SQL UPDATE on page change

Question

im using PDO SQL to connect, connection is success, but this..

<?php
include 'db.php'; // Call SQL
$page = 'soon'; // Unique ID
$db = "UPDATE views 
       SET num = num + 1 
       WHERE page = '$page'";
?>

does not work

If I check the values in the database, num is unchanged.

$db = "UPDATE views SET num = num + 1 WHERE page = '".$page."'"; replace this query — Rahul, Mar 01 '17 at 10:12
UPDATE views SET num = isnull(num,0) + 1 WHERE page = '$page' — Singh Kailash, Mar 01 '17 at 10:13
What is $page and what is its value? You need to execute the query, but you need to make sure $page is properly initialized. If you can guarantee it will be numeric, then your query looks ok. If not, you need to make sure SQL injection is not possible in your case. — Lajos Arpad, Mar 01 '17 at 10:18

score 1 · Answer 1 · answered Mar 01 '17 at 10:16

1

This code is doing literally nothing. To have a query executed, you have to run it against a database. Besides, you should never ever add a variable directly to the query but only through a parameter:

<?php
include 'db.php'; // Call SQL
$page = 'soon'; // Unique ID
$stmt = $db->prepare("UPDATE views SET num = num + 1 WHERE page = ?"); // instead of $page
$stmt->execute([$page]); // here goes $page

answered Mar 01 '17 at 10:16

Your Common Sense

156,878
40
214
345

HTTP ERROR 500 :( – Patrik Kisbalázs Mar 01 '17 at 10:22
http://stackoverflow.com/questions/32648371/my-pdo-statement-doesnt-work – Your Common Sense Mar 01 '17 at 10:23
Instead of $db there should be a variable whereyou stored your PDO instance – Your Common Sense Mar 01 '17 at 10:38

SQL UPDATE on page change

1 Answers1