Hi all...
I need your help, there must be something I am not seeing here when trying to update a table of information in a database.
Here is the code I am currently using.
In my program I have this call...
if (($_POST['changeAddress'] != "") || ($_POST['changeAddress'] != null)) {
// Change the Address1
echo "Change Address...<br />";
$userID = $_SESSION['uid'];
$theUID = (int)$userID;
$theValue = $_POST['changeAddress'];
$updateDB = "UPDATE userinfo (memberAddress) VALUE ('{$theValue}') where (memberID = {$theUID})";
InfoUpdate($updateDB);
}
And in an include file I have this function being called...
function InfoUpdate($updateThis) {
// Inserts/Injects Data into database using the query passed along...
$db = mysql_connect('dbserver', 'dbname', 'dbpassword');
mysql_select_db('dbname', $db);
$queryResult = mysql_query('$updateThis');
if ($queryResult) {
echo 'Success.';
}
else {
echo '<br />Insertion failed. Please try again.';
}
}
I am able to use INSERT just fine, however doing an UPDATE with a WHERE clause seems to not affect anything, and gave errors as to the syntax "near 'WHERE...' but then nothing at all here but the obvious "Insertion Failed" error being echoed out. Echoed out it shows:
UPDATE userinfo (memberAddress) VALUE ('2112 Rush Ave.') where (memberID = 4)
The variable $updateThis shows everything is there and should work correctly. I'd tried several variations of syntax but no success. I am using PHP 5.+ and an updated MySQL server as well insofar as it was just updated a few months ago.
THANKS for any assistance in advance!
-Tom
PS: I'd been reading and 'trying' to learn security measures but am more interested in it simply working. I'll then back it all up and start working with the .htaccess since I'm on a more public/shared server as well as other security methods/aspects. I'm a bit in over my head for this project but determined.