#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2009
    Posts
    4
    Rep Power
    0

    UPDATE not updating, no error


    Running the following through a php script but it's not updating the row. Any ideas? When I echo out the variables via the script, they are all valid with content. No errors being displayed at runtime.

    UPDATE table_topics SET lastpost='$timerightnow|$loginname|$initialtime' WHERE topicid=$topicid AND forumid=$forumid

    Is it possible it thinks $timerightnow|$loginname|$initialtime is one variable rather than three?
  2. #2
  3. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    Hi,

    this is obviously a PHP issue. I've requested it to be moved.

    In any case, we need concrete info:
    • What's the full code?
    • Does the query code ever get executed?
    • If so, what does the query look like? I mean the actual query that gets send to the database with all variables already evaluated by PHP.
    • What happens when you paste the query into phpmyadmin and execute it?
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  4. #3
  5. Sarcky
    Devshed Supreme Being (6500+ posts)

    Join Date
    Oct 2006
    Location
    Pennsylvania, USA
    Posts
    10,907
    Rep Power
    6351
    Does your code actually display errors? You've just pulled the argument to a query function out of your code and dumped it here. Check the errors, print the query, etc.

    Also, if you're putting pipe-delimited data into a database field, you're almost certainly doing it wrong.
    HEY! YOU! Read the New User Guide and Forum Rules

    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin

    "The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002

    Think we're being rude? Maybe you asked a bad question or you're a Help Vampire. Trying to argue intelligently? Please read this.
  6. #4
  7. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2009
    Posts
    4
    Rep Power
    0
    Tried running the UPDATE via phpadmin and it updates. Tried echoing out the variables just prior to the UPDATE and they are as expected and correct. A similar, but more complex UPDATE with the same variables elsewhere in the script runs correctly.

    The code is as below, I cannot see where the issue is.


    PHP Code:

            
    if (in_array$topicid $allowed )) { 
                
                
    $query $db->query("SELECT lastpost FROM table_topics WHERE forumid=$forumid AND topicid=$topicid");
                
    $thelpost $db->fetch_array($query);
                
    $db->free_result($query);
                
            
    $lastpost explode("|"$thelpost['lastpost']);
                
    $initialtime $lastpost[2];
                
    $timerightnow time();
            
    $db->query("UPDATE table_topics SET lastpost='$timerightnow|$loginname|$initialtime' WHERE topicid=$topicid AND forumid=$forumid'");

            } 
  8. #5
  9. Sarcky
    Devshed Supreme Being (6500+ posts)

    Join Date
    Oct 2006
    Location
    Pennsylvania, USA
    Posts
    10,907
    Rep Power
    6351
    And again I say: Check the errors, print the query, etc.

    Check the database errors on failure. Your code does not do this.

    Print the query as it's being executed. Your code does not do this.
    HEY! YOU! Read the New User Guide and Forum Rules

    "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -Benjamin Franklin

    "The greatest tragedy of this changing society is that people who never knew what it was like before will simply assume that this is the way things are supposed to be." -2600 Magazine, Fall 2002

    Think we're being rude? Maybe you asked a bad question or you're a Help Vampire. Trying to argue intelligently? Please read this.
  10. #6
  11. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,959
    Rep Power
    1014
    The whole code is broken, actually. No idea why I didn't notice that in the first post.

    • Never insert variables directly into query strings. This makes your code wide open to SQL injections. This is even sadder given the fact that you're using MySQLi, which has prepared statements to securely pass variables to queries.
    • A CSV within in a table column (I'm talking about the "...|...|..." stuff) is very, very wrong, as ManiacDan already pointed out. It breaks the whole concept of relational databases and leads to terrible workarounds and garbage data. No, you do not update relational data by parsing some CSV string, changing it in your application and writing it back to the database. Look up "first normal form".
    • $forumid and $loginname aren't defined anywhere in your code. This cannot work.


    You claimed that all data and queries are correct, but this is impossible with the above code. I suggest reading up on how to properly use relational databases and then rewriting the code. Depending on how the other code looks like, it might even make sense to start from scratch.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  12. #7
  13. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2002
    Location
    europe
    Posts
    287
    Rep Power
    14
    Additionally to what was said already I'd like to mention that there is a single quote too much in your UPDATE statement, right behind $forumid'. Thus $forumid' will not be found in the where condition

    Comments on this post

    • ManiacDan agrees : You found it!
    http://www.digikix.de

IMN logo majestic logo threadwatch logo seochat tools logo