homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

Database update not working with variable
Updates with hardcoded string but not variable

 3:07 pm on Nov 27, 2013 (gmt 0)

Please advise what is wrong with the following:

$query = "INSERT INTO reports (summary) VALUES ('$rep_summary')";

If I change the variable to just 'rep_summary', the database gets updated.

I have echoed the variable $rep_summary (this value is coming from my function) and it spits out the contents that I need to update my database with.

I have spent quite a few hours trying to figure this out, but have no joy as yet.

Any suggestions, ideas, advise would be highly appreciated.





 3:44 pm on Nov 27, 2013 (gmt 0)

try to echo $query

is $rep_summary properly escaped?


 4:58 pm on Nov 27, 2013 (gmt 0)

Thanks for the input @bhukkel, I echoed $query, and it showed a few apostrophe's so I trimmed and addslashed the variable, and now it updated the database.

I tell you at times, ones mind just doesn't function all that well.



 10:40 pm on Nov 27, 2013 (gmt 0)

Try switching to prepared statements and get rid of the escaping madness.


 1:25 pm on Nov 28, 2013 (gmt 0)

Or alternativley look up paramaterised queries.

I know PostgreSQL for example loses efficiency when using prepare / execute as it does not know what data it has, so may choose a more generic and less efficient plan.


 3:07 pm on Nov 28, 2013 (gmt 0)

Right, now after that issue, I have another road block.

I have this form, which has a select option, which is populated from my db, as an example, the select looks as below:

After the db has been queried -

echo '<select name="report_category">';
while ($row = mysql_fetch_assoc($selected)) {
$catg = $row['cat_name'];
echo '<option class="report_category" value="'.$row['id'] .'" >' .$catg;

Now using this value, I want to update another table with the value selected by the user from the list above, say if they selected the 1st, then the other db should update with 1, if 2nd, then update with 2, so and so forth.

$categ = trim(addslashes($_POST['report_category']));

After connecting to the db, the following query is run:

$query = "INSERT INTO db_name (cat_id) VALUES ('$categ')";

This query does not populate the db. Where have I gone wrong?

Any assistance is highly appreciated.


 6:31 pm on Nov 30, 2013 (gmt 0)

The code you provided looks functional.

After your mysql_query() call (btw - look into using mysqli, as the mysql group of PHP functions are deprecated now), add this bit of code. It may identify the problem for you:

$error = mysql_error();
if($error) {
echo $error;


 6:50 pm on Nov 30, 2013 (gmt 0)

swa66: Try switching to prepared statements...

Readie: Or alternativley look up paramaterised queries.

Aren't these the same thing?

Global Options:
 top home search open messages active posts  

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved