Jump to content

[SOLVED] MySQL won't update

cheechm

By cheechm
in PHP Coding Help

 Share

Recommended Posts

cheechm Regular Member

cheechm

Posted
Posted

So I am trying to update a row called Review (a text field) in my database in my table, but can't seem to do it. no errors are being shown:

 

addreview.php

<?php

$eventname = $_GET['eventname'];
$review = $_GET['review'];
$year = $_GET['year'];

$con = mysql_connect("");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("", $con);

mysql_query("UPDATE results SET Review = '$_GET[review]' WHERE EventName = '$eventname' AND Year = '$year' ");

if (mysql_errno()) printf("<b>Error: %s<br>\nOn query: $query</b><br>\n",mysql_error(),$query);
{

echo "Review for $eventname is now filed";

}

mysql_close($con)
?>
<meta http-equiv="refresh" content="1;url=review.php">

Not even the 

echo "Review for $eventname is now filed"; displays the event name.

 

 

The form is as follows:

 

<form method="post" action="addreview.php">
Eventname:
<input type="text" name="eventname" /><br />
Yeargroup:  <input type="text" name="year" /><br />
Review:<br />
<textarea name="Review" rows="10" cols="32"></textarea><br />
<p><input type="submit" name="submit" value="Add Review">
</form>

 

For some reason, this doesn't work. I can't seem to find why.

 

[Extra info]

There is columns in Results table called:

 

EventName

Year

Result

Team

 

All other processes with this table work.

 

There is a default value for the Review column: "No review yet".

 

Link to comment
https://forums.phpfreaks.com/topic/54317-solved-mysql-wont-update/
Share on other sites
Yesideez Advanced Member

Yesideez

Posted
Posted

Try this:

mysql_query("UPDATE `results` SET `Review` = '".$_POST['review']."' WHERE EventName = '$eventname' AND Year = '$year' ");

 

If that fails make sure the case of your table and fild names match. For example, If your field is called "review" use that instead of "Review"

The Little Guy Prolific Member

The Little Guy

Posted
Posted

Read my comments, and try this:

<?php
# You should use addslashes when adding something to a database. 
# When printing out the results from the database use stripslashes.
$eventname = addslashes($_POST['eventname']);
$review = addslashes($_POST['review']);
$year = addslashes($_POST['year']);

$con = mysql_connect("");  # Is this supposed to be empty?
if (!$con){
die('Could not connect: ' . mysql_error());
}

mysql_select_db("", $con); # Should this be empty too?

if (mysql_query("UPDATE `results` SET `Review` = '{$_POST['review']}' WHERE EventName = '$eventname' AND Year = '$year' ")or die(mysql_error())){
echo "Review for $eventname is now filed";
}

mysql_close($con)
header("refresh: 5; url=review.php");
exit;
?>

trq Prolific Member

trq

Posted
Posted
# You should use addslashes when adding something to a database.

# When printing out the results from the database use stripslashes.

 

This is a myth. stripslashes does NOT need to be applied to data comming from a database. It only needs to be applied if you are displaying (directly) form data which has had addslashes applied to it or if magic_quotes_gpc is on. Slashes are NOT stored in the database.

 

PS; You should also use mysql_real_escape_string instead where available.

per1os Member

per1os

Posted
Posted

Quote

# You should use addslashes when adding something to a database.

# When printing out the results from the database use stripslashes.

 

This is a myth. stripslashes does NOT need to be applied to data comming from a database. It only needs to be applied if you are displaying (directly) form data which has had addslashes applied to it or if magic_quotes_gpc is on. Slashes are NOT stored in the database.

 

PS; You should also use mysql_real_escape_string instead where available.

 

Agreed, you should NEVER stripslashes on data coming out of the DB, that is definitely bad programming.

 

To the Little Guy:

The "only" time you should stripslashes is if you want to display data from a form on the page and not insert it into a db and get_magic_quotes_gpc is on. If the data is coming from the DB stripslashes should not have to be used if done properly.

 

<?php
function escape_string($string) {
       return  get_magic_quotes_gpc()?mysql_real_escape_string(stripslashes ($string)):mysql_real_escape_string($string);
}
?>

 

Using that will make sure the string is escaped properly, and will not double up on slashes.  Note if you do not use mysql, change the function to whatever db you are using.

The Little Guy Prolific Member

The Little Guy

Posted
Posted

It only needs to be applied if you are displaying (directly) form data which has had addslashes applied to it or if magic_quotes_gpc is on. Slashes are NOT stored in the database.

 

Huh? I don't get this line.

 

If you use addslashes, and save it into the database, there will be slashes in front of the quotes.

 

then when you echo it out, it would look like this: I\'m cool.

 

so you would need to use stripslashes so it looks like this: I'm cool.

per1os Member

per1os

Posted
Posted

It only needs to be applied if you are displaying (directly) form data which has had addslashes applied to it or if magic_quotes_gpc is on. Slashes are NOT stored in the database.

 

Huh? I don't get this line.

 

If you use addslashes, and save it into the database, there will be slashes in front of the quotes.

 

then when you echo it out, it would look like this: I\'m cool.

 

so you would need to use stripslashes so it looks like this: I'm cool.

 

The only reason you have to stripslashes on your data coming out of yourr database is because magic_quotes are on and when you add slashes on POST data that has magic_quotes on it doubles the slashes, so in reality what you are entering into the DB is:

 

I\\'m cool.

Which the database automatically removes the first set of slashes so when looking at the DB it appears as

I\'m cool

 

Which in return is why you have to stripslashes.

 

Now if you did it properly and only added slashes or mysql_real_escape_string when magic_quotes are off than the data would be entered into the db like so:

 

I\'m cool.

Which the database automatically removes the first set of slashes so when looking at the DB it appears as

I'm cool

 

Which in return, when retrieved does not have any slashes on it.

 

Here is a test so you can see what I am talking about

 

<?php
// mysql_connect here

$slasshed = "I'm Cool";
$slasshed = addslashes(addslashes($slashed)); // which is essentially what you are doing
$unslasshed = "I'm Cool";
$unslasshed = addslashes($unslasshed);

mysql_query("INSERT INTO test (`testdata`) VALUES ('" . $slasshed . "');");
mysql_query("INSERT INTO test (`testdata`) VALUES ('" . $unslasshed . "');");

$query = "SELECT * FROM test";
$qu = mysql_query($query);

echo 'Data inserted is: <br />';
echo '$slasshed = ' . $slasshed . '<br />';
echo '$unslasshed = ' . $unslasshed . '<br /><br />';

while ($row = mysql_fetch_array($qu)) {
      echo 'Data : ' . $row[0] . "<br />";
}

?>

 

That should give you a better aspect on what is happening.

per1os Member

per1os

Posted
Posted 

<?php
// change $_GET to $_POST due to the nature of the form posted as it POSTS the data not GETS
$eventname = $_POST['eventname'];
$review = $_POST['review'];
$year = $_POST['year'];

$con = mysql_connect("");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("", $con);

mysql_query("UPDATE results SET Review = '$review' WHERE EventName = '$eventname' AND Year = '$year' ");

if (mysql_errno()) printf("<b>Error: %s<br>\nOn query: $query</b><br>\n",mysql_error(),$query);
{

echo "Review for $eventname is now filed";

}

mysql_close($con)
?>
<meta http-equiv="refresh" content="1;url=review.php">

 

Try that and see if it works.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.