0

Hi
I've been all over these discussions and still cannot find the syntax that works!
When I echo $co and $bus, they both print on screen as they should. But when I try to update the mysql records using the following php, the business_name field data gets erased instead of changed.

This is my php. I've tried other ways too with same outcome.
Please help!!! Thanks!

$co = $_POST['contact_company'];
$bus = $row_contact['business_name'];
$query = "UPDATE events SET business_name='".$co."' WHERE business_name='".$bus."'";
$result = mysql_query($query, $events) or die(mysql_error());
4
Contributors
19
Replies
21
Views
6 Years
Discussion Span
Last Post by diafol
0

Are seem to be updating without cleaning your input - use mysql_real_escape_string() and maybe htmlentities() so that input is safe.

Try:

$query = "UPDATE events SET business_name='$co' WHERE business_name='$bus'";
0

Are seem to be updating without cleaning your input - use mysql_real_escape_string() and maybe htmlentities() so that input is safe.

Try:

$query = "UPDATE events SET business_name='$co' WHERE business_name='$bus'";

OK I used mysql_real_escape_string on $co, and used the single quotes in my query like this, but still same result. No different from before the change.

Here it is

$co = mysql_real_escape_string($_POST['contact_company']);
$bus = $row_contact['business_name'];
$query = "UPDATE events SET business_name='$co' WHERE business_name='$bus'";
$result = mysql_query($query, $events) or die(mysql_error());

Edited by featherwebdiva: n/a

0
$query = "UPDATE events SET business_name='lemon city' WHERE business_name='$bus'";
$result = mysql_query($query) or die(mysql_error());

Try a hard-coded string, see what happens.
//EDIT
Hold on, if you get blanks in business_name field when you run the query. DO you have any rows where the business_name = '$bus' any more?

Edited by diafol: n/a

0
$query = "UPDATE events SET business_name='lemon city' WHERE business_name='$bus'";
$result = mysql_query($query) or die(mysql_error());

Try a hard-coded string, see what happens.
//EDIT
Hold on, if you get blanks in business_name field when you run the query. DO you have any rows where the business_name = '$bus' any more?

thanks for your help, but I still can't get this to work.
hard-coded works.
and, no, all occurrences of business_name where business_name='$bus' are replaced with blanks.

0

OK, well your problem seems to be the POST variable then. You said you've echoed out $co. Try it again to see if there really is data in it.

At least the error has been isolated to the variable.

0

OK, well your problem seems to be the POST variable then. You said you've echoed out $co. Try it again to see if there really is data in it.

At least the error has been isolated to the variable.

echo $bus . ' -> ' . $co; // KMM promotions -> KMM
0

try using $_POST instead of just $co in your query if I have understood the problem properly?

0

try using $_POST instead of just $co in your query if I have understood the problem properly?

thank you!!! that worked
here it is

//$co = mysql_real_escape_string($_POST['contact_company']);
$bus = $row_contact['business_name'];
$query = "UPDATE events SET business_name='$_POST[contact_company]' WHERE business_name='$bus'";
$result = mysql_query($query, $events) or die(mysql_error());

Edited by featherwebdiva: n/a

0

thank you!!! that worked
here it is

//$co = mysql_real_escape_string($_POST['contact_company']);
$bus = $row_contact['business_name'];
$query = "UPDATE events SET business_name='$_POST[contact_company]' WHERE business_name='$bus'";
$result = mysql_query($query, $events) or die(mysql_error());

ok I must've been seeing things, it didn't work... ugggg... same result... blanks

0

Is the information that is being passed into the variables coming from a form?

if so is it inside an if statement declaring that this code must be run if the form is submitted?

if (isset($_POST['submit'])) {

$bus = $row_contact['business_name'];
$query = "UPDATE events SET business_name='$_POST[contact_company]' WHERE            business_name='$bus'";
$result = mysql_query($query, $events) or die(mysql_error());

}
0

Tell me you're not passing contact_company by url ($_GET). But you said:

> When I echo $co and $bus, they both print on screen as they should.

So I'm confused. Something very odd going on here if you can echo out $co just before the SQL and it seems OK and then the SQL gives a blank. If this really is the case, echo out your SQL statement before you run it:

$query = "UPDATE events SET business_name='$co' WHERE business_name='$bus'";
echo $query;
$result = mysql_query($query, $events) or die(mysql_error());
0

Is the information that is being passed into the variables coming from a form?

if so is it inside an if statement declaring that this code must be run if the form is submitted?

yes, it is this exactly

if (isset($_POST['submit']) && ($_POST['contact_company'] <> $row_contact['business_name'])) {
$co = mysql_real_escape_string($_POST['contact_company']);
$bus = $row_contact['business_name'];
$query = "UPDATE events SET business_name='$co' WHERE business_name='$bus'";
$result = mysql_query($query, $events) or die(mysql_error());
//echo $bus . ' -> ' . $co;
}
0

Tell me you're not passing contact_company by url ($_GET). But you said:

> When I echo $co and $bus, they both print on screen as they should.

So I'm confused. Something very odd going on here if you can echo out $co just before the SQL and it seems OK and then the SQL gives a blank. If this really is the case, echo out your SQL statement before you run it:

$query = "UPDATE events SET business_name='$co' WHERE business_name='$bus'";
echo $query;
$result = mysql_query($query, $events) or die(mysql_error());

UPDATE events SET business_name='KMM' WHERE business_name='KMM promotions'

I'm baffled arggg......

Edited by featherwebdiva: n/a

0

Ditto...

You do have current records in the table with business_name equal to 'KMM promotions'? If, as you say, these were written to blank, you replaced the blanks with 'KMM promotions' again before another trial?

Edited by diafol: n/a

0

Ditto...

You do have current records in the table with business_name equal to 'KMM promotions'? If, as you say, these were written to blank, you replaced the blanks with 'KMM promotions' again before another trial?

yes I do, after each test I then use pma to replace the blanks. There's got to be something I'm overlooking. I'm 2 days into this now with no solution! Seems like a bad php dream. Ever had one of those?

0

> Seems like a bad php dream. Ever had one of those?

Ermm, I think you need to get out more mate. :)

When you hard-code a value e.g. 'KMM' into the sql it works right?

Try

$co = "KMM"; //so not from $_POST
//then the rest of your code
0

I'm an idiot what can I say!
My form is posting to self so of course on first page load there is no $_POST, explains the blanks. Then on submit there's nothing to replace because the WHERE condition wouldn't be met. I didn't catch that on the echo $query until now. Ugggg... Sometimes fresh eyes are amazing!

if (isset($_POST['contact_company'])) {
...
}

Thanks for all the diagnostic help and SORRY for bothering with such silliness!
~Jennifer

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.