How to update database using PHP variables?
First off, never use the deprecated mysql_*
API.
Switch to either PDO
or mysqli
, both have prepared statements
, which would make your code a tad bit more safe when it comes to SQL-Injections
(which your code is very open for).
When a query fails, the mysql_error()
global function will return the latest mysql error.
The easiest way to get information about a failing query is by adding or die(mysql_error());
after the query execution.
Example with your code:
$result = mysql_query($query) or die(mysql_error());
This will report your error and stop execute the script.
Your sql code is slightly wrong (as RST mentions), you are missing a comma between the values you are trying to set.
Using mysqli
and prepared statements
, your code could look something like:
// Using the mysqli object oriented style.
mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT);
$mysqli = new mysqli('localhost', 'username', 'password', 'database');
// Prepare the statement.
$statement = $mysqli->prepare('UPDATE billdata SET Total=?, Due=? WHERE InvoiceNo=?');
// The question marks is placeholders for the input that will be added in a while.
// Bind your parameters (ssi tells mysqli what type of params it is, s = string, i = int).
$statement->bind_param('ssi', $total, $due, $invoceno);
// Execute the statement.
$statement->execute();
// Cleanup.
$statement->close();
$mysqli->close();
PHP MYSQL Update Query with @variable not working
You can't put multiple queries in a single call to mysql_query()
. Split it into two calls:
$query = 'SET @order := 0';
mysql_query($query) OR die(mysql_error());
$query = 'UPDATE `task` SET `order` = @order := @order + 10 WHERE project = "'.$project.'";';
mysql_query($query) OR die(mysql_error());
Variables like @order
persist between calls, since they're associated with the connection, not the call.
PHP - using update with variables
The value for $username
should be wrap with single quotes
.
mysql_query(" UPDATE table_name
SET int_field = '$int_value'
WHERE username = '$username'");
SideNote: your code is vulnerable with SQL Injection
. Please read the article below to know how to secure your code,
Best way to prevent SQL injection in PHP?
Is there a way to use a variable in a MySQL update query
Most Importantly: Your query is open to SQL Injection related attacks. Please learn how to use Prepared Statements
Also, it seems that the value of your $lhs
variable is a Reserved keyword in MySQL. It is incidentally your column name as well. So, you need to use backticks (`), asking MySQL to consider it as a column/table/database name or some aliased expression.
Now, just do the following, to use $lhs
as a column in the Update query:
$update = "UPDATE table1 `" .
$lhs . "` = '" . $rhs . "'
WHERE id = '".$_SESSION['id']."' ";
mysqli_query($conn, $update);
passing php variable in mysql update
You have errors in your query, use this
UPDATE stud SET name='$name', lect ='$lectr', atnds ='$atndsr'
WHERE id = '$id' LIMIT 1
and you just wrote the query, not performing it, for that you have to use mysqli_query() or mysql_query() function....please let me know if you have any more doubts. and even in your $_POST global variable you have used
$lectr = $_POST[$lect][$i]; $atndsr = $_POST[$atnds][$i];
I know that it is not correct way. So, please before querying print out $_POST global variable and then use those keys in above. It could be like this
$lectr = $_POST['lect'][$i];
$atndsr = $_POST['atnds'][$i];
Related Topics
Insert Query Check If Record Exists - If Not, Insert It
How to Run Multiple Insert Query in SQL Using PHP in One Go
How to Check If a Directory Exists? "Is_Dir", "File_Exists" or Both
Get Div Content from External Website
Codeigniter Session Data Lost After Redirect
Codeigniter Send Email with Attach File
PHP Crop Image to Fix Width and Height Without Losing Dimension Ratio
Using Variables in MySQL Update (Php/Mysql)
Change Date Format (In Db or Output) to Dd/Mm/Yyyy - PHP MySQL
How to Connect SQL Server with PHP Using Xampp
What's the Most Efficient Test of Whether a PHP String Ends with Another String
Codeigniter Multiple File Upload Messes File Extension
Non-Breaking Utf-8 0Xc2A0 Space and Preg_Replace Strange Behaviour