Jump to content

[SOLVED] UPDATE query

jas4

By jas4
in PHP Coding Help

Recommended Posts

jas4 Member

jas4

Posted
Posted

Hi all, trying to get an update query working, but can't quite seem to get it working:

 

mysql_query("UPDATE Address SET

                      line1 = '".$_POST['nline1']."',

                      line2 = '".$_POST['nline2']."',

                      line3 = '".$_POST['nline3']."',

                      postcode = '".$_POST['npostcode']."'

                                        WHERE id = (SELECT H.aid

                                                          FROM Has_address H

                                                          WHERE H.cid ='".$_SESSION['id']."')");

 

where nline1,nline2 etc are from an incoming form.

 

any help/advice welcomed

Link to comment
https://forums.phpfreaks.com/topic/53111-solved-update-query/
Share on other sites
Barand Prolific Member

Barand

Posted
Posted

try coding it this way and report the output

 

<?php
$sql = "UPDATE Address SET
                      line1 = '".$_POST['nline1']."',
                      line2 = '".$_POST['nline2']."',
                      line3 = '".$_POST['nline3']."',
                      postcode = '".$_POST['npostcode']."'
                                         WHERE id = (SELECT H.aid
                                                          FROM Has_address H
                                                           WHERE H.cid ='".$_SESSION['id']."')";

mysql_query($sql) or die (mysql_error()."<p>$sql</p>");                                                           
?>

Link to comment
https://forums.phpfreaks.com/topic/53111-solved-update-query/#findComment-262371
Share on other sites
jas4 Member

jas4

Posted
  • Author
Posted

cheers, finally got it fixed. have done it in two queries now, and taken the result of the first one to compare it to the second one:

 

	//TO FIND THE AID
         $aid =mysql_query("SELECT aid FROM Has_address WHERE cid ='". $_SESSION['id']."'");
  		$row = mysql_fetch_assoc($aid);
  		extract($row);

  		
  	      $sql = "UPDATE Address SET
                      line1 = '".$_POST['nline1']."',
                      line2 = '".$_POST['nline2']."',
                      line3 = '".$_POST['nline3']."',
                      postcode = '".$_POST['npostcode']."'
                                         WHERE id = '".$aid."'";

mysql_query($sql) or die (mysql_error()); 

 

works perfectly, but is out of interest is it good practise to do it in 2 queries when it could (i'm sure) could be done in 1?

 

thanks

Link to comment
https://forums.phpfreaks.com/topic/53111-solved-update-query/#findComment-262391
Share on other sites
Barand Prolific Member

Barand

Posted
Posted

I generally avoid joins in updates and inserts. It can be a bit finicky about the result being updateable.

 

It is bad practice, though, to take input direct from the client (GET, POST, COOKIE) an put it in the query without sanitising against sql injection.

Link to comment
https://forums.phpfreaks.com/topic/53111-solved-update-query/#findComment-262513
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.