Overwriting data in a MySQL table

With the query below, I am trying to overwrite the 10th field in a MySQL table called "login" with the value NEW_VALUE. It's not working. Is the code below the correct method for overwriting existing data in a MySQL table?

Thanks in advance,

John

INSERT INTO login VALUES (NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, 'NEW_VALUE', NULL, NULL, NULL)
开发者_运维知识库

Just as an addition if anyone is still looking for an actual overwrite and not just an update. If you want to OVERWRITE always, (not update, just overwrite) you can use REPLACE instead of INSERT.

REPLACE works exactly like INSERT, except that if an old row in the table has the same value as a new row for a PRIMARY KEY or a UNIQUE index, the old row is deleted before the new row is inserted. See Section 13.2.5, “INSERT Syntax”

http://dev.mysql.com/doc/refman/5.5/en/replace.html

No your code is not correct. You are adding a new row to your table not updating existing values. To update existing values, you want to use an update statement:

Upate a specific record

mysql_query("Update login SET nameOfYourColumn = '$cleanURL' WHERE primaryKey = idOfRowToUpdate")

To update the entire table

mysql_query("Update login SET nameOfYourColumn = '$cleanURL'")

If I've understood your question then the answer is "no". This isn't a mysql specific issue either, it's a generic SQL question. I'd strongly recommend going through an SQL tutorial, the best one I know if is here:

http://philip.greenspun.com/sql/

To answer your question, you should be able to do:

mysql_query("UPDATE login SET foo = '$cleanurl'");

where "foo" is the name of the tenth field.

A few other comments though:

Firstly, don't rely on the position of your fields, always explicitly list the field names. For example, it's better to go

INSERT INTO login (id, name) VALUES (1, 'Fred') 

instead of

INSERT INTO login VALUES (1, 'Fred') 

Point 2: You have directly embedded the value of $cleanurl into your query. Of course, you have to learn one thing at a time but be aware that this is very dangerous. If $cleanurl contains something like "'); DROP TABLE login;" then you might be in trouble. This is called SQL injection and is the source of constant security problems. Without going into too much detail, you should learn how to use prepared statements.

Point 3: PHP comes with a library called PDO which supports prepared statements. It also provides a common API for interacting with your database so if you find that you need to move from Mysql to another DBMS, PDO will abstract away most of the differences. By using the mysql_query function you lock yourself into using mysql.

You don't have to address all of these issues simultaneously but don't forget about them either, once you get familiar with PHP and SQL come back to the points about PDO and prepared statements.

First off: INSERT adds a new record to a table, UPDATE updates (overwrites) one or more existing records.

Second: UPDATE needs to know the name of the column to update, and which rows to update

UPDATE <tableName>
   SET <columnName> = '$cleanurl'
 WHERE <some condition to identify which record should be updated>

Thirdly: it's probably worth your while reading a few basic tutorials on MySQL/SQL