Verifying syntax executed correctly

Verifying syntax executed correctly

am 18.10.2006 04:35:28 von Ron Piggott

--=-LTt3E1UWKEmNHga0Kvqz
Content-Type: text/plain
Content-Transfer-Encoding: 7bit


If I give this command through PHP to mySQL

mysql_connect(localhost,$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query = "UPDATE `table` SET `last_activity_field` = '$current_date'
WHERE `reference` = '$account_reference' LIMIT 1;";
mysql_query($query);
mysql_close();

is there a way to know if it executed successfully?

Ron

--=-LTt3E1UWKEmNHga0Kvqz--

Re: Verifying syntax executed correctly

am 18.10.2006 04:48:18 von Chris

Ron Piggott (PHP) wrote:
> If I give this command through PHP to mySQL
>
> mysql_connect(localhost,$username,$password);
> @mysql_select_db($database) or die( "Unable to select database");
> $query = "UPDATE `table` SET `last_activity_field` = '$current_date'
> WHERE `reference` = '$account_reference' LIMIT 1;";
> mysql_query($query);
> mysql_close();
>
> is there a way to know if it executed successfully?

Two ways.

Firstly:

$result = mysql_query($query);
if (!$result) {
echo "Bad Query or something!: " . mysql_error() . "
";
}

will tell you quickly whether the query worked at all.

Secondly php.net/mysql_affected_rows will tell you how many rows that
query changed.

Lastly I hope that's just an example otherwise you will have problems
with sql injection.

You can either validate your data before (ie make sure current_date only
contains what you expect) or change

$query = "UPDATE `table` SET `last_activity_field` = '$current_date'
WHERE `reference` = '$account_reference' LIMIT 1;";

to use either mysql_escape_string or mysql_real_escape_string:

$query = "UPDATE `table` SET `last_activity_field` = '" .
mysql_escape_string($current_date) . "'
WHERE `reference` = '" . mysql_escape_string($account_reference) . "'
LIMIT 1;";

Depending on which version of php you have (RTM).

--
Postgresql & php tutorials
http://www.designmagick.com/

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: Verifying syntax executed correctly

am 18.10.2006 05:12:29 von Niel Archer

Hi

All of the MySQL functions you used, return FALSE on failure.

Niel

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

RE: Verifying syntax executed correctly

am 18.10.2006 05:25:25 von Bastien Koert

mysql_query($query) or die(mysql_error);

will give an error and stop the script if there is an issue, this also can
work for the mysql_select_db

bastien

>From: "Ron Piggott (PHP)"
>Reply-To: ron.php@actsministries.org
>To: PHP DB
>Subject: [PHP-DB] Verifying syntax executed correctly
>Date: Tue, 17 Oct 2006 22:35:28 -0400
>
>
>If I give this command through PHP to mySQL
>
>mysql_connect(localhost,$username,$password);
>@mysql_select_db($database) or die( "Unable to select database");
>$query = "UPDATE `table` SET `last_activity_field` = '$current_date'
>WHERE `reference` = '$account_reference' LIMIT 1;";
>mysql_query($query);
>mysql_close();
>
>is there a way to know if it executed successfully?
>
>Ron

--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php