PHP and MySQL

PHP and MySQL

am 17.04.2011 22:33:49 von Gavin Chalkley

--0016367658a043652004a12331a3
Content-Type: text/plain; charset=ISO-8859-1

Evening all,

I am trying to run an update form but struggerling :(

Think my brain has had enough this weekend....

############################################################ #############
Form:


Page















############################################################ #############

Update.php :
include("_inc\access.inc");
$cxn = mysqli_connect ($host,$user,$passwd,$dbname)
or die ("Connection Failed");
$sql = "UPDATE contenttop SET content='$_POST[content_2]'
WHERE keycode='$_POST[keycode]'";
$result = mysqli_query($cxn,$sql)
or die ("UPDATE Failed " .mysqli_error($cxn));
?>

It doesn't seem to update the database, which is the last thing i need to
sort out before the CMS is done

Can some one assist??

DB columns:
keycode navLink content
--
Best regards,

Gavin C

--0016367658a043652004a12331a3--

RE: PHP and MySQL

am 17.04.2011 23:09:20 von Keith Davis

Here's at least one of your problems:

" value=3D" de
?> "/>

Should be:

"/>

Also, is keycode a numeric column?

Keith Davis (214) 906-5183


-----Original Message-----
From: Gavin Chalkley [mailto:gavin.chalkley@gmail.com]
Sent: Sunday, April 17, 2011 3:34 PM
To: php-windows@lists.php.net
Subject: [PHP-WIN] PHP and MySQL

Evening all,

I am trying to run an update form but struggerling :(

Think my brain has had enough this weekend....

############################################################ ############
#
Form:


Page







type=3D"hidden" name=3D"" value=3D" "=
/>


############################################################ ############
#

Update.php :
include("_inc\access.inc");
$cxn =3D mysqli_connect ($host,$user,$passwd,$dbname) or die ("Connection
Failed"); $sql =3D "UPDATE contenttop SET content=3D'$_POST[content_2]'
WHERE keycode=3D'$_POST[keycode]'";
$result =3D mysqli_query($cxn,$sql)
or die ("UPDATE Failed " .mysqli_error($cxn)); ?>

It doesn't seem to update the database, which is the last thing i need
to sort out before the CMS is done

Can some one assist??

DB columns:
keycode navLink content
--
Best regards,

Gavin C


This message (including any attachments) may contain confidential or otherwi=
se privileged information and is intended only for the individual(s) to whic=
h it is addressed. If you are not the named addressee you should not dissemi=
nate, distribute or copy this e-mail. Please notify the sender immediately b=
y e-mail if you have received this e-mail by mistake and delete this e-mail =
from your system. E-mail transmission cannot be guaranteed to be secured or =
error-free as information could be intercepted, corrupted, lost, destroyed, =
arrive late or incomplete, or contain viruses. The sender therefore does not=
accept liability for any errors or omissions in the contents of this messag=
e or that arise as a result of e-mail transmission. If verification is requi=
red please request a hard-copy version from the sender.

www.pridedallas.com


--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Re: PHP and MySQL

am 17.04.2011 23:15:11 von Niel Archer

In addition to Keith's comments

> Evening all,
>
> I am trying to run an update form but struggerling :(
>
> Think my brain has had enough this weekend....
>
> ############################################################ #############
> Form:
>
>


>

Page


>



>
>
>


>
>
>

>
> ############################################################ #############
>
> Update.php :
> > include("_inc\access.inc");
> $cxn = mysqli_connect ($host,$user,$passwd,$dbname)
> or die ("Connection Failed");
> $sql = "UPDATE contenttop SET content='$_POST[content_2]'
> WHERE keycode='$_POST[keycode]'";
> $result = mysqli_query($cxn,$sql)
> or die ("UPDATE Failed " .mysqli_error($cxn));
> ?>

Probably not the cause, but you aren't quoting your key names, .i.e. $_POST[keycode]
should be $_POST['keycode']. Also arrays should be surrounded with
braces in double-quoted strings, to be sure they are identified as variables.

> It doesn't seem to update the database, which is the last thing i need to
> sort out before the CMS is done

Not quite. You should also look into escaping your input to avoid SQL
injection. Using input direct from the POST etc variables is A BAD Thing
(TM). Try this:

$content2 = mysqli_real_escape_string($_POST['content_2']);
$keycode = mysqli_real_escape_string($_POST['keycode']);
$sql = "UPDATE contenttop SET content='$content2'
> WHERE keycode='$keycode'";


> Can some one assist??
>
> DB columns:
> keycode navLink content
> --
> Best regards,
>
> Gavin C

--
Niel Archer

--
Niel Archer


--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php