homepage Welcome to WebmasterWorld Guest from 23.22.128.96
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Visit PubCon.com
Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
very strange sql update issue
kristof_v




msg:3154187
 11:36 am on Nov 12, 2006 (gmt 0)

hi guys,

i have a versy simple update statement like this:

if (isset($_POST['submit'])) {
$update = mysql_query("update category set name='$_POST[name]' where id=$cat_id") or die(mysql_error());
header("location:index.php?page=categories");
}

this is the structure of the category table:


id int(11) No
name varchar(100) No
user_id int(11) No 0

now this update statement just won't work, it also doesn't give an error :s

but, however, when I just replace id=$cat_id with where user_id=$user_id in the update statement, it works


if (isset($_POST['submit'])) {
$update = mysql_query("update category set name='$_POST[name]' where user_id=$user_id") or die(mysql_error());
header("location:index.php?page=categories");
}

both $cat_id as $user_id are set correctly so that is certainly not the problem.

I've never seen anything like this?

grtz

 

dramstore




msg:3154207
 12:14 pm on Nov 12, 2006 (gmt 0)

If cat_id is a string, should it be
id='$cat_id'
user_id would maybe work as its an integer

kristof_v




msg:3154215
 12:50 pm on Nov 12, 2006 (gmt 0)

hi dramstore,

id is probably a string as you said, because it is passed with as a GET var.
So I tried to convert it to an integer before passing it to the update statement as follows:

$cat_id = intval($_GET['id']);
if (isset($_POST['submit'])) {
$update = mysql_query("update category set name='$_POST[name]' where id=$cat_id") or die(mysql_error());
header("location:index.php?page=categories");
}

but still little succes :)

dramstore




msg:3154223
 1:03 pm on Nov 12, 2006 (gmt 0)

try putting the update statement into a string and display it.
then you can cut it and run it directly, might give you a clue where the problem is?

kristof_v




msg:3154229
 1:06 pm on Nov 12, 2006 (gmt 0)

indeed it seemed like the var has gone.
now i see it in the code :)

thx!

coopster




msg:3154232
 1:10 pm on Nov 12, 2006 (gmt 0)

Yes, dump that query first to see exactly where your issue might be. You might also want to turn up error_reporting [php.net] during development so your issues will be more obvious. Next, you should really be using mysql_real_escape_string [php.net] before pushing that POST information into a database table column. You cannot trust user-supplied information, ever.

Our PHP Forum Library [webmasterworld.com] has some very useful Troubleshooting [webmasterworld.com] tips as well.

bwstyle




msg:3156535
 7:56 pm on Nov 14, 2006 (gmt 0)

try $HTTP_POST_VARS instead of $_POST

coopster




msg:3158635
 3:31 pm on Nov 16, 2006 (gmt 0)

Although the older predefined variables ($HTTP_*_VARS) still exist, as of PHP 5.0.0, the long PHP predefined variable arrays may be disabled with the register_long_arrays directive, so they may no longer be present. I would recommend getting into the practice of using the *new* superglobals.

Predefined variables [php.net]

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved