 |
Account Login
|
 |
|
Latest Articles
|
|
|
IRC Channel
|
|
|
Associates
|
|
|
Associates
|
|
|
 |
|
|
|
02-09-2008, 12:08 AM
|
#1 (permalink)
|
|
The Prestige
Join Date: Dec 2007
Posts: 1,044
Thanks: 193
|
Updating users
I have made my own CMS, but if I try to update the users rows or edit the users rows, it would change every row in the column to what I put in!
Yet, I did the same procedure with making a news editing system and that turned out fine.
__________________
VillageIdiot can have my babbies ;d
|
|
|
|
|
02-09-2008, 12:41 AM
|
#2 (permalink)
|
|
The Frequenter
Join Date: Dec 2007
Location: Bucharest, Romania
Posts: 438
Thanks: 3
|
You forgot a WHERE clause in the UPDATE statement, I'm sure of that. Review the update query.
__________________
I have optimistic thoughts, even though sometimes (if not always) life's a bitch.
|
|
|
|
|
02-09-2008, 12:42 AM
|
#3 (permalink)
|
|
The Prestige
Join Date: Dec 2007
Posts: 1,044
Thanks: 193
|
Quote:
Originally Posted by xenon
You forgot a WHERE clause in the UPDATE statement, I'm sure of that. Review the update query.
|
I have, set on there.. but the news system does perfectly, I don't understand. :/
Update: nevermind, the news system is now doing it. -_- Why is this happening.. It didn't happen before. -_-
__________________
VillageIdiot can have my babbies ;d
|
|
|
|
|
02-09-2008, 12:43 AM
|
#4 (permalink)
|
|
The Frequenter
Join Date: Dec 2007
Location: Bucharest, Romania
Posts: 438
Thanks: 3
|
Perhaps you could paste the query in here?
__________________
I have optimistic thoughts, even though sometimes (if not always) life's a bitch.
|
|
|
|
|
02-09-2008, 12:45 AM
|
#5 (permalink)
|
|
The Prestige
Join Date: Dec 2007
Posts: 1,044
Thanks: 193
|
Quote:
Originally Posted by xenon
Perhaps you could paste the query in here?
|
PHP Code:
mysql_query("UPDATE `users` SET `username` = '". mysql_real_escape_string($username) . "', `password` = '". mysql_real_escape_string($password) ."', `email` = '". mysql_real_escape_string($email) ."', `access` = '". mysql_real_escape_string($access)."', `joindate` = '". mysql_real_escape_string($date)."' ") or die(mysql_error());
All those variabes are from the $_POST array.
__________________
VillageIdiot can have my babbies ;d
|
|
|
|
|
02-09-2008, 01:16 AM
|
#6 (permalink)
|
|
The Addict
Join Date: Jan 2008
Location: USA
Posts: 217
Thanks: 16
|
I see no where statement, so of course it'll set everything. You need to make it userid dependent.
__________________
Programmers are in a race with the Universe to create bigger and better idiot-proof programs, while the Universe is trying to create bigger and better idiots. So far the Universe is winning. - Rich Cook
|
|
|
|
|
02-09-2008, 01:20 AM
|
#7 (permalink)
|
|
The Prestige
Join Date: Dec 2007
Posts: 1,044
Thanks: 193
|
Quote:
Originally Posted by RobertK
I see no where statement, so of course it'll set everything. You need to make it userid dependent.
|
how? this way?
PHP Code:
WHERE `id` = '". $_GET['id'] ."'
?
__________________
VillageIdiot can have my babbies ;d
|
|
|
|
|
02-09-2008, 01:24 AM
|
#8 (permalink)
|
|
The Addict
Join Date: Jan 2008
Location: USA
Posts: 217
Thanks: 16
|
Yeah, pretty much. I'd also combine it with a:
__________________
Programmers are in a race with the Universe to create bigger and better idiot-proof programs, while the Universe is trying to create bigger and better idiots. So far the Universe is winning. - Rich Cook
|
|
|
|
|
The Following User Says Thank You to RobertK For This Useful Post:
|
|
|
02-09-2008, 01:28 AM
|
#9 (permalink)
|
|
The Prestige
Join Date: Dec 2007
Posts: 1,044
Thanks: 193
|
Quote:
Originally Posted by RobertK
Yeah, pretty much. I'd also combine it with a: |
Okay, I did that, but now they won't change. -_- Do I have to add the whole thing over again, except set is where? ???
__________________
VillageIdiot can have my babbies ;d
|
|
|
|
|
02-09-2008, 01:47 AM
|
#10 (permalink)
|
|
The Addict
Join Date: Jan 2008
Location: USA
Posts: 217
Thanks: 16
|
Can you show me your current query please? LIMIT is the absolute last statement you should include.
__________________
Programmers are in a race with the Universe to create bigger and better idiot-proof programs, while the Universe is trying to create bigger and better idiots. So far the Universe is winning. - Rich Cook
|
|
|
|
|
02-09-2008, 01:50 AM
|
#11 (permalink)
|
|
The Prestige
Join Date: Dec 2007
Posts: 1,044
Thanks: 193
|
Quote:
Originally Posted by RobertK
Yeah, pretty much. I'd also combine it with a: |
Quote:
Originally Posted by RobertK
Can you show me your current query please? LIMIT is the absolute last statement you should include.
|
PHP Code:
mysql_query("UPDATE `news` SET `title` = '". mysql_real_escape_string($title) . "', `poster` = '". mysql_real_escape_string($poster) ."', `tags` = '". mysql_real_escape_string($tags) ."', `msg` = '". mysql_real_escape_string($msg)."' WHERE `id` = '". $_GET['id']."');
__________________
VillageIdiot can have my babbies ;d
|
|
|
|
|
02-09-2008, 01:58 AM
|
#12 (permalink)
|
|
Moderateur
Join Date: Apr 2007
Posts: 1,393
Thanks: 5
|
It'll make things infinitely easier for you if your code is laid out nicely and easier to read. Also the clauses in the query should go UPDATE, SET, WHERE, LIMIT; in that order. The WHERE clause should catch only a single row (assuming you check against a primary key column) but just in case the LIMIT is there to make sure only one row is affected.
PHP Code:
mysql_query(sprintf("
UPDATE
users
SET
username = '%s',
password = '%s',
email = '%s',
access = '%s',
joindate = '%s',
WHERE
id = %d
LIMIT 1
;",
mysql_real_escape_string($username),
mysql_real_escape_string($password),
mysql_real_escape_string($email),
mysql_real_escape_string($access),
mysql_real_escape_string($date),
(int) $id
)) or die(mysql_error());
|
|
|
|
|
The Following User Says Thank You to Salathe For This Useful Post:
|
|
|
02-09-2008, 02:03 AM
|
#13 (permalink)
|
|
The Prestige
Join Date: Dec 2007
Posts: 1,044
Thanks: 193
|
Quote:
Originally Posted by Salathe
It'll make things infinitely easier for you if your code is laid out nicely and easier to read. Also the clauses in the query should go UPDATE, SET, WHERE, LIMIT; in that order. The WHERE clause should catch only a single row (assuming you check against a primary key column) but just in case the LIMIT is there to make sure only one row is affected.
PHP Code:
mysql_query(sprintf("
UPDATE
users
SET
username = '%s',
password = '%s',
email = '%s',
access = '%s',
joindate = '%s',
WHERE
id = %d
LIMIT 1
;",
mysql_real_escape_string($username),
mysql_real_escape_string($password),
mysql_real_escape_string($email),
mysql_real_escape_string($access),
mysql_real_escape_string($date),
(int) $id
)) or die(mysql_error());
|
I'm getting this:
Code:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE id = 2 LIMIT 1' at line 9
__________________
VillageIdiot can have my babbies ;d
|
|
|
|
|
02-09-2008, 02:50 AM
|
#14 (permalink)
|
|
The Prestige
Join Date: Dec 2007
Posts: 1,044
Thanks: 193
|
I guess, nobody can help me :[
__________________
VillageIdiot can have my babbies ;d
|
|
|
|
|
02-09-2008, 03:00 AM
|
#15 (permalink)
|
|
The Addict
Join Date: Nov 2007
Posts: 264
Thanks: 2
|
Take of the last ","
|
|
|
|
|
The Following User Says Thank You to TlcAndres For This Useful Post:
|
|
|
02-09-2008, 03:02 AM
|
#16 (permalink)
|
|
The Prestige
Join Date: Dec 2007
Posts: 1,044
Thanks: 193
|
Yes, I did that just a few minutes ago, but thanks for helping me anyway. :] And yes it's working successfully!
__________________
VillageIdiot can have my babbies ;d
|
|
|
|
|
Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
|
|
|
| Thread Tools |
Search this Thread |
|
|
|
| Display Modes |
 Hybrid Mode
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
Join the friendly bunch on IRC...
