0

hey,
while working on my project, i encountered a problem .here's the description-
a teacher is required to insert marks of 15 students.( 15 is just the random no. , it can vary) . so a page is displayed with the roll no. and names with a text box in front of each in which marks have to be entered..a sort of table. and in the end teacher clicks submit.
now please anyone tell me how do get all the values on the php page and insert them in correct order in my database..?? it has to be done through array or some special function, if so , how? or anyone can suggest me a better way to insert the marks..??

4
Contributors
14
Replies
15
Views
7 Years
Discussion Span
Last Post by venkat0904
0

Do you mean like this:

//data stored in $arr

for ($i=0;isset($arr[$i]);$i++) {
mysql_query('INSERT INTO `table` SET `column`="'.mysql_real_escape_string($arr[$i]).'"');
}

Hope it helps.

0

i will try..
here's another problem that i encountered..
here's the update query..

$query = "UPDATE $table SET $sub_code=$marks WHERE r.no=$r_no LIMIT 1";
      mysqli_query($dbc, $query) or die('not possible');

i checked all the values of variables , and they are all correct..but this query isnt processing. i get an output 'not possible'.
i am unable to understand why is it so..? because i don't find anything wrong in it..

0

Well first I see a huge gaping security hole! Never, never use a variable for the table name (Unless the user has no control over this variable, meaning nowhere is it set from a $_GET, $_POST , or $_REQUEST value).
I would also escape all variables with mysql_real_escape_string() . Beyond that, this code isn't working due to a input error. Try printing the query before submitting it to see if there are any problems. Run this printed query through PhpMyAdmin and see if it throws up any errors.

echo "UPDATE ".$table." SET ".$sub_code."='".mysql_real_escape_string($marks)."' WHERE r.no='".mysql_real_escape_string($r_no)."' LIMIT 1";

Edited by FlashCreations: n/a

0

Also is there such function as mysqli_query(). Is it meant to be mysql_query() like the following?

$query="UPDATE ".$table." SET ".$sub_code."='".mysql_real_escape_string($marks)."' WHERE r.no='".mysql_real_escape_string($r_no)."' LIMIT 1";
mysql_query($query) or die(mysql_error());
0

well, i printed the query before processing it..and it is getting printed in a correct way with all correct variable values but still my query is not getting processed..
any other solution?

0

i am using xampp and it both mysql and mysqli works in it...i have been using mysqli for making my other php pages and it works perfect...

i have printed my query and its correct but still not getting processed..

0

i am using xampp and it both mysql and mysqli works in it...i have been using mysqli for making my other php pages and it works perfect...

i have printed my query and its correct but still not getting processed..

Just that the mysqli_query() function is not in the official documentation. Also you could try the following code.

$query="UPDATE ".$table." SET ".$sub_code."='".mysql_real_escape_string($marks)."' WHERE no='".mysql_real_escape_string($r_no)."' LIMIT 1";
mysqli_query($dbc, $query) or die('error');

Also this:

$query="UPDATE ".$table." SET ".$sub_code."='".mysql_real_escape_string($marks)."' WHERE no='".mysql_real_escape_string($r_no)."' LIMIT 1";
mysqli_query($query, $dbc) or die('error');
0

Just that the mysqli_query() function is not in the official documentation. Also you could try the following code.

$query="UPDATE ".$table." SET ".$sub_code."='".mysql_real_escape_string($marks)."' WHERE no='".mysql_real_escape_string($r_no)."' LIMIT 1";
mysqli_query($dbc, $query) or die('error');

Also this:

$query="UPDATE ".$table." SET ".$sub_code."='".mysql_real_escape_string($marks)."' WHERE no='".mysql_real_escape_string($r_no)."' LIMIT 1";
mysqli_query($query, $dbc) or die('error');

when i tried the code u specified..
first i got some odbc @ localhost error...instead of using mysql_real....
i used mysqli_real_string......so this error vanished..
but now i get a new error..
Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given in C:\xammp\xampp\htdocs\practice\editmarks1.php on line 58

Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given in C:\xammp\xampp\htdocs\practice\editmarks1.php on line 58

2 parameters..?? i dont get it..??

0

when i tried the code u specified..
first i got some odbc @ localhost error...instead of using mysql_real....
i used mysqli_real_string......so this error vanished..
but now i get a new error..
Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given in C:\xammp\xampp\htdocs\practice\editmarks1.php on line 58

Warning: mysqli_real_escape_string() expects exactly 2 parameters, 1 given in C:\xammp\xampp\htdocs\practice\editmarks1.php on line 58

2 parameters..?? i dont get it..??

also now when i print my qury, it doesnt display the values of my variables...

0

Perhaps this:

$query="UPDATE ".$table." SET ".$sub_code."='".mysqli_real_escape_string($dbc, $marks)."' WHERE no='".mysqli_real_escape_string($dbc, $r_no)."' LIMIT 1";
mysqli_query($dbc, $query) or die('error');

I just swapped the functions and it's usage.

0

You need to connect to your MySql host first before making queries. Why not try:

mysql_query("root", "", "localhost");
$query="UPDATE ".$table." SET ".$sub_code."='".mysql_real_escape_string($dbc, $marks)."' WHERE no='".mysql_real_escape_string($dbc, $r_no)."' LIMIT 1";
mysql_query($dbc, $query) or die('error');

(The second argument of most MySQL functions is the connection variable which PHP adds or MySQL assumes by default if a connection has been made)

Edited by FlashCreations: n/a

1

You need to connect to your MySql host first before making queries. Why not try:

mysql_query("root", "", "localhost");
$query="UPDATE ".$table." SET ".$sub_code."='".mysql_real_escape_string($dbc, $marks)."' WHERE no='".mysql_real_escape_string($dbc, $r_no)."' LIMIT 1";
mysql_query($dbc, $query) or die('error');

(The second argument of most MySQL functions is the connection variable which PHP adds or MySQL assumes by default if a connection has been made)

That won't work due to invalid syntax. The following would be more like it.

mysql_connect("localhost", "root", "password");
mysql_select_db('my_database');
$query="UPDATE ".$table." SET ".$sub_code."='".mysql_real_escape_string($marks)."' WHERE no='".mysql_real_escape_string($r_no)."' LIMIT 1";
mysql_query($query) or die(mysql_error());
0

thank you all, my problem has been solved..

Then mark the thread as solved so we dont waste time reading all the replies and finally come to know that its already been solved..

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.