0

i have PHP file that post data to database sequentially ( row by row ) using url , i want to know how can post data at specific row and if there is data in that row replace it by new value 

<?php

$dbusername = "root"; 
$dbpassword = "root";  
$server = "192.168.137.150"; 
$dbconnect = mysql_pconnect($server, $dbusername, $dbpassword);
$dbselect = mysql_select_db("test",$dbconnect);
$sql = "INSERT INTO test.a0 (a0) VALUES ('".$_GET["value"]."')";    
mysql_query($sql)

?>

jarlh
  • 42,561
  • 8
  • 45
  • 63
Glorie
  • 1
  • 1
  • 4
    1. You should upsert the row, rather than inserting a new value. 2. Your code is wide open to [SQL injection](https://en.wikipedia.org/wiki/SQL_injection)! – BenM Sep 13 '18 at 15:16
  • @BenM Or it sounds like perhaps an upsert is appropriate. – Tim Biegeleisen Sep 13 '18 at 15:16
  • You can normally do more or less what you're trying to do by using INSERT .. ON DUPLICATE KEY UPDATE (https://dev.mysql.com/doc/refman/8.0/en/insert-on-duplicate.html). But you need a unique key, and you need to be trying to insert more than one value. – Chris Lear Sep 13 '18 at 15:19
  • See also https://stackoverflow.com/questions/14383503/on-duplicate-key-update-same-as-insert – Chris Lear Sep 13 '18 at 15:20
  • i am new to php and mysql , i didn't understand the solutions – Glorie Sep 13 '18 at 15:42
  • **WARNING**: Do not use the obsolete [`mysql_query`](http://php.net/manual/en/function.mysql-query.php) interface which was removed in PHP 7. A replacement like [PDO is not hard to learn](https://phpdelusions.net/pdo) and a guide like [PHP The Right Way](http://www.phptherightway.com/) helps explain best practices. Here parameters are **NOT** [properly escaped](http://bobby-tables.com/php) and this has severe [SQL injection bugs](http://bobby-tables.com/) in this code. Escape **any** and all user data, especially from `$_POST` or `$_GET`. – tadman Sep 13 '18 at 17:30
  • Consider using a [development framework](http://codegeekz.com/best-php-frameworks-for-developers/) to solve problems like this. These give you patterns to follow for organizing your code into proper model, view and controller contexts and avoids ending up with a confused stew of concerns, with HTML, PHP, SQL, and JavaScript all jumbled together. Frameworks come in many forms from really lean like [Fat-Free Framework](https://fatfreeframework.com/) to exceptionally full-featured like [Laravel](http://laravel.com/) and many spots in between. – tadman Sep 13 '18 at 17:31

1 Answers1

0

Depending on logic you need in the table, usually you have to look for the entry with SELECT first and then UPDATE if exists or INSERT if missing (2 queries required: SELECT + UPDATE/INSERT).

You can also make that field key and directly use INSERT ... ON DUPLICATE KEY UPDATE in a single query.

TopReseller
  • 623
  • 4
  • 6
  • i am new to php and mysql , i didn't understand the solutions – Glorie Sep 13 '18 at 16:03
  • You're going to have to spend some time either reading the documentation, or finding some other material that goes over the same thing in a form that's better suited to how you prefer to learn. There's many resources out there, but the documentation is usually a good place to start. – tadman Sep 13 '18 at 17:31