Jump to content


Photo

Whats wrong with this?


  • Please log in to reply
11 replies to this topic

#1 webrosc

webrosc
  • New Members
  • Pip
  • Newbie
  • 5 posts

Posted 14 March 2006 - 04:41 AM

Can anyone tell me where i'm going wrong with this code?
I just can't see a problem with it, but it keeps comeing back saying 'Error, query failed'

All help would be great.
cheers.


<?
      
$shirt=$_POST['shirt'];
$firstname=$_POST['firstname'];
$surname=$_POST['surname'];
$position=$_POST['position'];
$played=$_POST['played'];
$scored=$_POST['scored'];
$conceded=$_POST['conceded'];
$injury=$_POST['injury'];
$yellow=$_POST['yellow'];
$red=$_POST['red'];

mysql_connect(localhost,xxxx,xxxx);
@mysql_select_db(xxxx) or die( "Unable to select database try again");

$query = ("UPDATE team SET shirt='$shirt', first='$firstname', surname='$surname', position='$position', played='$played', scored='$scored', conceded='$conceded', injury='$injury', yellow='$yellow', red='$red' WHERE shirt = '$shirt'");


mysql_query($query) or die('Error, query failed');
echo "Record Updated";
mysql_close();
?>


#2 AndyB

AndyB
  • Staff Alumni
  • Advanced Member
  • 5,465 posts
  • LocationToronto

Posted 14 March 2006 - 07:52 AM

shirt appears to be some kind of index, so the second query (below) doesn't make sense
SET shirt='$shirt' ..................WHERE shirt = '$shirt'")

Legend has it that reading the manual never killed anyone.
My site

#3 wickning1

wickning1
  • Members
  • PipPipPip
  • Advanced Member
  • 405 posts

Posted 14 March 2006 - 02:14 PM

AndyB is correct, but I'm not sure that would produce an error. Use this to find out what the error is:

mysql_query($query) or die(mysql_error());


#4 webrosc

webrosc
  • New Members
  • Pip
  • Newbie
  • 5 posts

Posted 14 March 2006 - 03:57 PM

[!--quoteo(post=354883:date=Mar 14 2006, 02:14 PM:name=wickning1)--][div class=\'quotetop\']QUOTE(wickning1 @ Mar 14 2006, 02:14 PM) View Post[/div][div class=\'quotemain\'][!--quotec--]
AndyB is correct, but I'm not sure that would produce an error. Use this to find out what the error is:

mysql_query($query) or die(mysql_error());
[/quote]

Ok i'm now a total n00b and idiot, the mysql_error() bit helped tho, i was calling a field in my code first, but on the table it's firstname.

cheers for the help guys

#5 fenway

fenway
  • Staff Alumni
  • MySQL Si-Fu / PHP Resident Alien
  • 16,199 posts
  • LocationToronto, ON

Posted 15 March 2006 - 12:29 AM

It doesn't look like you're handling quotes properly -- MySQL will choke if you passed a surname of "O'Neill". Double-check.
Seriously... if people don't start reading this before posting, I'm going to consider not answering at all.

#6 webrosc

webrosc
  • New Members
  • Pip
  • Newbie
  • 5 posts

Posted 15 March 2006 - 12:33 AM

[!--quoteo(post=355155:date=Mar 15 2006, 12:29 AM:name=fenway)--][div class=\'quotetop\']QUOTE(fenway @ Mar 15 2006, 12:29 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]
It doesn't look like you're handling quotes properly -- MySQL will choke if you passed a surname of "O'Neill". Double-check.
[/quote]

thats a very good point i hadn't thought of, will look into it.

cheers

#7 fenway

fenway
  • Staff Alumni
  • MySQL Si-Fu / PHP Resident Alien
  • 16,199 posts
  • LocationToronto, ON

Posted 15 March 2006 - 12:39 AM

I'm not the PHP expert in the least, but I've seen the addslashes() function used to properly escape any "nasty" characters that mysql treats as special.
Seriously... if people don't start reading this before posting, I'm going to consider not answering at all.

#8 webrosc

webrosc
  • New Members
  • Pip
  • Newbie
  • 5 posts

Posted 15 March 2006 - 12:45 AM

[!--quoteo(post=355159:date=Mar 15 2006, 12:39 AM:name=fenway)--][div class=\'quotetop\']QUOTE(fenway @ Mar 15 2006, 12:39 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]
I'm not the PHP expert in the least, but I've seen the addslashes() function used to properly escape any "nasty" characters that mysql treats as special.
[/quote]
compaired to me you are a total expert lol.
i will check out the addslashes() function, the site is just a little example at mo for bro as he is just starting to put a team together, so time is plenty :)

#9 wickning1

wickning1
  • Members
  • PipPipPip
  • Advanced Member
  • 405 posts

Posted 15 March 2006 - 07:25 AM

He'll probably be fine, most web hosts have magic quotes turned on (to help cover their butts from a security standpoint).

Magic quotes are so evil. If you don't know already, do yourself a favor, google a bit, learn what magic quotes are, and learn how to deal with/without them.

Maybe I'll write a tutorial I can link to.

#10 webrosc

webrosc
  • New Members
  • Pip
  • Newbie
  • 5 posts

Posted 15 March 2006 - 01:07 PM

[!--quoteo(post=355246:date=Mar 15 2006, 07:25 AM:name=wickning1)--][div class=\'quotetop\']QUOTE(wickning1 @ Mar 15 2006, 07:25 AM) View Post[/div][div class=\'quotemain\'][!--quotec--]
He'll probably be fine, most web hosts have magic quotes turned on (to help cover their butts from a security standpoint).

Magic quotes are so evil. If you don't know already, do yourself a favor, google a bit, learn what magic quotes are, and learn how to deal with/without them.

Maybe I'll write a tutorial I can link to.
[/quote]
i've tested my pages and adding a ' does not cause any errors.

but thanks guys for mentioning it

#11 fenway

fenway
  • Staff Alumni
  • MySQL Si-Fu / PHP Resident Alien
  • 16,199 posts
  • LocationToronto, ON

Posted 15 March 2006 - 05:43 PM

Ugh... I can't believe PHP ever included magic_quotes_gpc at all. What a stupid idea.

Anyway, to maintain portability -- i.e. when you move to host that is smart, or realize how evil magic_quotes is and turn it off -- without blowing up all your scripts, you should roll-your-own addslashes() wrapper that check the see if the "magic" is on or off, and act accordingly.

This is why I use Perl...
Seriously... if people don't start reading this before posting, I'm going to consider not answering at all.

#12 wickning1

wickning1
  • Members
  • PipPipPip
  • Advanced Member
  • 405 posts

Posted 15 March 2006 - 06:29 PM

Yeah, I like Perl quite a bit too. That's why when I started with PHP I rolled out my own database class that works like DBI. I parse out the placeholders myself.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users