How should I update MySQLi table columns?

Question

    <?php
    require 's*****.php';

I have MySQLi columns called balance, balancedeficit, overallbalance, price, totalprice and offcourse id in my table Warehouse. So my problem is below.

$sql = "UPDATE Warehouse SET balance ='" . $_POST['Warehouse_balance'] ."'
, balancedeficit ='" . $_POST['Warehouse_balance'] . "' - overallbalance '
, totalprice ='balancedeficit * price'  WHERE id=" . $_POST['Warehouse_id'];

So I want that when balance get updated from form, my SQL query calculates all the rest. How should I edit that query or what should I do.

$sql = "UPDATE Warehouse SET balance ='" . $_POST['Warehouse_balance'] ."', editor='" . $_POST['Warehouse_editor'] ."' WHERE id=" . $_POST['Warehouse_id'];

Above is working little bit different sql query without those calculations

    if ($conn->query($sql) === TRUE) {
        echo "<meta http-equiv='refresh' content='0;url=index.php' />";
    } else {
    echo "
        <meta http-equiv='refresh' content='8;url=index.php' />
        <h1>VIRHE!</h1>Tarkista sy&ouml;tetyt tiedot. Sivu palautuu 8 sekunnin p&auml;&auml;st&auml; takaisin. " . $conn->error;
    }

    $conn->close();
    ?>

Thanks for the replies.

[Your script is at risk for SQL Injection Attacks.](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) — Jay Blanchard, Sep 22 '15 at 20:09
I'm not sure what you're after, but you should probably just calculate the new values in PHP and send them to the update query. Is that not possible? If not, you're going to have to explain what the actual problem is a little better for me. — Matt Runion, Sep 22 '15 at 20:10
`totalprice ='balancedeficit * price'` means that `totalprice` equals `'balancedeficit * price'` which is a string. — u_mulder, Sep 22 '15 at 20:11

score -2 · Answer 1 · answered Sep 22 '15 at 20:51

-2

$sql = "UPDATE Warehouse SET balance ='" . $_POST['Warehouse_balance'] ."', balancedeficit =(bbalance - '" . $_POST['Warehouse_balance'] . "'), totalprice = (balancedeficit * price)  WHERE id=" . $_POST['Warehouse_id'];

answered Sep 22 '15 at 20:51

sukkis

312
2
17

Please [edit] with more information. Code-only and "try this" answers are [discouraged](//meta.stackexchange.com/questions/196187), because they contain no searchable content, and don't explain why someone should "try this". We make an effort here to be a resource for knowledge. – Mogsdad Sep 22 '15 at 21:33

How should I update MySQLi table columns?

1 Answers1