Update query PHP MySQL

Question

Can anybody help me understand why this update query isn't updating the fields in my database? I have this in my php page to retrieve the current values from the database:

<?php

  $query = mysql_query ("SELECT * FROM blogEntry WHERE username = 'bobjones' ORDER BY id DESC");

  while ($row = mysql_fetch_array ($query)) 
  {
      $id = $row['id']; 
      $username = $row['username'];
      $title = $row['title'];
      $date = $row['date'];
      $category = $row['category'];
      $content = $row['content'];


    ?>

Here i my HTML Form:

<form method="post" action="editblogscript.php">
ID: <input type="text" name="id" value="<?php echo $id; ?>" /><br />
Username: <input type="text" name="username" value="<?php echo $_SESSION['username']; ?>" /><br />
Title: <input type="text" name="udtitle" value="<?php echo $title; ?>"/><br />
Date: <input type="text" name="date" value="<?php echo $date; ?>"/><br />
Message: <textarea name = "udcontent" cols="45" rows="5"><?php echo $content; ?></textarea><br />
<input type= "submit" name = "edit" value="Edit!">
</form>

and here is my 'editblogscript':

<?php

mysql_connect ("localhost", "root", "");
mysql_select_db("blogass");

if (isset($_POST['edit'])) {

    $id = $_POST['id'];
    $udtitle = $_POST['udtitle'];
    $udcontent = $_POST['udcontent'];


    mysql_query("UPDATE blogEntry SET content = $udcontent, title = $udtitle WHERE id = $id");
}

header( 'Location: index.php' ) ;





?>

I don't understand why it doesn't work.

score 30 · Accepted Answer · answered Jan 17 '12 at 11:11

30

You have to have single quotes around any VARCHAR content in your queries. So your update query should be:

mysql_query("UPDATE blogEntry SET content = '$udcontent', title = '$udtitle' WHERE id = $id");

Also, it is bad form to update your database directly with the content from a POST. You should sanitize your incoming data with the mysql_real_escape_string function.

answered Jan 17 '12 at 11:11

davidethell

11,708
6
43
63

around any string I believe. say, there are no varchar nor fields at all in the query `SELECT 'Hello World';` but quotes still required. – Your Common Sense Jan 17 '12 at 11:39
This is out of date. – Kerrial Beckett Newham Aug 13 '16 at 07:59
Yes, dear modern users, do not use this deprecated and insecure query. You should use `mysqli` or `pdo` with prepared statements and placeholders to make the query secure. Never blindly write user-submitted data directly into your query. – mickmackusa Mar 12 '18 at 02:13
Yes, for sure this is not the right way to execute a mysql query in php. It answers the original question, but is out of date. – davidethell Mar 12 '18 at 09:48

score 6 · Answer 2 · edited May 19 '16 at 03:58

6

Need to add quote for that need to use dot operator:

mysql_query("UPDATE blogEntry SET content = '".$udcontent."', title = '".$udtitle."' WHERE id = '".$id."'");

edited May 19 '16 at 03:58

Ani Menon

27,209
16
105
126

answered Oct 09 '12 at 06:44

Rabesh Lal Shrestha

304
1
6
18

score 5 · Answer 3 · answered Jan 17 '12 at 11:12

5

Without knowing what the actual error you are getting is I would guess it is missing quotes. try the following:

mysql_query("UPDATE blogEntry SET content = '$udcontent', title = '$udtitle' WHERE id = '$id'")

answered Jan 17 '12 at 11:12

MrKiane

4,803
2
17
27

sudhakar · Answer 4 · 2014-02-15T12:07:40.567

3

Here i updated two variables and present date and time

$id = "1";
$title = "phpmyadmin";

 $sql=  mysql_query("UPDATE table_name SET id ='".$id."', title = '".$title."',now() WHERE id = '".$id."' ");

now() function update current date and time.

note: For update query we have define the particular id otherwise it update whole table defaulty

edited Feb 15 '14 at 12:07

answered Feb 15 '14 at 11:34

sudhakar

302
1
3
9

pdu · Answer 5 · 2012-01-17T11:18:04.653

1

First, you should define "doesn't work".
Second, I assume that your table field 'content' is varchar/text, so you need to enclose it in quotes. content = '{$content}'
And last but not least: use echo mysql_error() directly after a query to debug.

edited Jan 17 '12 at 11:18

answered Jan 17 '12 at 11:12

pdu

10,295
4
58
95

use `mysql_error()` to find any error with database.. By this way you can solve your issues – Rafee Jan 17 '12 at 11:15
1

echoing doesn't seem convenient method. what if an error occurred while you're away? – Your Common Sense Jan 17 '12 at 11:38
1

I'd suggest to use trigger_error(). it will not only follow site-wide error-reporting rules (log or display) but also provide both filename and line number, which info can be priceless in case of logging errors – Your Common Sense Jan 17 '12 at 13:00

Vidya · Answer 6 · 2018-02-22T12:32:47.477

0

Try like this in sql query, It will work fine.

$sql="UPDATE create_test set url= '$_POST[url]' WHERE test_name='$test_name';";

If you have to update multiple columns, Use like this,

$sql="UPDATE create_test set `url`= '$_POST[url]',`platform`='$_POST[platform]' WHERE test_name='$test_name';";

edited Feb 22 '18 at 12:32

answered Feb 22 '18 at 12:17

Vidya

63
2
10

score -1 · Answer 7 · edited Jan 07 '14 at 10:27

-1

you must write single quotes then double quotes then dot before name of field and after like that

mysql_query("UPDATE blogEntry SET content ='".$udcontent."', title = '".$udtitle."' WHERE id = '".$id."' ");

edited Jan 07 '14 at 10:27

CloudyMarble

36,908
70
97
130

answered Jan 07 '14 at 10:04

fefe

1
1

Update query PHP MySQL

7 Answers7

Here i updated two variables and present date and time

Linked