Update Database getting "Record updated successfully" but database is not updated

Hi, I am hoping someone has run into this problem and can point me in the right direction. I have a simply opt out form and I want it to update the database to show the email address has requested to opt out of mailing. However, when I submit the request, I get “Record updated successfully” but the database has not actually been updated.

My input field for the opt out option is <input type="checkbox" id="checkbox" name="optout">
They will just put in their email <input type="text" id="email" name="email" placeholder="email">

My database for my opt out column type is varchar(5) the column name is optout.

My insert code is below.

   `// Create connection
   $conn = mysqli_connect($servername, $username, $password, $dbname);
 // Check connection
    if (!$conn) {
     die("Connection failed: " . mysqli_connect_error());
 }

     $email = $_POST['email'];
     $optout = $_POST['optout'];

// update data in mysql database        
$sql = "UPDATE mailinglist ". "SET optout = '$optout'". 
"WHERE email = '$email'" ;

 if (mysqli_query($conn, $sql)) {
    echo "Record updated successfully";
 } else {
    echo "Error updating record: " . mysqli_error($conn);
 }

  mysqli_close($conn);
   ?>`

I have been trying all kinds of different solutions online but nothing seems to be working. Where am I going wrong with this. Thank you.

What is all this escaping in the query? Dont do that. You need to use Prepared Statements. Never put variables in a query. I suggest you use PDO https://phpdelusions.net/pdo

You first need to check the REQUEST METHOD before you run the code, then check that the POST array has the expected data. Make sure error reporting is turned on.

This last code is wrong. I suggest you take a few minutes and look over the link I posted.

You are not binding the parameters.
If you use named placeholders, use the colon syntax:- email = :email
Then pass the values into the execute() as an associative array.

Thank you, I put them back in. I had taken them out to see what would happen.

All you do is check to see whether the query executed, not whether any columns were modified by the query.

And unless there is a row where the email column contains the string ‘email’, the query runs without error, and updates nothing.

I presumed the error in the parameter names had been fixed as the OP says they put them back in.

Disregard, I have rewritten the code using a prepared statement and was able to get the results I needed.

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.