18

I am basically just trying to update multiple values in my table. What would be the best way to go about this? Here is the current code:

$postsPerPage = $_POST['postsPerPage'];
$style = $_POST['style'];

mysql_connect ("localhost", "user", "pass") or die ('Error: ' . mysql_error());
mysql_select_db ("db");

mysql_query("UPDATE settings SET postsPerPage = $postsPerPage WHERE id = '1'") or die(mysql_error());

The other update I want to include is:

mysql_query("UPDATE settings SET style = $style WHERE id = '1'") or die(mysql_error());

Thanks!

Juan Mellado
  • 14,973
  • 5
  • 47
  • 54
Chris
  • 461
  • 3
  • 9
  • 16

4 Answers4

51

Add your multiple columns with comma separations:

UPDATE settings SET postsPerPage = $postsPerPage, style= $style WHERE id = '1'

However, you're not sanitizing your inputs?? This would mean any random hacker could destroy your database. See this question: What's the best method for sanitizing user input with PHP?

Also, is style a number or a string? I'm assuming a string, so it would need to be quoted.

Community
  • 1
  • 1
Fosco
  • 38,138
  • 7
  • 87
  • 101
6

Comma separate the values:

UPDATE settings SET postsPerPage = $postsPerPage, style = $style WHERE id = '1'"
Christian
  • 96
  • 3
1

If you are using pdo, it will look like

$sql = "UPDATE users SET firstname = :firstname, lastname = :lastname WHERE id= :id";
$query = $this->pdo->prepare($sql);
$result = $query->execute(array(':firstname' => $firstname, ':lastname' => $lastname, ':id' => $id));
Linh
  • 57,942
  • 23
  • 262
  • 279
0

I guess you can use:

$con = new mysqli("localhost", "my_user", "my_password", "world");
$sql = "UPDATE `some_table` SET `txid`= '$txid', `data` = '$data' WHERE `wallet` = '$wallet'";
if ($mysqli->query($sql, $con)) {
    print "wallet $wallet updated";
}else{
    printf("Errormessage: %s\n", $con->error);
}
$con->close();
Pedro Lobito
  • 94,083
  • 31
  • 258
  • 268