variable in SQL update query

[karimali831]

Hi

 

This does not make sense to me, I hope someone can tell me why this query don't work:

 

safe_query("UPDATE ".PREFIX."cup_challenges SET reply_date='$postdate', $select_map $select_date challenged_info='".$_POST['info']."', status='2' WHERE chalID='".$_GET['challID']."'");;

 

and this query does work:

 

safe_query("UPDATE ".PREFIX."cup_challenges SET reply_date='$postdate', map1='".$_POST['map1']."', map2='".$_POST['map2']."', map3='".$_POST['map3']."', date1='".$_POST['date1']."', date2='".$_POST['date2']."', date3='".$_POST['date3']."', date4='".$_POST['date4']."', challenged_info='".$_POST['info']."', status='2' WHERE chalID='".$_GET['challID']."'");

 

 

Variables in $select_map and $select_date makes the query fail but when I copy/paste this (bold) in query it works:

 

$select_map = map1='".$_POST['map1']."', map2='".$_POST['map2']."', map3='".$_POST['map3']."',

$select date = date1='".$_POST['date1']."', date2='".$_POST['date2']."', date3='".$_POST['date3']."', date4='".$_POST['date4']."',

 

am I using the variable in query incorrectly?

[freeloader]

Depends on what the value in your script of these 2 variables is.

 

First query also has a double semicolon at the end btw.

 

Do this:

 echo "UPDATE ".PREFIX."cup_challenges SET reply_date='$postdate', $select_map $select_date challenged_info='".$_POST['info']."', status='2' WHERE chalID='".$_GET['challID']."'";

 

And post the result here please.

[karimali831]

The double ;; is a mistake I done when I posted this topic.

 

Here is the echo:

 

UPDATE webs_cup_challenges SET reply_date='943938000', map1='".$_POST['map1']."', map2='".$_POST['map2']."', map3='".$_POST['map3']."', date1='".$_POST['date1']."', date2='".$_POST['date2']."', date3='".$_POST['date3']."', date4='".$_POST['date4']."', challenged_info='', status='2' WHERE chalID='7'Query failed!

[freeloader]

Well there is your problem. It's not parsing the $_POST parameters correctly. You stored them wrongly in the $select_map and $select_date variables I guess.

 

Probably you defined them within single quotes ' and not double quotes ". Post how you defined them here please.

[karimali831]

Ok. Here is two:

 

$select_date = 'date1=\'".$_POST[\'date1\']."\', date2=\'".$_POST[\'date2\']."\', date3=\'".$_POST[\'date3\']."\', date4=\'".$_POST[\'date4\']."\', date5=\'".$_POST[\'date5\']."\',';

and

$select_map = 'map1=\'".$_POST[\'map1\']."\', map2=\'".$_POST[\'map2\']."\', map3=\'".$_POST[\'map3\']."\', map4=\'".$_POST[\'map4\']."\', map5=\'".$_POST[\'map5\']."\',';

 

Thanks.

[karimali831]

Before I waste my time, can you tell me please if this will work:

 

 $select_map = "map1='".$_POST['map1']."', map2='".$_POST['map2']."', map3='".$_POST['map3']."', map4='".$_POST['map4']."', map5='".$_POST['map5']."',";

instead of :

$select_map = 'map1=\'".$_POST[\'map1\']."\', map2=\'".$_POST[\'map2\']."\', map3=\'".$_POST[\'map3\']."\', map4=\'".$_POST[\'map4\']."\', map5=\'".$_POST[\'map5\']."\',';

[PFMaBiSmAd]

A) You can just try it to see if it does work or what it does do,

 

B) I don't think it (the second case) will work because the $_POST[...] index names have escaped single-quotes,

 

C) That's an awful lot of extra typing,

 

D) The following should work -

 

$select_date = "date1='{$_POST['date1']}', date2='{$_POST['date2']}', date3='{$_POST['date3']}', date4='{$_POST['date4']}', date5='{$_POST['date5']}',";

$select_map = "map1='{$_POST['map1']}', map2='{$_POST['map2']}', map3='{$_POST['map3']}', map4='{$_POST['map4']}', map5='{$_POST['map5']}',";

[karimali831]

managed to get it working with

"map1='".$_POST['map1']."', ...

 

thanks alot for your help