Basic SQL Update query in PHP

Question

I am using a MVC framework and have a problem in a SQL query.

The user that publish a post on my website receives an email containing a confirmation URL :

mywebsite.com/confirm/f9b83b3bf994e5db3b06ya20eb306a24/

The routing is made correctly, but I would like to change the SQL "published" field to 1 (it is set to 0 by default)

So basically, everything is working except my UPDATE SQL query, it's probably something stupid but I am a beginner in this domain and I couldn't fix it after many tries.

    if(substr(ROUTE, 0, 8) == 'confirm/')
        {
            if(strlen($code = substr(ROUTE, 8, 32)) == 32)
            {
                if($row = db::fetch(db::query('SELECT `id` FROM `'.DB_PREFIX.'Posts` WHERE `published`=0 AND `confirm`="'.db::escape($code).'"'), 'row'))
                {

//This is the problematic line
                 db::query('UPDATE '.DB_PREFIX.'Posts SET published=1 WHERE published=0 AND confirm="'.db::escape($code).'"');

                }
            }

            header('Location: '.WEB.'publish_success.html');
        } 

Thank youf or your help :)

Edit : Problem fixed adding the WHERE clause !

Answer 1

Can you please try the below query. I don't know exactly whether it will work or not.

  db::query("UPDATE `".DB_PREFIX."Posts` SET `published`=1 WHERE `published`=0 AND `confirm`='".db::escape($code)."'");

Answer 2

There's no WHERE clause in your UPDATE command.

db::query('UPDATE `'.DB_PREFIX.'.Posts` SET `published`=1 WHERE id = ' . $row['id'] );