<?php
$mysqli = mysqli_init();

$mysqli->real_connect("mysq.x.com","me","wordup","inthekitchin");

if ($mysqli->connect_errno) {
    echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
}



$res = $mysqli->query("UPDATE plate1 SET potatoes =('$_POST[potatoes]') WHERE id =('$_POST[id]')");
$row = $res->fetch_assoc();

?>

returnes error
Fatal error: Call to a member function fetch_assoc() on a non-object in /home/public_html/addvegtables.php on line 13

the way i was working was

1 what would you like to do . == UPDATE the poatoes coll on plate1
2 where would you like to do it == plate1
3 put potatoes on plate == set
4 where r the potatoes from ? == $_POST
5 which plate would you like to update? == from $_POST.

which bit am i missing ?

thanks :)

Recommended Answers

I think this is more of a php issue than MySQL

The SQL itself looks OK, but you insert unsanitized POST data into it. As you're using mysqli, you can use parameterized binding.

UPDATE `plate1` SET potatoes = ? WHERE id = ?

See

Jump to Post

All 12 Replies

Well, update doesn't return anything.
So of course you can't translate NOTHING into ROW.

Also, you don't need to wrap your query in parenthesis [ UPDATE table SET value=('value') ] Why not [ SET value='value' ] ???
Plus, it's better if you refer to post with quotes rather than symbol.
$_POST['value'] not $_POST[value]
You aren't necessarily wrong, but I'm fairly certain this behavior is deprecated for all but numeral type.

something like

$res = $mysqli->query "UPDATE plate1 [SET potatoes=$_POST['potatoes']] WHERE id =$_POST['id']";

give me
Parse error: syntax error, unexpected '"' in /home/public_html/addveg.php on line 12
so a Parse error is one that the server is having trouble trying to understand like grammer mistake ?

so i take out the "'s to read
$res = $mysqli->query UPDATE plate1 [SET potatoes=$_POST['potatoes']] WHERE id =$_POST['id'];

and we get

Parse error: syntax error, unexpected T_STRING in /home/public_html/addveg.php on line 12

this error says it found a string it was not looking for ?
if i take away anything else i will be left with potatoes and dont know which plate number to put them on or have a plate and no potatoes ? so i must be missing something to hold the potatoes to the plate ?

You took me too literally...

$res = $mysqli->query( "UPDATE `plate1` SET potatoes=$_POST['potatoes'] WHERE id=$_POST['id']" );

After it completes, don't expect $res to be a list of affected rows.
You can test $res for truth though,
$mysqli->query( "" ) or die( "reason" );
$res = ...
if( $res == false ) die ( "reason" );

ok i am lost,

$res is a function ?

the other side of = is the function itself ? so update plate1 with potatoes

$mysqli->query( "" ) or die( "reason" ); = says to me if potatoes added ("gotohere.php") or ("error") ?

    $res = $mysqli->query( "UPDATE `plate1` SET potatoes=$_POST['potatoes'] WHERE id=$_POST['id']" );   

if( $res == false ) die ( "reason" ); if the potatoes were not added echo ("reason")
line added if ($res == True ) echo "Potatoes on the plate"

Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/public_html/phoneprocess.php on line 11

this is from the page before

<textarea name="potatoes" id="potatoes" style="position:absolute;left:74px;top:139px;width:198px;height:61px;z-index:2;" rows="2" cols="27" title="potatoes">How would you like your Potatoes/frys/mash/boiled ect.?</textarea>

do you think that line could be the problem ?
thank you for sticking with me , i know this must seem basic.

if( !isset($_POST['potatoes'] || !isset($_POST['id']) ) die ("Invalid POST.");
$potatoes = $_POST['potatoes'];
$id = $_POST['id'];
$res = mysqli->query( "UPDATE `plate1` SET potatoes=$potatoes WHERE id=$id" );
Member Avatar

I think this is more of a php issue than MySQL

The SQL itself looks OK, but you insert unsanitized POST data into it. As you're using mysqli, you can use parameterized binding.

UPDATE `plate1` SET potatoes = ? WHERE id = ?

See http://php.net/manual/en/mysqli-stmt.execute.php

commented: Good call on parameters +0

wow i understand it a bit better now thanks,
where did this line come from ?
if( !isset($_POST['potatoes'] || !isset($_POST['id']) ) die ("Invalid POST.");

and what are these {!isset } , { || } please ?

as i am now getting

Parse error: syntax error, unexpected T_BOOLEAN_OR, expecting ',' or ')' in /home/public_html/addpotatoes.php on line 10

isset() is a function, which checks to see if some object is set, or not.

|| is a logical OR operator,
In english, you could say, "OR"
if( condition OR condition ) then ...

In this case, !isset($_POST['potatoes'] should be !isset($_POST['potatoes'])
In my haste, I didn't add the closing parenthesis.

Edit: It would behoove you to understand the error messages, most of them are quite simple.

it looks like we are getting somewhere , however
this

<?php
    $mysqli = mysqli_init();
    $mysqli->real_connect("mysq.x.com","me","key1","kitchin");
    if ($mysqli->connect_errno) {
    echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
    }
    if( !isset($_POST['potatoes']) || !isset($_POST['id']) ) die ("Invalid POST.");
    $potatoes = $_POST['potatoes'];
    $id = $_POST['id'];
    $res = $mysqli->query( "UPDATE `plate1` SET potatoes=$potatoes WHERE id=$id" );
?>

echos
Invalid POST

have tried $id = $_GET['id']; az well,

and where do i fine "||" on the keyboard ?

i dont have to empty the cell first do i ?

I did manage to get this line

$sql = "UPDATEplate1SETpotatoes='400' WHEREid= 12";

to input , so how do i change them to be varibales ?

You'll need to include the code (or HTML form) which POSTs; a small bit about how you use it would also be helpful.

the form that colects the id string and potatoes string looks like ,

<form name="Form1" method="post" action="gotplate.php" enctype="text/plain" id="Form1">
<textarea name="id" id="id" style="position:absolute;left:75px;top:70px;width:189px;height:51px;z-index:0;" rows="2" cols="25" title="id"><?php printf($row['id']); ?></textarea>
<textarea name="name" id="name" style="position:absolute;left:280px;top:73px;width:166px;height:45px;z-index:1;" rows="1" cols="22" title="placemat1"><?php printf($row['placemat1']); ?></textarea>
<textarea name="potatoes" id="potatoes" style="position:absolute;left:74px;top:139px;width:198px;height:61px;z-index:2;" rows="2" cols="27" title="potatoes">which potatoes would you like</textarea>
<input type="submit" id="Button1" name="" value="addpotatos" style="position:absolute;left:326px;top:153px;width:96px;height:25px;z-index:3;">
</form>

and the process page looks like

  <?php
        $mysqli = mysqli_init();
        $mysqli->real_connect("mysq.x.com","me","key2","kitchin");
        if ($mysqli->connect_errno) {
        echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
        }
        if( !isset($_POST['potatoes']) || !isset($_POST['id']) ) die ("Invalid POST.");
        $potatoes = $_POST['potatoes'];
        $id = $_POST['id'];
        $res = $mysqli->query( "UPDATE `plate1` SET potatoes=$potatoes WHERE id=$id" );
    ?>

sofar

got it text/plain should be multipart/form-data

THANKS ALL :)

Be a part of the DaniWeb community

We're a friendly, industry-focused community of 1.18 million developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.