Reputation: 7
php update accepts only numbers how to input text and numbers
Hi i use this php script to update some values in my database but it accepts only numbers when i put my email it says : Could not update data: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '@hotmail.com' at line 1
i want to update the values where by entering email and username
and increase the values because i have more than 5 values to update
any solution? :)
<html>
<head>
<title>Update a Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['update'])) {
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = 'root';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn ) {
die('Could not connect: ' . mysql_error());
}
$email = $_POST['email'];
$gold = $_POST['gold'];
$sql = "UPDATE userdata ". "SET gold = $gold ".
"WHERE email = $email" ;
mysql_select_db('chickenstories');
$retval = mysql_query( $sql, $conn );
if(! $retval ) {
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}else {
?>
<form method = "post" action = "<?php $_PHP_SELF ?>">
<table width = "400" border =" 0" cellspacing = "1"
cellpadding = "2">
<tr>
<td width = "100">Email : </td>
<td><input name = "email" type = "text"
id = "email"></td>
</tr>
<tr>
<td width = "100">Gold : </td>
<td><input name = "gold" type = "text"
id = "gold"></td>
</tr>
<tr>
<td width = "100"> </td>
<td> </td>
</tr>
<tr>
<td width = "100"> </td>
<td>
<input name = "update" type = "submit"
id = "update" value = "Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>
Upvotes: -1
Views: 653
Answers (2)
Reputation: 7
now it dont work again i have somewhere a syntax error on my query
Could not update data: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'email = '[email protected]' and username = 'TestName'' at line 1
<html>
<head>
<title>Update a Record in MySQL Database</title>
</head>
<body>
<?php
if(isset($_POST['update'])) {
$dbhost = 'localhost';
$dbuser = 'root';
$dbpass = 'root';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn ) {
die('Could not connect: ' . mysql_error());
}
$email = $_POST['email'];
$username = $_POST['username'];
$gold = $_POST['gold'];
$chickens = $_POST['chickens'];
$sql = "UPDATE userdata ". "SET gold = $gold, chickens = $chickens". "WHERE email = '$email' and username = '$username'" ;
mysql_select_db('chickenstories');
$retval = mysql_query( $sql, $conn );
if(! $retval ) {
die('Could not update data: ' . mysql_error());
}
echo "Updated data successfully\n";
mysql_close($conn);
}else {
?>
<form method = "post" action = "<?php $_PHP_SELF ?>">
<table width = "400" border =" 0" cellspacing = "1"
cellpadding = "2">
<tr>
<td width = "100">Email : </td>
<td><input name = "email" type = "text"
id = "email"></td>
</tr>
<tr>
<td width = "100">Username : </td>
<td><input name = "username" type = "text"
id = "username"></td>
</tr>
<tr>
<td width = "100">Gold : </td>
<td><input name = "gold" type = "text"
id = "gold"></td>
</tr>
<tr>
<td width = "100">Chickens : </td>
<td><input name = "chickens" type = "text"
id = "chickens"></td>
</tr>
<tr>
<td width = "100"> </td>
<td> </td>
</tr>
<tr>
<td width = "100"> </td>
<td>
<input name = "update" type = "submit"
id = "update" value = "Update">
</td>
</tr>
</table>
</form>
<?php
}
?>
</body>
</html>
Upvotes: -1
Reputation: 1351
The problem is you are not putting email as string, you are passing it without escaping it, update this line:
$sql = "UPDATE userdata ". "SET gold = $gold ". "WHERE email = $email" ;
to Be:
$sql = "UPDATE userdata ". "SET gold = $gold ". "WHERE email = '$email'" ;
I also recommend you to escape all variable before putting them in database, to avoid SQL injection.
Upvotes: 1
Related Questions
- php input form can only be numbers not words
- PHP text to number or int
- PHP MySQL not updating fields with values containing decimals
- Numeric value is not a number?
- Processing numeric input in php fails
- php mysql: UPDATE will only work WHERE data = integer
- PHP MySQL Update Statement Won't Accept Anything But Numeric Values
- MySQL database updates only using numbers
- Numeric input validation in PHP
- Only numbers get inserted in sql