Jump to content

MySQL query is not working


smus

Recommended Posts

The code is too long to paste here, but I've already found a place where the error might be, by taking away headers (header: location) and adding echo $_POST['send']. This is the file that process (update query) data from HTML form. The code was not completed and, as I suppose, taken from adding information (insert query) file, because there were these lines of code:

if ($_POST['password'] == $_POST['confirm_password']) 
{
[there is a code with processing information and mysql queries]
} 
else {    echo $_POST['send']."2";
               // header("Location: ".SITE_PATH."&result=3");
                exit;
         }

This testing echo was reflected after I commented header (location)

 

 

I've decided to delete the if clause, the code works, but the queries are still not sending.

 

I will attach the whole file here, if it helps to solve the issue.

Link to comment
Share on other sites

Unfortunately, you may need to rewrite a lot of your code.

 

You should never mix variables into your queries because, aside from the potential to throw errors, they also provide a mean of breaking into your database.

 

The mysql library is deprecated due to security vulnerabilities and no longer works in recent versions of PHP. If your server gets an upgrade at any point your whole program will stop working. There are two alternatives: mysqli and PDO. Personally, I prefer PDO.

 

Now before you jump into either of these, remember that you must not put variables into your SQL even when using these new libraries. So how do you put values into your query? Use prepared statements: http://www.w3schools.com/php/php_mysql_prepared_statements.asp

 

There's a better description of prepared statements in the PHP manual: http://php.net/manual/en/pdo.prepared-statements.php

 

strip_tags() and htmlspecialchars() are operations you should do when retrieving information from the database, not before storing them.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...