Hi
I've been all over these discussions and still cannot find the syntax that works!
When I echo $co and $bus, they both print on screen as they should. But when I try to update the mysql records using the following php, the business_name field data gets erased instead of changed.

This is my php. I've tried other ways too with same outcome.
Please help!!! Thanks!

$co = $_POST['contact_company'];
$bus = $row_contact['business_name'];
$query = "UPDATE events SET business_name='".$co."' WHERE business_name='".$bus."'";
$result = mysql_query($query, $events) or die(mysql_error());

Recommended Answers

All 19 Replies

Member Avatar for diafol

Are seem to be updating without cleaning your input - use mysql_real_escape_string() and maybe htmlentities() so that input is safe.

Try:

$query = "UPDATE events SET business_name='$co' WHERE business_name='$bus'";

Are seem to be updating without cleaning your input - use mysql_real_escape_string() and maybe htmlentities() so that input is safe.

Try:

$query = "UPDATE events SET business_name='$co' WHERE business_name='$bus'";

OK I used mysql_real_escape_string on $co, and used the single quotes in my query like this, but still same result. No different from before the change.

Here it is

$co = mysql_real_escape_string($_POST['contact_company']);
$bus = $row_contact['business_name'];
$query = "UPDATE events SET business_name='$co' WHERE business_name='$bus'";
$result = mysql_query($query, $events) or die(mysql_error());
Member Avatar for diafol
$query = "UPDATE events SET business_name='lemon city' WHERE business_name='$bus'";
$result = mysql_query($query) or die(mysql_error());

Try a hard-coded string, see what happens.
//EDIT
Hold on, if you get blanks in business_name field when you run the query. DO you have any rows where the business_name = '$bus' any more?

$query = "UPDATE events SET business_name='lemon city' WHERE business_name='$bus'";
$result = mysql_query($query) or die(mysql_error());

Try a hard-coded string, see what happens.
//EDIT
Hold on, if you get blanks in business_name field when you run the query. DO you have any rows where the business_name = '$bus' any more?

thanks for your help, but I still can't get this to work.
hard-coded works.
and, no, all occurrences of business_name where business_name='$bus' are replaced with blanks.

Member Avatar for diafol

OK, well your problem seems to be the POST variable then. You said you've echoed out $co. Try it again to see if there really is data in it.

At least the error has been isolated to the variable.

OK, well your problem seems to be the POST variable then. You said you've echoed out $co. Try it again to see if there really is data in it.

At least the error has been isolated to the variable.

echo $bus . ' -> ' . $co; // KMM promotions -> KMM

try using $_POST instead of just $co in your query if I have understood the problem properly?

try using $_POST instead of just $co in your query if I have understood the problem properly?

thank you!!! that worked
here it is

//$co = mysql_real_escape_string($_POST['contact_company']);
$bus = $row_contact['business_name'];
$query = "UPDATE events SET business_name='$_POST[contact_company]' WHERE business_name='$bus'";
$result = mysql_query($query, $events) or die(mysql_error());

thank you!!! that worked
here it is

//$co = mysql_real_escape_string($_POST['contact_company']);
$bus = $row_contact['business_name'];
$query = "UPDATE events SET business_name='$_POST[contact_company]' WHERE business_name='$bus'";
$result = mysql_query($query, $events) or die(mysql_error());

ok I must've been seeing things, it didn't work... ugggg... same result... blanks

Is the information that is being passed into the variables coming from a form?

if so is it inside an if statement declaring that this code must be run if the form is submitted?

if (isset($_POST['submit'])) {

$bus = $row_contact['business_name'];
$query = "UPDATE events SET business_name='$_POST[contact_company]' WHERE            business_name='$bus'";
$result = mysql_query($query, $events) or die(mysql_error());

}
Member Avatar for diafol

Tell me you're not passing contact_company by url ($_GET). But you said:

> When I echo $co and $bus, they both print on screen as they should.

So I'm confused. Something very odd going on here if you can echo out $co just before the SQL and it seems OK and then the SQL gives a blank. If this really is the case, echo out your SQL statement before you run it:

$query = "UPDATE events SET business_name='$co' WHERE business_name='$bus'";
echo $query;
$result = mysql_query($query, $events) or die(mysql_error());

Is the information that is being passed into the variables coming from a form?

if so is it inside an if statement declaring that this code must be run if the form is submitted?

yes, it is this exactly

if (isset($_POST['submit']) && ($_POST['contact_company'] <> $row_contact['business_name'])) {
$co = mysql_real_escape_string($_POST['contact_company']);
$bus = $row_contact['business_name'];
$query = "UPDATE events SET business_name='$co' WHERE business_name='$bus'";
$result = mysql_query($query, $events) or die(mysql_error());
//echo $bus . ' -> ' . $co;
}

Tell me you're not passing contact_company by url ($_GET). But you said:

> When I echo $co and $bus, they both print on screen as they should.

So I'm confused. Something very odd going on here if you can echo out $co just before the SQL and it seems OK and then the SQL gives a blank. If this really is the case, echo out your SQL statement before you run it:

$query = "UPDATE events SET business_name='$co' WHERE business_name='$bus'";
echo $query;
$result = mysql_query($query, $events) or die(mysql_error());

UPDATE events SET business_name='KMM' WHERE business_name='KMM promotions'

I'm baffled arggg......

Member Avatar for diafol

Ditto...

You do have current records in the table with business_name equal to 'KMM promotions'? If, as you say, these were written to blank, you replaced the blanks with 'KMM promotions' again before another trial?

Hai, just echo the $query as Mr. ardav said, if the problem is still no solved.

Ditto...

You do have current records in the table with business_name equal to 'KMM promotions'? If, as you say, these were written to blank, you replaced the blanks with 'KMM promotions' again before another trial?

yes I do, after each test I then use pma to replace the blanks. There's got to be something I'm overlooking. I'm 2 days into this now with no solution! Seems like a bad php dream. Ever had one of those?

Member Avatar for diafol

> Seems like a bad php dream. Ever had one of those?

Ermm, I think you need to get out more mate. :)

When you hard-code a value e.g. 'KMM' into the sql it works right?

Try

$co = "KMM"; //so not from $_POST
//then the rest of your code

I'm an idiot what can I say!
My form is posting to self so of course on first page load there is no $_POST, explains the blanks. Then on submit there's nothing to replace because the WHERE condition wouldn't be met. I didn't catch that on the echo $query until now. Ugggg... Sometimes fresh eyes are amazing!

if (isset($_POST['contact_company'])) {
...
}

Thanks for all the diagnostic help and SORRY for bothering with such silliness!
~Jennifer

Member Avatar for diafol

Please mark this post as solved.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.