Jump to content

MySQL UPDATE changes all rows instead of WHERE

RADaugherty

By RADaugherty
in PHP Coding Help

 Share
Go to solution Solved by mac_gyver,

Recommended Posts

RADaugherty Member

RADaugherty

Posted
Posted

So I pass header data to a PHP file and execute an UPDATE statement based on that. The header data comes through correctly but instead of updating it via the WHERE it just updates all rows.

 

Can someone tell me what I'm doing wrong?

 

The header data will look like this: Battery-0975GJ 

<?php

include "config.php";

    if (isset($_GET['Header'])){

            $headerData =$_GET['Header'];
            $headerDataB = explode("|", $headerData);
            if (is_array($headerDataB)) {
                $headerData = $headerDataB[0] . " " . $headerDataB[1];
            }
            
            
            $contentVar = "True";

    $conn=mysqli_connect($host,$user,$password,$dbname);
      if(!$conn){
          die('Could not Connect MySql Server:' .mysql_error());
        }

$headerData = str_replace(['+', '<', '>', '(', ')', '~', '*', '\'', '"'], '', $headerData);
echo $headerData;

$sql="UPDATE ServicePending SET Tag = ? WHERE SystemID = ? ";
$stmt=$conn->prepare($sql);
$stmt->bind_param("si",$contentVar,$headerData);
$stmt->execute();


//                  echo '<script type="text/javascript">';
//echo 'alert("Battery has been updated!");';
//echo 'window.location.href = "attentionbatteries.php";';
//echo '</script>';

}

?>

 

Added in the echo $headerData; just for testing and uncommented the javascript section until I get this figured out.

 

SystemID is 100% unique after the "Battery-" but since I'm not doing a LIKE I can't figure out why its updating more than just that one with the SystemID found in the header data.

 

Thanks!

Link to comment
Share on other sites
  • Solution
mac_gyver Prolific Member

mac_gyver

Posted
  • Solution
Posted

when i tried your code, $headerData being used when the query is executed is the full 'Battery-0975GJ' value. this is a string, not an integer. you are casting it as an integer in the bind_param("si" usage, resulting in a zero for a value. in sql queries, when one parameter in a comparison is a number, the other parameter is converted to a number as well. you are getting WHERE 0 = 0 which is matching every row.

 

 

Link to comment
Share on other sites
RADaugherty Member

RADaugherty

Posted
  • Author
Posted
6 minutes ago, mac_gyver said:

when i tried your code, $headerData being used when the query is executed is the full 'Battery-0975GJ' value. this is a string, not an integer. you are casting it as an integer in the bind_param("si" usage, resulting in a zero for a value. in sql queries, when one parameter in a comparison is a number, the other parameter is converted to a number as well. you are getting WHERE 0 = 0 which is matching every row.

 

 

Oh damn! So just changing that to an "s" for a string should fix my issue!

 

image.png.7608fd6d2b847dedeb130402a7d780a0.png

 

 

I knew it had to be something simple. Thanks a lot!

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.