sk1tL1L Posted November 23, 2006 Share Posted November 23, 2006 The Code:[quote]<?php $email=$_POST['email']; $msn=$_POST['msn']; $icq=$_POST['icq']; $aim=$_POST['aim']; $avatar=$_POST['avatar'];$query = "UPDATE `user_system` SET `msn` = '$msn', `icq` = '$icq', `aim` = '$aim', email = '$email' WHERE `user_system`.`id` = '$member_id' LIMIT 1 ;";$result = mysql_query($query) or die("Problem with the query: $query<br>" . mysql_error());// if successfully updated.if($result){echo "Successful";echo "<BR>";echo "<a href='mc.php'>Back to Member Control</a>";}else {echo "Error! Please Try Again<br>";echo $result;}?>[/quote]And it does not enter the data into the database, if i had something in the field already when i submit the update it does not work. The data from the form is not put into the database Quote Link to comment https://forums.phpfreaks.com/topic/28215-mysqlphp-problem-fixed/ Share on other sites More sharing options...
trq Posted November 23, 2006 Share Posted November 23, 2006 What error are you getting?And please... a little more descriptive with your tittles, this is a php help forum, we assume you want help. Quote Link to comment https://forums.phpfreaks.com/topic/28215-mysqlphp-problem-fixed/#findComment-129096 Share on other sites More sharing options...
CheesierAngel Posted November 23, 2006 Share Posted November 23, 2006 Try to change your query to:[code]$query = "UPDATE `user_system` SET `msn` = '$msn', `icq` = '{$icq}', `aim` = '{$aim}', email = '{$email}' WHERE `user_system`.`id` = '{$member_id}'";[/code]Why LIMIT 1 ?? Are there multiple records with the same id ?(If so, why call it id ?) Quote Link to comment https://forums.phpfreaks.com/topic/28215-mysqlphp-problem-fixed/#findComment-129178 Share on other sites More sharing options...
ataria Posted November 23, 2006 Share Posted November 23, 2006 Why LIMIT 1 ?? Are there multiple records with the same id ?(If so, why call it id ?)I sometimes do that.you never know, it may like pull out two by glitch..low chance... but it doesn't hurt to have it. Quote Link to comment https://forums.phpfreaks.com/topic/28215-mysqlphp-problem-fixed/#findComment-129180 Share on other sites More sharing options...
CheesierAngel Posted November 23, 2006 Share Posted November 23, 2006 If you create your table with a unique index on that column, you don't have to thinkabout this again. MySQL will reject your insertion if you want to insert a second (already excisting) record with the same id Quote Link to comment https://forums.phpfreaks.com/topic/28215-mysqlphp-problem-fixed/#findComment-129182 Share on other sites More sharing options...
HuggieBear Posted November 23, 2006 Share Posted November 23, 2006 It can also add to the security features by using LIMIT, even if you know there's only going to be one row. If you've forgotten to sanitise your input by using something like mysql_real_escape_string() then it will limit the damage.Take the sql you have there as an example...[code=php:0]$query = "UPDATE `user_system` SET `msn` = '$msn', `icq` = '{$icq}', `aim` = '{$aim}', `email` = '{$email}' WHERE `user_system`.`id` = '{$member_id}'";[/code] Now imagine that I passed [color=red]%' OR ' '=' [/color] as the [color=green]member_id[/color] parameter.That's going to make my SQL look like this:[code=php:0]$query = "UPDATE `user_system` SET `msn` = '$msn', `icq` = '{$icq}', `aim` = '{$aim}', `email` = '{$email}' WHERE `user_system`.`id` = '%' OR ' '=' '";[/code] By my calculation that's going to corrupt every single row in your database, by putting LIMIT in there, only one line at a time can be destroyed.RegardsHuggie Quote Link to comment https://forums.phpfreaks.com/topic/28215-mysqlphp-problem-fixed/#findComment-129187 Share on other sites More sharing options...
sk1tL1L Posted November 24, 2006 Author Share Posted November 24, 2006 its still not working, i've even rebuilt the database.When i click submit on the form. It goes though but does not put the information from the form into the database. If there's something in that row it will be deleted eg.BEFORE FORM UPDATED__________________________________________| msn | icq ||wowwowowwow@wow.com.au | 55674466 |_________________________________________AFTER_________________________________________| msn | icq || | 55674466 |_________________________________________The MSN Field was updated, but the data was not inserted. Quote Link to comment https://forums.phpfreaks.com/topic/28215-mysqlphp-problem-fixed/#findComment-129458 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.