Lets say you have a form which allows someone to change there personal data in a database. The user only wants to change their phone number and leave everything else the same does anyone know how to change the row with the phone number in?
My current code updates all the rows in the form which are left blank as blank inputs.
Current Database:
First Name: Joe
Surname: Bloggs
Phone Number: 123456789
Update Form:
First Name:
Surname:
Phone Number: 987654321
Incorrect Updated Database:
First Name:
Surname:
Phone Number: 987654321
Correct Updated Database:
First Name: Joe
Surname: Bloggs
Phone Number: 987654321
I need something that says: If blank do not update.
function mysql_real_escape_array($t)
{
return array_map("mysql_real_escape_string",$t);
}
function trim_array($ar)
{
return array_map("trim",$ar);
}
if(isset($_POST['form_id']))
{
$_POST = mysql_real_escape_array($_POST);
$_POST = trim_array($_POST);
$error = "";
if($error == "")
{
$sql = "
UPDATE
users
SET
category = '".$_POST['category']."',
linkcategory = '".str_replace(' ', '-',strtolower($_POST['category']))."',
firstname = '".$_POST['firstname']."',
surname = '".$_POST['surname']."',
email = '".$_POST['email']."',
website = '".$_POST['website']."',
company = '".$_POST['company']."',
building = '".$_POST['building']."',
streetname = '".$_POST['streetname']."',
town = '".$_POST['town']."',
state = '".$_POST['state']."',
postcode = '".$_POST['postcode']."',
aboutcompany = '".$_POST['aboutcompany']."',
country = '".$_POST['country']."'
WHERE
id=$id";
$result = mysql_query($sql) or die("An error occurred ".mysql_error());
}
I tried that code. Its very different to what I have. It creates the following error which I haven’t seen before:
“An error occurred You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘’ at line 1”
Does the code pick up all the rows in the database which could be completed:
firstname = '".$_POST['firstname']."',
surname = '".$_POST['surname']."',
email = '".$_POST['email']."',
website = '".$_POST['website']."',
company = '".$_POST['company']."',
building = '".$_POST['building']."',
streetname = '".$_POST['streetname']."',
town = '".$_POST['town']."',
state = '".$_POST['state']."',
postcode = '".$_POST['postcode']."',
aboutcompany = '".$_POST['aboutcompany']."',
country = '".$_POST['country']."'
It doesn’t pick up rows from the DB. It loops through the fields in the POST array and adds them to the update SQL only if they have been filled in. Doing it that way will prevent it from clearing any fields that the user didn’t change.
Post the value of $sql so we can see where the syntax error is.