...

View Full Version : Help. Update statement not working



thewebdudemajor
10-10-2012, 10:51 AM
Hello everyone,
I built a sample e-banking application as part of a project from my school. I wrote the statement below to update two tables from fields submitted from a form and also send a mail to the form owner. when i submit the form it redirects to the finale.php page but does not update the database at all..

The UPDATE statement is

$sqlupdate = " UPDATE client, `statement` SET client.account_balance = $balanceaftertransfer,client.checkcode = 1, statement.account_balance = $balanceaftertransfer, statement.statement_details = Online Transfer, statement.statement_credit = 0, statement.staement_debit = $amt2tra, statement.statement_date = CURDATE(), statement.client_id = $client_id
WHERE client.client_id = `statement`.client_id AND username = '".$_SESSION['MM_Username']."'";
mysql_query($sqlupdate ) ;

and the full post.php file is as shown below


<?php
if (!isset($_SESSION)) {
session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;

// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
}
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
}
if (($strUsers == "") && true) {
$isValid = true;
}
}
return $isValid;
}

$MM_restrictGoTo = "log.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($_SERVER['QUERY_STRING']) && strlen($_SERVER['QUERY_STRING']) > 0)
$MM_referrer .= "?" . $_SERVER['QUERY_STRING'];
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
exit;
}
?>
<?php
//To connect to database
include("Connections/bollingo.php");
$query_recordset = "SELECT *
FROM client, `statement`
WHERE client.client_id = `statement`.client_id AND username = '".$_SESSION['MM_Username']."'";

// Receiving variables
$pfw_ip= $_SERVER['REMOTE_ADDR'];
$client_id = $_POST['client_id'];
$accname = $_POST['accname'];
$avafortra = (int)$_POST['avafortra'];
$amt2tra = (int)$_POST['amt2tra'];
$email = $_POST['email'];
$mobile = $_POST['mobile'];
$tbname = $_POST['tbname'];
$tbbank = $_POST['tbbank'];
$tbbankac = $_POST['tbbankac'];
$tbbranch = $_POST['tbbranch'];
$tbswift = $_POST['tbswift'];

$balanceaftertransfer = $avafortra - $amt2tra;

//Sending Email to form owner
$pfw_header = "From: $email\n"
. "Reply-To: $email\n";
$pfw_subject = "Hello";
$pfw_email_to = "info@myownsite.com";
$pfw_message = "Visitor's IP: $pfw_ip\n"
. "Account Name: $accname\n"
;

mail($pfw_email_to, $pfw_subject ,$pfw_message ,$pfw_header ) ;

//updating database
$sqlupdate = " UPDATE client, `statement` SET client.account_balance = $balanceaftertransfer,client.checkcode = 1, statement.account_balance = $balanceaftertransfer, statement.statement_details = Online Transfer, statement.statement_credit = 0, statement.staement_debit = $amt2tra, statement.statement_date = CURDATE(), statement.client_id = $client_id
WHERE client.client_id = `statement`.client_id AND username = '".$_SESSION['MM_Username']."'";
mysql_query($sqlupdate ) ;

header("Location: finale.php");
?>

Fou-Lu
10-10-2012, 04:42 PM
Make sure you issue an or die(mysql_error()); as a part of the mysql_query; this will tell you of errors. You for sure have syntactical errors since you are issuing a string assignment to statement.statement_details without any quotations.
It should be noted that with multiple table updates the MySQL documentation specifically states that the order is not guaranteed. So if you have foreign key constraints, make sure you are issuing multiple update queries instead. Without it you may violate the key constraints which will cause the update to fail as well.
Also, in the future please make sure to wrap code in
or
tags to preserve the formatting.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum