Jump to content

simple Help - Update Mysql


Go to solution Solved by Psycho,

Recommended Posts

it's not updating the rows...

 

 

<?php

 

$rent=$_POST['urent'];

$update=$_POST['uupdate'];

$apt=$_POST['uapt'];

$price=$_POST['uprice'];

$bedroom=$_POST['ubedroom'];

$movein=$_POST['uprice'];

$prim_id=$_POST['prim_id'];

$count=$_POST['countadd'];

  

    if (!get_magic_quotes_gpc())

  {

    $apt = addslashes($apt);

    $price = doubleval($price);

    $bedroom = addslashes($bedroom);

    $movein = addslashes($movein);

  }

 

$conn = mysql_connect("localhost","user","password");

mysql_select_db("listing");

 

for ($i2 = 0; $i2 <= $count; $i2++) {

mysql_query("UPDATE available

        SET apt='$apt[$i2]', price='$price[$i2]', bedroom='$bedroom[$i2]', movein='$movein[i2]'

        WHERE prim='$prim_id[$i2]'");

}

Edited by loren646
Link to comment
https://forums.phpfreaks.com/topic/275816-simple-help-update-mysql/
Share on other sites

And, your question is???

 

I see definite 'problems' with that code, but you could at least provide a description of the problems you are having and any error message you are receiving instead of expecting us to read your code and magically know what you expect to happen and what the problem is.

  • Solution

 

if (!get_magic_quotes_gpc())
  {
    $apt = addslashes($apt);
    $price = doubleval($price);
    $bedroom = addslashes($bedroom);
    $movein = addslashes($movein);
  }

 

You should instead check of magic quotes are on and, if so, remove the slashes. THEN, use the appropriate methods to escape the data based upon the intended usage. In this case, you shoudl be using mysql_real_escape string(). However, you are also using doubleval() to enforce one of the values to be a float - which is appropriate - but you are ONLY doing that if magic quotes are off. So, if magic quotes are on you don't do anything with the value???

 

Lastly, you are performing those operations on what are assumed to be single input fields since none of those functions will work like that against an array (some may not generate an error, but they would definitely produce unintended results). But, in your query you are trying to reference array values from those variables

 

mysql_query("UPDATE available
        SET apt='$apt[$i2]', price='$price[$i2]', bedroom='$bedroom[$i2]', movein='$movein[i2]'
        WHERE prim='$prim_id[$i2]'");

 

So, not sure how to help you without knowing if the inputs really are arrays or single fields. Either you are receiving non-array values and the variables in the query are wrong OR you are receiving array values and processing them incorrectly.

thanks!
 
got it to work. 

 

 

if (!get_magic_quotes_gpc())
  {
    $apt = addslashes($apt);
    $price = doubleval($price);
    $bedroom = addslashes($bedroom);
    $movein = addslashes($movein);
  }

 

You should instead check of magic quotes are on and, if so, remove the slashes. THEN, use the appropriate methods to escape the data based upon the intended usage. In this case, you shoudl be using mysql_real_escape string(). However, you are also using doubleval() to enforce one of the values to be a float - which is appropriate - but you are ONLY doing that if magic quotes are off. So, if magic quotes are on you don't do anything with the value???

 

Lastly, you are performing those operations on what are assumed to be single input fields since none of those functions will work like that against an array (some may not generate an error, but they would definitely produce unintended results). But, in your query you are trying to reference array values from those variables

 

mysql_query("UPDATE available
        SET apt='$apt[$i2]', price='$price[$i2]', bedroom='$bedroom[$i2]', movein='$movein[i2]'
        WHERE prim='$prim_id[$i2]'");

 

So, not sure how to help you without knowing if the inputs really are arrays or single fields. Either you are receiving non-array values and the variables in the query are wrong OR you are receiving array values and processing them incorrectly.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.