Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6
  1. #1
    Regular Coder
    Join Date
    Dec 2006
    Posts
    306
    Thanks
    24
    Thanked 0 Times in 0 Posts

    Has problem for update database

    Hi;
    I am trying to update my database, but the problem for me is the old value replace with the value of the " " (empty). my code as following;

    $subject=$_POST['subject'];
    $content=$_POST['content'];

    echo $subject;
    echo $content;

    $result=mysql_query("UPDATE Thread SET Subject='$subject', Content='$content' where Id='$threadId'");

    there are not problem for the "echo $subject" and "
    echo $content;"

    but if rewrite as following, it does update the values from database.

    $result=mysql_query("UPDATE Thread SET Subject='subject', Content='content' where Id='$threadId'");

  • #2
    Regular Coder
    Join Date
    Apr 2003
    Location
    Montreal, QC
    Posts
    340
    Thanks
    3
    Thanked 2 Times in 2 Posts
    Try:
    PHP Code:
    $result=mysql_query("UPDATE Thread SET Subject='".$subject."', Content='".$content."' where Id='".$threadId."'"); 
    Maybe the single quotes are messing up the values getting into the query. This way there's no room for interpretation.
    Search for Laughter or Just Search?
    GiggleSearch.org
    Blog: www.johnbeales.com
    All About Ballet: www.the-ballet.com

  • #3
    Super Moderator Inigoesdr's Avatar
    Join Date
    Mar 2007
    Location
    Florida, USA
    Posts
    3,647
    Thanks
    2
    Thanked 406 Times in 398 Posts
    Escape your user input with mysql_real_escape_string(), and your original query should work.
    PHP Code:
    $subject mysql_real_escape_string($_POST['subject']);
    $content mysql_real_escape_string($_POST['content']);
    $result=mysql_query("UPDATE `Thread` SET `Subject` = '$subject', `Content` = '$content' WHERE `Id` = '$threadId'"); 
    If `Id` is an integer you don't need, and shouldn't use, quotes around the value.

  • #4
    Regular Coder
    Join Date
    Dec 2006
    Posts
    306
    Thanks
    24
    Thanked 0 Times in 0 Posts
    Thanks for both;
    it does work now.

  • #5
    Senior Coder
    Join Date
    Jan 2007
    Posts
    1,648
    Thanks
    1
    Thanked 58 Times in 54 Posts
    Quote Originally Posted by johnnyb View Post
    Maybe the single quotes are messing up the values getting into the query. This way there's no room for interpretation.
    This is why one should always use the following syntax:

    PHP Code:
    $sql "SELECT * FROM threads where threadId = {$threadId}"

  • #6
    Regular Coder
    Join Date
    Apr 2003
    Location
    Montreal, QC
    Posts
    340
    Thanks
    3
    Thanked 2 Times in 2 Posts
    Quote Originally Posted by aedrin View Post
    This is why one should always use the following syntax:

    PHP Code:
    $sql "SELECT * FROM threads where threadId = {$threadId}"
    I've never seen, (or at least if I have I haven't really paid attention to), the curly-bracket syntax. Is it in the manual, or explained somewhere else? (I'm going to check for myself right now - but if there are more hints to be had I'm listening).
    Search for Laughter or Just Search?
    GiggleSearch.org
    Blog: www.johnbeales.com
    All About Ballet: www.the-ballet.com


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •