2

This is my mysql statement but for some reason it isn't actually working and I can't figure out why. Thanks in advance!

$ID = $_GET['post'];
$length = $_POST['excerpt_length'];

more code here to connect and select db...

mysql_query("
INSERT INTO wp_posts (excerpt)
VALUES(" . $length . ")
WHERE ID = " . $ID . "
OR post_name LIKE '" . $ID . "%'");

This is for wordpress and I'm making an option to add an excerpt length because as far as I am aware, there isn't any yet. Thanks!

Ethan Brouwer

Ethan Brouwer
  • 975
  • 9
  • 32
  • There's no `WHERE` needed in `INSERT INTO` because it will be appended at the end anyway. Just leave it out – dan-lee Jun 05 '12 at 07:20
  • This is vulnerable to SQL injection, read this thread to learn how to prevent it: http://stackoverflow.com/questions/60174/best-way-to-prevent-sql-injection-in-php – ChristopheD Jun 05 '12 at 07:24

5 Answers5

4

If you already have an ID, and you want to keep the ID as it is, use an UPDATE statement.

AlienWebguy
  • 76,997
  • 17
  • 122
  • 145
3

You cant use where in insert into because you are supposed to create a new record, there is no referenced to look for. You must use Update instead.

mysql_query("
UPDATE wp_posts 
SET excerpt = '" . $length . "'
WHERE ID = '" . $ID . "'
OR post_name LIKE '" . $ID . "%'");
sephoy08
  • 1,104
  • 7
  • 16
1

INSERT ... inserts a new row into the table. It has no WHERE clause.
If you want to update an existing row, use an UPDATE ... statement.

deceze
  • 510,633
  • 85
  • 743
  • 889
1

As Dan points out your syntax is incorrect. If you want to limit the excerpt length in WordPress you can use filters. Have a look at this post.

fraabye
  • 136
  • 6
0

I haven't checked, but I wouldn't think you can use an OR-statement in an INSERT-query. Maybe do another query before this one to find out an id to insert to..?

Gustav
  • 1,361
  • 1
  • 12
  • 24