could not update in mysqli command

Question

Maideen 0 Newbie Poster

10 Years Ago

Hi

I have another issue in Update. Could not be updated. pls help me

if (isset($_POST['update']) && $_POST['update']  != "" )

    {
        $id=$_POST["id"];
        $name = $_POST["name"];
        $address = $_POST["address"];
        $tel = $_POST["tel"];
        $fax = $_POST["fax"];
        $email = $_POST["email"];
        $website = $_POST["website"];
        $type = $_POST["type"];    



        try 
            {
            $sql="UPDATE bk_customer SET name='$name',address='$address', tel='$tel',fax='$fax',email='$email', website='$website',type='$type' WHERE id='$id'";
                    $result = mysqli_query($con,$sql) ; 
//                    $result=mysqli_fetch_assoc($con,$sql);

            } 
        catch (Exception $ex) 
            {
              echo $e->getMessage() . "\n";
              file_put_contents('PDOErrors.txt', $e->getMessage(), FILE_APPEND);
              exit();                   
            }

    }

mysql php

3 Contributors
4 Replies
156 Views
1 Day Discussion Span
Latest Post 10 Years Ago Latest Post by Maideen

Tinnin 8 Posting Whiz in Training

10 Years Ago

I would take a look at the way your setting out the variables in the SQL string. Do you need the additional quotations?

name={$variable}

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Maideen 0 Newbie Poster · Answer 1 · 2014-04-08T13:30:46+00:00

hi tinnin

I have echoed. It is fine. But the below error

It is echoed. it is fine
500 Kinney 661.64 af blandit.mattis@nonleoVivamus.ca www.mujveqthwgg.oys supplier

Warning: mysqli_query(): Couldn't fetch mysqli in
C:\xampp\htdocs\bkstore\customer\add_data.php on line 59

pls help me.

diafol · Answer 2 · 2014-04-09T07:42:41+00:00

Couple of things. You use mysqli - great - BUT you are in danger of SQL injection as you don't sanitize input variables (POST). However, mysqli allows binding parameters to prepared statements - you should do this.

This:

$sql="UPDATE bk_customer SET name='$name',address='$address', tel='$tel',fax='$fax',email='$email', website='$website',type='$type' WHERE id='$id'";

is probably the cause of your problem. A quick way to see what's going on would be to echo this statement to the screen and then copying/pasting the output statement to the phpmyadmin SQL box and running that. You should see an error.

Likewise if you add something like this:

if (!mysqli_query($con, $sql)) {
    printf("Errormessage: %s\n", mysqli_error($con));
}

You should get the error message.

Maideen 0 Newbie Poster · Answer 3 · 2014-04-09T12:09:40+00:00

Maideen 0 Newbie Poster

10 Years Ago

Thank you diafol
Solved.