sql statement not updating [closed]
This question is unlikely to help any future visitors; it is only relevant to a small geographic area, a specific moment in time, or an extraordinarily narrow situation that is not generally applicable to the worldwide audience of the internet. For help making this question more broadly applicable, visit the help center.
Closed 11 years ago.
I have the following php code that is supposed to connect to the database and update some info. However it is not updating. It doesnt give any errors, it connects just fine... the sql statement just doesnt seem to be working but everything looks ok to me.
if ($send != "no") {
$db_name = "auctionfinal";
$table_name = "auctions";
$connection = @mysql_connect("auctionfinal.db.6084638.hostedresource.com", "xxxx", "xxxx") or 开发者_开发问答die(mysql_error());
$db = @mysql_select_db($db_name, $connection) or die(mysql_error());
$sql = "UPDATE $table_name SET curbid = '$_POST[price]', nbids = '$totalnbid' WHERE aucname = '$auc' ";
$result = @mysql_query($sql, $connection) or die(mysql_error());
if ($result) {
echo "Thank you! You have bid on the auction for $auc, the current bid is $curbid, there have been $nbids bids on this auction so far.";
}
} else if ($send == "no") {
echo "$user_err";
}
It doesn't give any errors because you've told PHP to ignore errors. Remove the "@" from in front of all the mysql function calls, you'll get the errors.
The "@" symbol in front of php mysql function suppresses any errors. Remove it and then you'll see if there are any errors.
This is one of the risks you take using variable expansion inside strings.
This statement:
$sql = "UPDATE $table_name SET curbid = '$_POST[price]', nbids = '$totalnbid' WHERE aucname = '$auc' ";
... would be better written as:
$sql = "UPDATE ".$table_name." SET curbid = '".mysql_real_escape_string($_POST['price'])."', nbids = '".mysql_real_escape_string($totalnbid)."' WHERE aucname = '".mysql_real_escape_string($auc)."' ";
加载中,请稍侯......
精彩评论