homepage Welcome to WebmasterWorld Guest from 54.205.122.62
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Pubcon Platinum Sponsor 2014
Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
Database update not working with variable
Updates with hardcoded string but not variable
mvaz

5+ Year Member



 
Msg#: 4626332 posted 3:07 pm on Nov 27, 2013 (gmt 0)

Please advise what is wrong with the following:

$query = "INSERT INTO reports (summary) VALUES ('$rep_summary')";

If I change the variable to just 'rep_summary', the database gets updated.

I have echoed the variable $rep_summary (this value is coming from my function) and it spits out the contents that I need to update my database with.

I have spent quite a few hours trying to figure this out, but have no joy as yet.

Any suggestions, ideas, advise would be highly appreciated.

Regards

Melwyn

 

bhukkel



 
Msg#: 4626332 posted 3:44 pm on Nov 27, 2013 (gmt 0)

try to echo $query

is $rep_summary properly escaped?

mvaz

5+ Year Member



 
Msg#: 4626332 posted 4:58 pm on Nov 27, 2013 (gmt 0)

Thanks for the input @bhukkel, I echoed $query, and it showed a few apostrophe's so I trimmed and addslashed the variable, and now it updated the database.

I tell you at times, ones mind just doesn't function all that well.

Cheers!

swa66

WebmasterWorld Senior Member swa66 us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4626332 posted 10:40 pm on Nov 27, 2013 (gmt 0)

Try switching to prepared statements and get rid of the escaping madness.

Readie

WebmasterWorld Senior Member



 
Msg#: 4626332 posted 1:25 pm on Nov 28, 2013 (gmt 0)

Or alternativley look up paramaterised queries.

I know PostgreSQL for example loses efficiency when using prepare / execute as it does not know what data it has, so may choose a more generic and less efficient plan.

mvaz

5+ Year Member



 
Msg#: 4626332 posted 3:07 pm on Nov 28, 2013 (gmt 0)

Right, now after that issue, I have another road block.

I have this form, which has a select option, which is populated from my db, as an example, the select looks as below:

After the db has been queried -

echo '<select name="report_category">';
while ($row = mysql_fetch_assoc($selected)) {
$catg = $row['cat_name'];
echo '<option class="report_category" value="'.$row['id'] .'" >' .$catg;
}

Now using this value, I want to update another table with the value selected by the user from the list above, say if they selected the 1st, then the other db should update with 1, if 2nd, then update with 2, so and so forth.

$categ = trim(addslashes($_POST['report_category']));

After connecting to the db, the following query is run:

$query = "INSERT INTO db_name (cat_id) VALUES ('$categ')";

This query does not populate the db. Where have I gone wrong?

Any assistance is highly appreciated.

Readie

WebmasterWorld Senior Member



 
Msg#: 4626332 posted 6:31 pm on Nov 30, 2013 (gmt 0)

The code you provided looks functional.

After your mysql_query() call (btw - look into using mysqli, as the mysql group of PHP functions are deprecated now), add this bit of code. It may identify the problem for you:

mysql_query($query);
$error = mysql_error();
if($error) {
echo $error;
exit;
}

penders

WebmasterWorld Senior Member penders us a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



 
Msg#: 4626332 posted 6:50 pm on Nov 30, 2013 (gmt 0)

swa66: Try switching to prepared statements...


Readie: Or alternativley look up paramaterised queries.


Aren't these the same thing?

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved