I have a problem. Well, I have more than one but only one that I can get some help here. First off, I’m aware of SQL injection but I’m just trying to get this to work for now. I have tried just about every way I can think for to get get post data to write to the database but it just won’t. I don’t get any error messages, it just doesn’t work.
I have checked the post data and it’s all correct and the ID is right. And the $conn variable is the same one that gets the data into the table for modifying, so I know that’s good. I sure could use a hand telling me what I’m doing wrong. Thanks in advance.
Although all but one of my attempts are commented out none of them work.
// Begin update code:
if (isset($_POST['update'])) {
print_r($_POST);
// $UpdateQuery = "UPDATE data2 SET artist = '$_POST[partist]' title = '$_POST[ptitle]' date = '$_POST[pdate]' toppos = '$_POST[ptoppos]' thisweek = '$_POST[pthisweek]' weekson = '$_POST[pweekson]' onchart = '$_POST[ponchart]' have = '$_POST[phave]' raporhm = '$_POST[praporhm]' WHERE id = '$_POST[pid]' ";
$UpdateQuery = "UPDATE data2 SET artist = '$_POST[partist]', title = '$_POST[ptitle]', date = '$_POST[pdate]', toppos = '$_POST[ptoppos]', thisweek = '$_POST[pthisweek]', weekson = '$_POST[pweekson]', onchart = '$_POST[ponchart]', have = '$_POST[phave]', raporhm = '$_POST[praporhm]' WHERE id = '$_POST[pid]' ";
// $UpdateQuery = 'UPDATE data2 SET artist = "$_POST[partist]", title = "$_POST[ptitle]", date = "$_POST[pdate]", toppos = "$_POST[ptoppos]", thisweek = "$_POST[pthisweek]", weekson = "$_POST[pweekson]", onchart = "$_POST[ponchart]", have = "$_POST[phave]", raporhm = "$_POST[praporhm]", WHERE id = "$_POST[pid]" ';
// $UpdateQuery = "UPDATE data2 SET artist = $_POST['partist'], title = $_POST['ptitle'], date = $_POST['pdate'], toppos = $_POST['ptoppos'], thisweek = $_POST['pthisweek'], weekson = $_POST['pweekson'], onchart = $_POST['ponchart'], have = $_POST['phave'], raporhm = $_POST['praporhm'], WHERE id = $_POST['pid']";
mysqli_query($conn, $UpdateQuery);
}
You need a couple of things here, I think. The first is quotations around your POST variable items, the second is quotations around strings in your items. If it was me I’d assign all your POST to variables just to avoid some of the quotation confusion, at least while you’re figuring things out at the beginning, like so:
$artist = $_POST['partist'];
$title = $_POST['ptitle'];
$date = $_POST['pdate'];
$toppos = $_POST['ptoppos'];
$thisweek = $_POST['pthisweek'];
$weekson = $_POST['pweekson'];
$onchart = $_POST['ponchart'];
$have = $_POST['phave'];
$raporhm = $_POST['praporhm'];
$id = $_POST['pid'];
$UpdateQuery = "UPDATE data2 SET artist = '$artist', title = '$title', date = '$date', toppos = '$toppos', thisweek = '$thisweek', weekson = '$weekson', onchart = '$onchart', have = '$have', raporhm = '$raporhm', WHERE id = $id";
Does it… empty your data rows? Do Nothing to the table?
Lets run through some basic debugging steps of a Query Gone Wrong.
1: Echo the querystring. (echo $UpdateQuery) . Does it look right? Are all your quotes where you think your quotes should be?
2: Echo the error information of your query. In your case, this would be echoing out the value of mysqli_error($conn);
3: If that still doesn’t point to a problem, take the querystring, and stick it directly into your database. A tool like PHPMyAdmin can help with this. If the database accepts the string (at this point, it should if #2 didnt find a problem), and returns “Updated rows: 0”, your query has executed correctly, but you failed to target an actual row in the table with your test.
Once again you have bailed me out. Being new I never would have thought of those things. Thanks to your help I have finally solved the problem.
@jeffreylees code would have worked great with one simple issue. And without looking at the SQL error I never would have found it. It simply was the comma after the last element before the WHERE statement. In fact, I’m using his code in the final version. In my $_POST code above I didn’t have a comma but that didn’t work either.
To both of you my sincere thanks. Maybe someday I’ll be knowledgeable enough to help some other person starting out like me.
I appreciate your help but the last time I tried to get something working with prepared statements I could never get it to work. I hate to think of the hours I spent and I just never got it. For you I’m sure it’s simple. I’m self taught and old and things just don’t sink in like when I was young.
I moved onto another section of the project just to stop the frustration. Once everything is working I’ll readdress the issue.
Thanks so much for your help. With the one little exception of the comma before the WHERE statement it worked perfectly . My $_POST statement didn’t work and that didn’t have a comma. Your effort is greatly appreciated.