MarkT Posted July 24, 2014 Share Posted July 24, 2014 Hi All, Unfortunately, My update query isn't working for a new CMS I'm creating. mysqli_query($con2,"UPDATE system SET sys_alert='{$alert}'"); Is the query, but I think it's getting confused with the table name being called system Would anyone be able to help? It's surrounded by an IF statement, which I know is functional as it is emailing me with the new alert variable (shown in query), and the old alert. I appreciate any assistance you can provide. Thanks in advance Link to comment Share on other sites More sharing options...
niche Posted July 24, 2014 Share Posted July 24, 2014 I don't think you need the curly brackets. What's the error message say? http://www.w3schools.com/php/func_mysqli_error.asp Link to comment Share on other sites More sharing options...
MarkT Posted July 28, 2014 Author Share Posted July 28, 2014 I don't think you need the curly brackets. What's the error message say? http://www.w3schools.com/php/func_mysqli_error.asp To be honest, I have it working fine on our old management panel, but it's not working on the new one. I have no idea why. Link to comment Share on other sites More sharing options...
MarkT Posted July 28, 2014 Author Share Posted July 28, 2014 (edited) Fixed it, The query was being ended early by a ' in the input field. I solved it by using a STR replace $alert = $_POST['alert'];$new2 = str_replace("'", "'", $alert); Then using {$new2} as my variable, Edited July 28, 2014 by MarkT Link to comment Share on other sites More sharing options...
justsomeguy Posted July 28, 2014 Share Posted July 28, 2014 That is not the correct way to protect against SQL injection. Look into using prepared statements with MySQLi, and then you won't need to use things like str_replace. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now