Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 2 of 2 FirstFirst 12
Results 16 to 20 of 20
  1. #16
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,987
    Thanks
    4
    Thanked 2,660 Times in 2,629 Posts
    The last one is the closest.
    isset - used to determine if a value exists and is not null
    (int) is a datatype cast. It will end up as a number.
    ?...: is a ternary syntax shortform for if/else.

    So you don't want to cast to an int with username (I wouldn't assume). But you don't want these empty either.
    PHP Code:
    $email = isset($_POST['email']) ? $_POST['email'] : "";
    $username = isset($_POST['username']) ? $_POST['username'] : "";
    $id = isset($_POST['id']) ? (int)$_POST['id'] : 0;

    if (
    ini_get('magic_quotes_gpc'))
    {
        
    $email stripslashes($email);
        
    $username stripslashes($username);
    }

    // do whatever validation and verification you need to here.

    $email mysql_real_escape_string($email);
    $username mysql_real_escape_string($username);

    // now query. 

  2. #17
    New Coder
    Join Date
    Oct 2012
    Posts
    12
    Thanks
    3
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Fou-Lu View Post
    The last one is the closest.
    isset - used to determine if a value exists and is not null
    (int) is a datatype cast. It will end up as a number.
    ?...: is a ternary syntax shortform for if/else.

    So you don't want to cast to an int with username (I wouldn't assume). But you don't want these empty either.
    PHP Code:
    $email = isset($_POST['email']) ? $_POST['email'] : "";
    $username = isset($_POST['username']) ? $_POST['username'] : "";
    $id = isset($_POST['id']) ? (int)$_POST['id'] : 0;

    if (
    ini_get('magic_quotes_gpc'))
    {
        
    $email stripslashes($email);
        
    $username stripslashes($username);
    }

    // do whatever validation and verification you need to here.

    $email mysql_real_escape_string($email);
    $username mysql_real_escape_string($username);

    // now query. 
    Im trying to use this now but still no success or errors
    PHP Code:
    <?
    //edit_data.php
    include "db.inc.php";
    $email = isset($_POST['email']) ? $_POST['email'] : "";
    $username = isset($_POST['username']) ? $_POST['username'] : "";
    $id = isset($_POST['id']) ? (int)$_POST['id'] : 0;

    if (
    ini_get('magic_quotes_gpc'))
    {
        
    $email stripslashes($email);
        
    $username stripslashes($username);
    }

    // do whatever validation and verification you need to here.

    $email mysql_real_escape_string($email);
    $username mysql_real_escape_string($username);

    // now query. 

    $order "UPDATE members
              SET username='$username', 
                  email='$email' 
              WHERE 
              id='$id'"
    ;
    echo 
    $_GET["username"];

    $result mysql_query($order) or die('Failed to execute query: ' $order ', error: ' mysql_error());
    header("location:edit.php");

    ?>
    Can you please comment it also thanks

    Nope it worked my FTP wasnt uploading it for some reason :S thanks buddy.

    Now one last thing..

    I have changed the code around now to make it suitable for my application needs but I get one error!
    Code:
    Failed to execute query: UPDATE members SET username='Myusernamehere', email='Myemailhere', points='13', completed_surveys=' WHERE id='4', error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '4'' at line 5
    From the error Im certain something else is up with the complete surveys bit as there is no 'number' like the points :/ and I cant see anything - never mind found a brack which was where it shouldn't of been and the error is now gone when I click edit I get a blank page now and the database does not update points and surveys completed -turns out the bracket was in the right place (Im a fool) so that error still applies


    My new code:
    PHP Code:
    <?
    //edit_data.php
    include "db.inc.php";
    $email = isset($_POST['email']) ? $_POST['email'] : "";
    $points = isset($_POST['points']) ? $_POST['points'] : "";
    $completed_surveys = isset($_POST['completed_surveys']) ? $_POST['completed_surveys'] : "";
    $username = isset($_POST['username']) ? $_POST['username'] : "";
    $id = isset($_POST['id']) ? (int)$_POST['id'] : 0;

    if (
    ini_get('magic_quotes_gpc'))
    {
        
    $email stripslashes($email);
        
    $pointsstripslashes($points);
        
    $completed_surveys stripslashes($completed_surveys);
    }

    // do whatever validation and verification you need to here.

    $email mysql_real_escape_string($email);
    $username mysql_real_escape_string($username);
    $points mysql_real_escape_string($points);
    $completed_surveys mysql_real_escape_string($completed_surveys);

    // now query. 

    $order "UPDATE members
              SET username='$username', 
                  email='$email',
                  points='$points',
                  completed_surveys='$completed_surveys
              WHERE 
              id='$id'"
    ;
    echo 
    $_GET["username"];

    $result mysql_query($order) or die('Failed to execute query: ' $order ', error: ' mysql_error());
    header("location:edit.php");

    ?>
    Last edited by mr3army; 10-31-2012 at 01:54 AM.

  3. #18
    New Coder
    Join Date
    Oct 2012
    Posts
    12
    Thanks
    3
    Thanked 0 Times in 0 Posts
    any ideas?

    thankss

  4. #19
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,987
    Thanks
    4
    Thanked 2,660 Times in 2,629 Posts
    Its a SQL error. You have an incorrect string in the field for completed_surveys, so the parser takes everything between the open and close, and then finds a number and a ' where they don't belong. Simply close the string quote and it should work.

  5. #20
    New Coder
    Join Date
    Oct 2012
    Posts
    12
    Thanks
    3
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by Fou-Lu View Post
    Its a SQL error. You have an incorrect string in the field for completed_surveys, so the parser takes everything between the open and close, and then finds a number and a ' where they don't belong. Simply close the string quote and it should work.
    Bingo knew it was something silly

    Thanks very much ::


 
Page 2 of 2 FirstFirst 12

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •