0

This IS NOT a question but a REMARK I should think very useful.

The following piece of code

$sql="UPDATE    Adherents
         SET    Prenom='$_POST[tfPrenom]',  
                Civilite='$_POST[mdCivil]',
                .....
       WHERE No_Adherent=$LeNumero";

[followed by the usual mysqli_query() call]

would constantly fail and was extremely difficult to debug: under 'die' condition

if (!$resultat) { die ('Unable to update: error code is ' . mysqli_connect_errno() . ' described as '. >mysqli_connect_error()); }

it would return 'Unable to update: error code is 0 described as', i.e. NO ERROR CODE, NO ERROR MESSAGE.

As a matter of fact, my mistake laid in a wrongly-spelled row name (one cannot notice it here, of course — a missing trailing letter).

CONCLUSION: mysqli_query() can generate an error without appropriate error code/message.

I hope this can help some.

John Woo
  • 258,903
  • 69
  • 498
  • 492
Brice Coustillas
  • 2,363
  • 2
  • 13
  • 18
  • **Your code is vulnerable to SQL injection.** You *really* should be using [prepared statements](http://stackoverflow.com/a/60496/623041), into which you pass your variables as parameters that do not get evaluated for SQL. If you don't know what I'm talking about, or how to fix it, read the story of [Bobby Tables](http://stackoverflow.com/q/332365/623041). – eggyal Oct 21 '12 at 04:48
  • I shall give it a close look. Thanks. – Brice Coustillas Oct 21 '12 at 19:07

2 Answers2

1

You are using the wrong functions.

As stated in the manual entry for mysqli_connect_errno():

Returns the last error code number from the last call to mysqli_connect().

You want mysqli_errno() and mysqli_error():

if (!$resultat) die (
  'Unable to update: error code is '
  . mysqli_errno($link) . ' described as ' . mysqli_error($link)
);
eggyal
  • 122,705
  • 18
  • 212
  • 237
0

Use the sprintf instead of using variable directly into the query string. 

$sql =sprintf("UPDATE Adherents SET Prenom= %s, Civilite=%s WHERE No_Adherent=%s",$_POST[tfPrenom], $_POST[mdCivil], $LeNumero);

PHP will replace the %s with the variables value.

Please try the following for detecting error:

<?php
$link = mysqli_connect("localhost", "my_user", "my_password", "world");

    /* check connection */
    if (mysqli_connect_errno()) {
        printf("Connect failed: %s\n", mysqli_connect_error());
        exit();
    }

    if (!mysqli_query($link, "update ...SET a=1")) {
        printf("Errormessage: %s\n", mysqli_error($link));
    }

    /* close connection */
    mysqli_close($link);
    ?>
Anam
  • 11,999
  • 9
  • 49
  • 63