtcompa/public_html/user/zloads/submitpic2.php on line 29


$sql = "update zloads set description2 =('$form_description'),data2= ('$data'),filename2= ('$form_data_name'),$filesize2= ('$form_data_size'),$filetype2= ('$form_data_type') where `intProductID`= '$adid'";
if (!mysql_query($sql)) {
  echo mysql_error() . "<br />$sql<br />";

    }
  }
else
  {
  echo "You can only upload JPEG or GIF images that are 250KB or less.";
  }

this statement works with the first script if a jpeg or gif of more than 250kb is uploaded it displays the error mmm???

shadiadiph · December 24, 2008

i just changed that around to

$sql = "update zloads set description2 =('$form_description'),data2= ('$data'),filename2= ('$form_data_name'),$filesize2= ('$form_data_size'),$filetype2= ('$form_data_type') where `intProductID`= '$adid'";
if (!mysql_query($sql)) {
  echo mysql_error() . "<br />$sql<br />";

    
  }
else
  {
  echo "You can only upload JPEG or GIF images that are 250KB or less.";
  } 
}

now i get a page full of

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '= ('128755'),= ('image/pjpeg') where `intProductID`= '109'' at line 1

update zloads set description2 =('ew'),data2= ('ÿØÿà\0JFIF\0\0`\0`\0\0ÿáXExif\0\0MM\0*\0\0\0\0GF\0\0\0\0\0\0\0GI\0\0\0\0\02\0\0‡i\0\0\0\0\0\02œ›\0\0\0\0.\0\0ê\0\0\0º\0\0\0J\0\0\0\0ê\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\ and goes on for ever

trq · December 24, 2008

Again I ask.

Also, where are all those variables used in your query defined?

shadiadiph · December 24, 2008

in a form

shadiadiph · December 24, 2008

<form name="postad" method="post" action="submitpic2.php" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="250000">
<table class="postadmain">
<tr><td>DESCRIPTION</td></tr>
<tr><td><input type="text" name="form_description" size="40"> </td></tr>
<tr><td>File to upload:</td></tr>
<tr><td><input type="file" name="form_data" size="40"></td></tr>
<tr><td>&nbsp</td></tr>
<tr><td> </td></tr>
<tr><td><input class="button" type="submit" name="submit" value="Submit Ad" /></td></tr>

trq · December 24, 2008

I'm not sure how old your version of php is but register_globals has been off by default for over two years. You should turn register_globals off and accessing these variables via the $_POST array.

Your next point of concern is the fact that your not escaping any special chars found in your data. Take a look at mysql_real_escape_string.

shadiadiph · December 24, 2008

i didn't think you could $_post files?

shadiadiph · December 24, 2008

the biggest problem here is the line $id= mysql_insert_id(); it can be used on the first instance of posting but not thereafter i need to use something different maybe $DB_site->query something but i am not sure what

Sign In

database update not working?

Recommended Posts

shadiadiph

Link to comment

Share on other sites

trq

Link to comment

Share on other sites

shadiadiph

Link to comment

Share on other sites

shadiadiph

Link to comment

Share on other sites

trq

Link to comment

Share on other sites

shadiadiph

Link to comment

Share on other sites

shadiadiph

Link to comment

Share on other sites

trq

Link to comment

Share on other sites

shadiadiph

Link to comment

Share on other sites

shadiadiph

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information