Hi guys, I have a trouble of updating the data in the database by input the data at the end of the url. It have not been added in the table. Here it is updated: <?php session_start(); define('DB_HOST', 'localhost'); define('DB_USER', 'myusername'); define('DB_PASSWORD', 'mypassword'); define('DB_DATABASE', 'mydatabasename'); $errmsg_arr = array(); $errflag = false; $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } function clean($var){ return mysql_real_escape_string(strip_tags($var)); } $login = clean($_GET['user']); $password = clean($_GET['pass']); $firstname = clean($_GET['firstname']); if($login == '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'PASSWORD ID missing'; $errflag = true; } if($value == '') { $errmsg_arr[] = 'THE first name IS missing'; $errflag = true; } if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; echo implode('<br />',$errmsg_arr); } else { $qry="SELECT * FROM members WHERE login='$login' AND passwd='$password'"; $result=mysql_query($qry) or die('Error:<br />' . $qry . '<br />' . mysql_error()); if(mysql_num_rows($result) > 0) { $row = mysql_fetch_row($result); echo $row[0]; } else { echo 'Username, Password or first name is not found.'; close; $sql="INSERT INTO members (firstname, lastname) VALUES ('$_POST[firstname]','$_POST[lastname]')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "first name have been updated"; } ?> PHP: It have only login in the database but did not doing any update when I have input the data at the end of the url to get the database update. Do you know why I can't update the data in the database by input the data in the url like this? http://www.mysite.com/updatemysql.p...name=shitorwhateveriwanttoinputandgetitupdate Do you have any idea and maybe if I have miss something?
Thanks media, I have changed UPDATE instead of using the INSERT, but it doesn't update the value in the database table after I have input the value in the url bar. Here it is the update code: <?php session_start(); define('DB_HOST', 'localhost'); define('DB_USER', 'myusername'); define('DB_PASSWORD', 'mypassword'); define('DB_DATABASE', 'mydatabasename'); $errmsg_arr = array(); $errflag = false; $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } function clean($var){ return mysql_real_escape_string(strip_tags($var)); } $login = clean($_GET['user']); $password = clean($_GET['pass']); $value = clean($_GET['firstname']); //variable in the url you posted was firstname, not value. if($login == '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'PASSWORD ID missing'; $errflag = true; } if($value == '') { $errmsg_arr[] = 'THE FIRSTNAME is missing'; $errflag = true; } if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; echo implode('<br />',$errmsg_arr); } else { $qry="SELECT * FROM members WHERE login='$login' AND passwd='$password'"; $result=mysql_query($qry) or die('Error:<br />' . $qry . '<br />' . mysql_error()); if(mysql_num_rows($result) > 0) { $row = mysql_fetch_row($result); echo $row[0]; } else { echo 'Username, Password or value is not found.'; $firstname = clean($_POST['firstname']); $lastname = clean($_POST['lastname']); $sql="UPDATE INTO members ($firstname, $lastname) VALUES ('$_POST[firstname]','$_POST[lastname]')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "first name have been updated"; } } ?> PHP: As it will only login when I have input the valid username and password in the address bar. It will not update the value in the database table when I input the value in the address bar. Do you know how to get the database table update when I input the value in the address bar which are like this? http://www.mysite.com/updatemysql.php?user=test&pass=test&firstname=whateveriwanttoinputandgetitupdate Any idea?
Invalid UPDATE syntax. <?php session_start(); define('DB_HOST', 'localhost'); define('DB_USER', 'myusername'); define('DB_PASSWORD', 'mypassword'); define('DB_DATABASE', 'mydatabasename'); $errmsg_arr = array(); $errflag = false; $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } function clean($var){ return mysql_real_escape_string(strip_tags($var)); } $login = clean($_GET['user']); $password = clean($_GET['pass']); $value = clean($_GET['firstname']); //variable in the url you posted was firstname, not value. if($login == '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'PASSWORD ID missing'; $errflag = true; } if($value == '') { $errmsg_arr[] = 'THE FIRSTNAME is missing'; $errflag = true; } if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; echo implode('<br />',$errmsg_arr); } else { $qry="SELECT * FROM members WHERE login='$login' AND passwd='$password'"; $result=mysql_query($qry) or die('Error:<br />' . $qry . '<br />' . mysql_error()); if(mysql_num_rows($result) > 0) { $row = mysql_fetch_row($result); echo $row[0]; } else { echo 'Username, Password or value is not found.'; $firstname = clean($_POST['firstname']); $lastname = clean($_POST['lastname']); $sql="UPDATE members SET firstName='$firstName', lastName='$lastname' WHERE login='$login'"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo "First and last name for $login have been updated"; } } ?> PHP: ** Check if the table fields are valid - I was just guessing as you haven't showed us your table structure.
Hi, As you are passing the values in the query string , the value has to be retrieved using $_GET , so use the following $firstname = clean($_GET['firstname']); $lastname = clean($_GET['lastname']);
Thanks, but there are another variable error in line 65. $firstname = clean($_GET['firstname']); PHP: Parse error: syntax error, unexpected T_VARIABLE in /home/username/public_html/mysite.com/testupdate.php on line 65 I am not sure what I should do. Please help!!
This is my guess as from experience, you can't figure it out by editing or looking on config.php. but, you need to find the sql text (update updatemysql.php) You have to navigate your files to find the missing data and you can upload or manually paste it to your phpmyadmin. Hope this helps.
Thanks Media, I have changed $link instead of using $con call. However, the data at the end of the url that come after the equal (www.mysite.com/testupdate.php?user=test&pass=test&firstname=whateverihaveinputrighthere have not been update in the table. It still only get access to the database without post the data in the table. Any idea?
I have adjusted some parts of the code, as it seen to be fixed right now. As I cannot be able to write the data in the database by input the data at the end of the url which it looks like this: http://www.mysite.com/updatemysql.p...ame=whateveriwanttoinputthenposttothedatabase PHP Code: <?php session_start(); define('DB_HOST', 'localhost'); define('DB_USER', 'myusername'); define('DB_PASSWORD', 'mypassword'); define('DB_DATABASE', 'mydatabasename'); $errmsg_arr = array(); $errflag = false; $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if(!$link) { die('Failed to connect to server: ' . mysql_error()); } $db = mysql_select_db(DB_DATABASE); if(!$db) { die("Unable to select database"); } function clean($var){ return mysql_real_escape_string(strip_tags($var)); } $login = clean($_GET['user']); $password = clean($_GET['pass']); $firstname = clean($_GET['firstname']); //variable in the url you posted was firstname, not value. if($login == '') { $errmsg_arr[] = 'Login ID missing'; $errflag = true; } if($password == '') { $errmsg_arr[] = 'PASSWORD ID missing'; $errflag = true; } if($firstname == '') { $errmsg_arr[] = 'THE FIRSTNAME is missing'; $errflag = true; } if($errflag) { $_SESSION['ERRMSG_ARR'] = $errmsg_arr; echo implode('<br />',$errmsg_arr); } else { $qry="SELECT * FROM members WHERE login='$login' AND passwd='$password'"; $result=mysql_query($qry) or die('Error:<br />' . $qry . '<br />' . mysql_error()); if(mysql_num_rows($result) > 0) { $row = mysql_fetch_row($result); echo $row[0]; } else { echo 'Username, Password or value is not found.'; $firstname = clean($_POST['firstname']); $lastname = clean($_POST['lastname']); $sql="update members set firstname='$_POST[firstname],lastname=$_POST[lastname] where login='$login' and passwd='$password'"; if (!mysql_query($sql,$link)) { die('Error: ' . mysql_error()); } echo "first name have been updated"; } } ?> PHP: I want to post the data to the database by input the value, whatever I input at the end of the url. Whatever happens is that the code are only get access to the database, it will not post the data in the table when I tried to put whatever text I have put on the end of the url. I am not sure if I should remove the login method and I am not sure how to write in the table by input the value at the end of the url. I don't want to login, I want to write the data in the table by input the data at the end of the url. I have tried everything I could do for, but I cannot find any situation. Please help!!!!!!!!
Hi, try changing this line to: $sql="update members set firstname='$firstname',lastname='$lastname' where login='$login' and passwd='$password'"; PHP: Regards