Should This Work?

LunarIsSexy · September 20, 2013

This is just a basic script for updating my database from form data.

I don't have much experience with databases and this might be a bad question but I have read online that you should use UPDATE because I've only ever inserted stuff to tables.

Any idea whats wrong here?



    <?php

    include 'connect.php';

    include 'main.php';

    if(!isset($_SESSION['id']))



    echo "You need to login to view this page";



    else{



    }

    $id = $_SESSION['id'];

    $firstname = $_POST['firstname'];

    $lastname = $_POST['lastname'];

    $motto = $_POST['motto'];

    $bio = $_POST['bio'];



    if(empty($firstname) || empty($lastname) || empty($motto) || empty($bio)){



    echo "You didn't fill out any fields.";



    } else if (strlen($motto) < 5) {

echo "Your motto must be more than 5 characters.";

    }



    $sql="UPDATE users SET firstname='$firstname', lastname='$lastname', bio='$bio', motto='$motto' WHERE id='$id'"; 

    ?>

There are no errors that show up when its loaded because I fixed some of the other ones but obviously I didn't put for there to be text saying like "Update complete!" or whatever. But I wasn't sure if I should do and "else" around the $sql function. It looks like it should work in my eyes but it doesn't update them.

Database:

http://gyazo.com/b381e32d655f615b189e4fa46b74fa46.png

I do have it connected properly as I already have a register system, profile page, etc...

Also if anyone is good with SQL what should the Varchar be for the BIO? I just set 1024, but I have no clue :/

Edited September 20, 2013 by LunarIsSexy

gristoi · September 20, 2013

here you go:

https://www.google.co.uk/search?q=php+mysql+insert+into+database&oq=php+mysql+insertinto+&aqs=chrome.1.69i57j0l3.6316j0&sourceid=chrome&ie=UTF-8

1.4 million answers for you

TOA · September 20, 2013

Updates are fine if you're updating. Insert's are for new rows.

I think you're main error is that you never fire the query, but I've edited your code for several different things.

1. Added curly braces on line 4 - not necessarily needed in this case, but I consider it good practice so I threw them in there.

2. moved the else condition braces around the rest of the code to only run when there's a session; this was an assumption.

3. not sure what db engine your using in connect.php so I marked where you need to fire the query.

4. added indentation

I didn't test it but it should be good.

<?php
include 'connect.php';
include 'main.php';
if(!isset($_SESSION['id'])) 
{ // added curly braces
	echo "You need to login to view this page";
}
else
{    
	// added indents
	$id = $_SESSION['id'];
	$firstname = $_POST['firstname'];
	$lastname = $_POST['lastname'];
	$motto = $_POST['motto'];
	$bio = $_POST['bio'];


	if(empty($firstname) || empty($lastname) || empty($motto) || empty($bio)){
		echo "You didn't fill out any fields.";
	} else if (strlen($motto) < 5) {
		echo "Your motto must be more than 5 characters.";
	}

    	$sql="UPDATE users SET firstname='$firstname', lastname='$lastname', bio='$bio', motto='$motto' WHERE id='$id'"; 
    	// you never actually fire this query...do so here
}
// moved this to wrap the code
?>

LunarIsSexy · September 20, 2013

Thankyou! I forgot to reply saying I figured it out but thanks for your guys help, I didn't notice you commented.

You were right @TOA, I forgot to fire the query.

I didn't notice til I stared at it for a while, but others with this problem just add $mysql_query($sql); after the Update.

TOA · September 20, 2013

FYI: mysql is deprecated. You should switch to the mysqli extension, or better yet, to an abstraction layer such as PDO

LunarIsSexy · September 20, 2013

FYI: mysql is deprecated. You should switch to the mysqli extension, or better yet, to an abstraction layer such as PDO

Thats what my friend said D: I would ask him what he means but then he'd think I'm retarted. I know what mysqli is, instead of doing for example mysql_connect do "mysqli_connect", etc... But what do you mean by PDO?

TOA · September 20, 2013

I have to preface this with 'I'm not a PDO expert so if I miss-speak, please don't hold it against me.'

The quick and simple explanation is that PDO gives you one universal interface for accessing your db. You call $pdo->query() and it knows that you have a MySQL server and so to use MySQL calls internally. That's an abstraction layer; you abstract the actual calls out of the client code and into an abstraction layer.

Imagine you set everything up on a MySQL server. You then find out MySQL goes bankrupt and you need to replace it with a competitor. How long do you think it would take to go through all your code and replace all the calls to MySQL and also alter functionality for handling the results of those calls. With PDO or a similar layer, you would change the details in your PDO config and all your client code calls would remain the same.

PDO

Abstraction layer

Don't leave questions unasked for fear of stupidity; It's stupid not to ask. If he's a real friend, he won't treat you like an idiot

Edited September 20, 2013 by TOA

KevinM1 · September 20, 2013

There are no stupid questions, only stupid people... like the kind of person who has a question about something, but neglects to ask it.

Barand · September 20, 2013

Old proverb:

"The only stupid question is the one that wasn't asked"

Sign In

Should This Work?

Recommended Posts

LunarIsSexy

Link to comment

Share on other sites

gristoi

Link to comment

Share on other sites

TOA

Link to comment

Share on other sites

LunarIsSexy

Link to comment

Share on other sites

TOA

Link to comment

Share on other sites

LunarIsSexy

Link to comment

Share on other sites

TOA

Link to comment

Share on other sites

KevinM1

Link to comment

Share on other sites

Barand

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information