Reputation: 49
UPDATE table mySQL problem
I've got an payment provider, which helps me to pay by call. However after the payment I need to UPDATE the order's status. This doesn't work. The whole script is found below.
if ($m->payed) {
$order_result = mysql_query('UPDATE jos_vm_orders SET order_status="C" WHERE order_id="'.$_GET['id'].'"');
echo '<b>Bedankt voor je betaling</b><br />
De betaling is succesvol gelukt!';
}
else {
$GET_['id'] is sent with the url.
I really don't know the answer, because the UPDATE line does work when I use it in the beginning (before the payment).
And not only the update line doesn't work, everything after 'if payed' doesn't work.
Thanks in advanced!
Upvotes: 0
Views: 286
Answers (5)
Reputation: 110
Try Change This
UPDATE jos_vm_orders SET order_status="C" WHERE order_id="'.$_GET['id'].'"
To
$id=$_GET['id'];
"UPDATE jos_vm_orders SET order_status='C' WHERE order_id='$id'"
Be careful with quotes in query. Always Give Double quotes at starting and ending , prefer single quotes in the middle of query.
Avoid concatination in query and instead try including it like mentioned above
Upvotes: 0
Reputation: 49
The problem was eventually my server, I had 'display erros' on off. When I turned it on, the actually error lied with the session_start. When I opened the file on my server, I saw I saved it in the wrong format, this solved it!
Thanks for every answer.
Upvotes: 0
Reputation: 157981
You have to learn how to debug your code.
It's impossible to say what's the problem just by watching the code.
One have to run the code, get all possible error messages and check all important variables. that's the only way to find the problem.
So, to get possible error message you have to run your query the same way as previous one, by using mysql_error()
And also you must take care of the values going to the query.
So, make your code like this:
if ($m->payed) {
$id = intval($_GET['id']);
$sql = "UPDATE jos_vm_orders SET order_status='C' WHERE order_id=$id";
$res = mysql_query($sql);
if (!$res) {
trigger_error(mysql_error()." ".$sql);
echo '<br>Server Error<br>';
} elseif (!mysql_affected_rows($res)) {
trigger_error("No rows were updated! ".$sql);
echo '<br>Server Error<br>';
} else {
echo '<b>Bedankt voor je betaling</b><br />De betaling is succesvol gelukt!';
}
} else {
echo '<font color=red><b>Betaling is niet afgerond,<br />volg de onderstaande instructies!</b></font><br /><br />';
}
include('includes/include.paymentscreen.php');
}
Upvotes: 0
Reputation: 2298
Examine the query:
$order_result = mysql_query('UPDATE jos_vm_orders SET order_status="C"
WHERE order_id="'.$_GET['id'].'"');
It is my guess that the WHERE clause is failing. Call mysql_affected_rows() after the operation; it will return 0 if no rows were updated.
The problem could also be the query failing. Wrap the query in a block similar to the following:
if (!$order_result = mysql_query('UPDATE jos_vm_orders SET order_status="C"
WHERE order_id="'.$_GET['id'].'"')) {
// Handle the error here.
}
Also note, it is not good practice to ever use $_GET or $_POST data directly in an SQL query. Consider validating it, at least by doing this:
$_GET['id'] = (int) $_GET['id'];
if ($_GET['id'] === 0) {
// handle the error here
}
Upvotes: 1
Reputation: 94653
Please verify the value of $m->payed by adding var_dump() in your code.
var_dump($m);
if ($m->payed)
{
$sql="UPDATE jos_vm_orders SET order_status='C' WHERE order_id=$_GET[id]";
$order_result = mysql_query($sql);
echo '<b>Bedankt voor je betaling</b><br />
De betaling is succesvol gelukt!';
}
Upvotes: 0